模仿 USTC CAS 的程序,用于开发校内网站应用的本地调试。

Related tags

Testingustc-cas-mock
Overview

ustc-cas-mock

模仿 USTC CAS 的程序,用于开发校内网站应用阶段调试。

请勿在生产环境部署!

只测试了最常用的三个 CAS route:

/login
/serviceValidate(验证 CAS ticket)
/logout

没有测试过 proxy ticket。(因为我用不到,我也不知道怎么改)

Why?

USTCCAS 比较特别的一点是,用户可以用不同的用户名登录:GID 可以,学号也可以,并且学号可以是自入学以来所有的学号。在开发时,很多同学都不会注意这件事情,这会导致一个人可以用多个不同的「身份」登录系统(并且在科大呆的时间越长,身份的数量就越多),往往是非预期的。

第二点特别的是,CAS 系统限制仅允许 ustc.edu.cn 域名的 service 使用,于是在本地开发的时候就特别难受,虽然可以用……「某些方式」绕过去,但是如果你真的拿到了一个学校域名,上线前又要大改配置,不太好受。

这个仓库代码使用了一个魔改版的 django-mama-cas,因为默认的 callback 没法方便插入特定的逻辑。

关于返回的属性

本仓库的逻辑是返回 CAS 能够返回的所有的信息,但是实际上,USTCCAS 在未申请权限的情况下只会返回最基本的信息:GID 和登录用的用户名,这一点需要特别注意。

此外,在 attributes 的处理上,USTCCAS 和 CAS 3.0 标准不完全一致:

USTCCAS 类似于下面这样:

<cas:serviceResponse xmlns:cas="http://www.yale.edu/tp/cas">
<cas:authenticationSuccess>
<cas:user>登录用户名</cas:user>
<attributes>
<cas:gid>1234567</cas:gid>
</attributes>
</cas:authenticationSuccess>
</cas:serviceResponse>

而 CAS 3.0 类似于:

<cas:serviceResponse xmlns:cas="http://www.yale.edu/tp/cas">
    <cas:authenticationSuccess>
        <cas:user>登录用户名</cas:user>
        <cas:attributes>
            <cas:gid>1234567</cas:gid>
        </cas:attributes>
    </cas:authenticationSuccess>
</cas:serviceResponse>

USTCCAS 的 attributes 是 attributes 而不是 cas:attributes

此外:

  • 有一些属性我也没有完全搞清楚,比如说 xbm 我就不知道是啥,反正这个值好像正常情况下应该返回 1。
  • 关于人员在校状态码和人员分类码的信息,如果不适合公开,请联系我,我会立刻处理。

使用

首先配置虚拟环境,安装依赖,然后:

$ python manage.py migrate
$ python manage.py createsuperuser

然后可以使用创建的 superuser 登录 /admin 进行配置。需要注意,在添加用户后,还需要编辑用户,添加学号信息(学号值和顺序)。

当然,如果懒得配置,也可以在 cas 目录里直接:

$ curl -L https://github.com/taoky/ustc-cas-mock/releases/download/v0.1/test.sql | sqlite3 db.sqlite3

superuser 的 username/password 为 test/test。请注意在修改密码前确保服务仅本地可访问。

You might also like...
Comments
Releases(v0.1)
Owner
taoky
I compute, therefore I am.
taoky
GitHub Repository
Generates realistic traffic for load testing tile servers

Generates realistic traffic for load testing tile servers. Useful for: Measuring throughput, latency and concurrency of your tile serving stack. Ident

Brandon Liu 23 Dec 05, 2022
An advanced multi-threaded, multi-client python reverse shell for hacking linux systems. There's still more work to do so feel free to help out with the development. Disclaimer: This reverse shell should only be used in the lawful, remote administration of authorized systems. Accessing a computer network without authorization or permission is illegal.

PwnLnX An advanced multi-threaded, multi-client python reverse shell for hacking linux systems. There's still more work to do so feel free to help out

Specter Traww 212 Dec 24, 2022
Network automation lab using nornir, scrapli, and containerlab with Arista EOS

nornir-scrapli-eos-lab Network automation lab using nornir, scrapli, and containerlab with Arista EOS. Objectives Deploy base configs to 4xArista devi

Vireak Ouk 13 Jul 07, 2022
Bayesian A/B testing

bayesian_testing is a small package for a quick evaluation of A/B (or A/B/C/...) tests using Bayesian approach.

