Merge pull request #48 from cordmata/develop

Allow Forcing Service URL over HTTPS

Author: dstegelman

.travis.yml

@@ -9,6 +9,7 @@ env:
   - DJANGO_VERSION=Django==1.5
   - DJANGO_VERSION=Django==1.6
   - DJANGO_VERSION=Django==1.7
+  - DJANGO_VERSION=Django==1.8
 
 # command to install dependencies
 install:

README.md

@@ -15,8 +15,8 @@ This is [K-State's fork](https://github.com/kstateome/django-cas) of [the or
 This project is registered on PyPi as django-cas-client.  To install::
 
     pip install django-cas-client==1.1.2
-    
-    
+
+
 ### Add to URLs
 
 Add the login and logout patterns to your main URLS conf.
@@ -34,9 +34,9 @@ Set your CAS server URL
 Add cas to middleware classes
 
     'cas.middleware.CASMiddleware',
-    
 
-### Add authentication backends 
+
+### Add authentication backends
 
     AUTHENTICATION_BACKENDS = (
         'django.contrib.auth.backends.ModelBackend',
@@ -138,6 +138,9 @@ Then, add the ``gateway`` decorator to a view:
 To show a custom forbidden page, set ``CAS_CUSTOM_FORBIDDEN`` to a ``path.to.some_view``.  Otherwise,
 a generic ``HttpResponseForbidden`` will be returned.
 
+## Require SSL login
+
+To force the service url to always target HTTPS, set ``CAS_FORCE_SSL_SERVICE_URL`` to ``True``.
 
 ## Proxy Tickets
 
@@ -146,4 +149,4 @@ This fork also includes
 
 You can opt out of the time delay sometimes caused by proxy ticket validation by setting:
 
-    CAS_PGT_FETCH_WAIT = False
+    CAS_PGT_FETCH_WAIT = False

cas/__init__.py

@@ -18,6 +18,7 @@
     'CAS_RESPONSE_CALLBACKS': None,
     'CAS_CUSTOM_FORBIDDEN': None,
     'CAS_PGT_FETCH_WAIT': True,
+    'CAS_FORCE_SSL_SERVICE_URL': False,
 }
 
 for key, value in _DEFAULTS.items():

cas/tests/test_views.py

@@ -1,4 +1,5 @@
 from django.test import TestCase, RequestFactory
+from django.test.utils import override_settings
 
 from cas.views import _redirect_url, _login_url, _logout_url, _service_url
 
@@ -24,6 +25,10 @@ def setUp(self):
     def test_service_url(self):
         self.assertEqual(_service_url(self.request), 'http://signin.k-state.edu/')
 
+    @override_settings(CAS_FORCE_SSL_SERVICE_URL=True)
+    def test_service_url_forced_ssl(self):
+        self.assertEqual(_service_url(self.request), 'https://signin.k-state.edu/')
+
     def test_redirect_url(self):
         self.assertEqual(_redirect_url(self.request), '/')
 
@@ -38,4 +43,4 @@ def test_login_url(self):
                          'http://signin.cas.com/login?service=http%3A%2F%2Flocalhost%3A8000%2Faccounts%2Flogin%2F')
 
     def test_logout_url(self):
-        self.assertEqual(_logout_url(self.request), 'http://signin.cas.com/logout')
+        self.assertEqual(_logout_url(self.request), 'http://signin.cas.com/logout')

cas/views.py

@@ -35,7 +35,10 @@ def _service_url(request, redirect_to=None, gateway=False):
 
     """
 
-    protocol = ('http://', 'https://')[request.is_secure()]
+    if settings.CAS_FORCE_SSL_SERVICE_URL:
+        protocol = 'https://'
+    else:
+        protocol = ('http://', 'https://')[request.is_secure()]
     host = request.get_host()
     service = protocol + host + request.path
     if redirect_to:

requirements-dev.txt

@@ -1 +1 @@
-factory_boy
+factory_boy

run_tests.py

@@ -47,8 +47,13 @@
 except AttributeError:
     pass
 
-from django.test.simple import DjangoTestSuiteRunner
-test_runner = DjangoTestSuiteRunner(verbosity=1)
+try:
+    from django.test.simple import DjangoTestSuiteRunner
+    test_runner = DjangoTestSuiteRunner(verbosity=1)
+except ImportError:
+    from django.test.utils import get_runner
+    TestRunner = get_runner(settings)
+    test_runner = TestRunner()
 failures = test_runner.run_tests(['cas', ])
 if failures:
-    sys.exit(failures)
+    sys.exit(failures)