Matus Baniar 35 Dec 15, 2022
Python Testing Crawler 🐍 🩺 🕷️ A crawler for automated functional testing of a web application

Python Testing Crawler 🐍 🩺 🕷️ A crawler for automated functional testing of a web application Crawling a server-side-rendered web application is a

70 Aug 07, 2022
This package is a python library with tools for the Molecular Simulation - Software Gromos.

This package is a python library with tools for the Molecular Simulation - Software Gromos. It allows you to easily set up, manage and analyze simulations in python.

14 Sep 28, 2022
Given some test cases, this program automatically queries the oracle and tests your Cshanty compiler!

The Diviner A complement to The Oracle for compilers class. Given some test cases, this program automatically queries the oracle and tests your compil

Grant Holmes 2 Jan 29, 2022
pytest plugin that let you automate actions and assertions with test metrics reporting executing plain YAML files

pytest-play pytest-play is a codeless, generic, pluggable and extensible automation tool, not necessarily test automation only, based on the fantastic

pytest-dev 67 Dec 01, 2022
🐍 Material for PyData Global 2021 Presentation: Effective Testing for Machine Learning Projects

Effective Testing for Machine Learning Projects Code for PyData Global 2021 Presentation by @edublancas. Slides available here. The project is develop

Eduardo Blancas 73 Nov 06, 2022
tidevice can be used to communicate with iPhone device

tidevice can be used to communicate with iPhone device

Alibaba 1.8k Jan 08, 2023
pytest plugin for manipulating test data directories and files

pytest-datadir pytest plugin for manipulating test data directories and files. Usage pytest-datadir will look up for a directory with the name of your

Gabriel Reis 191 Dec 21, 2022
Youtube Tool using selenium Python

YT-AutoLikeComment-AutoReportComment-AutoComment Youtube Tool using selenium Python Auto Comment Auto Like Comment Auto Report Comment Usage: 1. Insta

Rahul Joshua Damanik 1 Dec 13, 2021
HTTP load generator, ApacheBench (ab) replacement, formerly known as rakyll/boom

hey is a tiny program that sends some load to a web application. hey was originally called boom and was influenced from Tarek Ziade's tool at tarekzia

Jaana Dogan 14.9k Jan 07, 2023
A python bot using the Selenium library to auto-buy specified sneakers on the nike.com website.

Sneaker-Bot-UK A python bot using the Selenium library to auto-buy specified sneakers on the nike.com website. This bot is still in development and is

Daniel Hinds 4 Dec 14, 2022
Checks for a 200 response from your subdomain list.

Check for available subdomains Written in Python, this terminal based application looks for a 200 response from the subdomain list you've provided. En

Sean 1 Nov 03, 2021
Akulaku Create NewProduct Automation using Selenium Python

Akulaku-Create-NewProduct-Automation Akulaku Create NewProduct Automation using Selenium Python Usage: 1. Install Python 3.9 2. Open CMD on Bot Folde

Rahul Joshua Damanik 1 Nov 22, 2021
Fills out the container extension form automatically. (Specific to IIT Ropar)

automated_container_extension Fills out the container extension form automatically. (Specific to IIT Ropar) Download the chrome driver from the websit

Abhishek Singh Sambyal 1 Dec 24, 2021
Minimal example of getting Django + PyTest running on GitHub Actions

Minimal Django + Pytest + GitHub Actions example This minimal example shows you how you can runs pytest on your Django app on every commit using GitHu

Matt Segal 5 Sep 19, 2022
Mypy static type checker plugin for Pytest

pytest-mypy Mypy static type checker plugin for pytest Features Runs the mypy static type checker on your source files as part of your pytest test run

Dan Bader 218 Jan 03, 2023
Redis fixtures and fixture factories for Pytest.

Redis fixtures and fixture factories for Pytest.This is a pytest plugin, that enables you to test your code that relies on a running Redis database. It allows you to specify additional fixtures for R

Clearcode 86 Dec 23, 2022