模仿 USTC CAS 的程序,用于开发校内网站应用的本地调试。

Related tags

Testingustc-cas-mock
Overview

ustc-cas-mock

模仿 USTC CAS 的程序,用于开发校内网站应用阶段调试。

请勿在生产环境部署!

只测试了最常用的三个 CAS route:

/login
/serviceValidate(验证 CAS ticket)
/logout

没有测试过 proxy ticket。(因为我用不到,我也不知道怎么改)

Why?

USTCCAS 比较特别的一点是,用户可以用不同的用户名登录:GID 可以,学号也可以,并且学号可以是自入学以来所有的学号。在开发时,很多同学都不会注意这件事情,这会导致一个人可以用多个不同的「身份」登录系统(并且在科大呆的时间越长,身份的数量就越多),往往是非预期的。

第二点特别的是,CAS 系统限制仅允许 ustc.edu.cn 域名的 service 使用,于是在本地开发的时候就特别难受,虽然可以用……「某些方式」绕过去,但是如果你真的拿到了一个学校域名,上线前又要大改配置,不太好受。

这个仓库代码使用了一个魔改版的 django-mama-cas,因为默认的 callback 没法方便插入特定的逻辑。

关于返回的属性

本仓库的逻辑是返回 CAS 能够返回的所有的信息,但是实际上,USTCCAS 在未申请权限的情况下只会返回最基本的信息:GID 和登录用的用户名,这一点需要特别注意。

此外,在 attributes 的处理上,USTCCAS 和 CAS 3.0 标准不完全一致:

USTCCAS 类似于下面这样:

<cas:serviceResponse xmlns:cas="http://www.yale.edu/tp/cas">
<cas:authenticationSuccess>
<cas:user>登录用户名</cas:user>
<attributes>
<cas:gid>1234567</cas:gid>
</attributes>
</cas:authenticationSuccess>
</cas:serviceResponse>

而 CAS 3.0 类似于:

<cas:serviceResponse xmlns:cas="http://www.yale.edu/tp/cas">
    <cas:authenticationSuccess>
        <cas:user>登录用户名</cas:user>
        <cas:attributes>
            <cas:gid>1234567</cas:gid>
        </cas:attributes>
    </cas:authenticationSuccess>
</cas:serviceResponse>

USTCCAS 的 attributes 是 attributes 而不是 cas:attributes

此外:

  • 有一些属性我也没有完全搞清楚,比如说 xbm 我就不知道是啥,反正这个值好像正常情况下应该返回 1。
  • 关于人员在校状态码和人员分类码的信息,如果不适合公开,请联系我,我会立刻处理。

使用

首先配置虚拟环境,安装依赖,然后:

$ python manage.py migrate
$ python manage.py createsuperuser

然后可以使用创建的 superuser 登录 /admin 进行配置。需要注意,在添加用户后,还需要编辑用户,添加学号信息(学号值和顺序)。

当然,如果懒得配置,也可以在 cas 目录里直接:

$ curl -L https://github.com/taoky/ustc-cas-mock/releases/download/v0.1/test.sql | sqlite3 db.sqlite3

superuser 的 username/password 为 test/test。请注意在修改密码前确保服务仅本地可访问。

You might also like...
Comments
Releases(v0.1)
Owner
taoky
I compute, therefore I am.
taoky
Screenplay pattern base for Python automated UI test suites.

ScreenPy TITLE CARD: "ScreenPy" TITLE DISAPPEARS.

Perry Goy 39 Nov 15, 2022
XSSearch - A comprehensive reflected XSS tool built on selenium framework in python

XSSearch A Comprehensive Reflected XSS Scanner XSSearch is a comprehensive refle

Sathyaprakash Sahoo 49 Oct 18, 2022
A folder automation made using Watch-dog, it only works in linux for now but I assume, it will be adaptable to mac and PC as well

folder-automation A folder automation made using Watch-dog, it only works in linux for now but I assume, it will be adaptable to mac and PC as well Th

Parag Jyoti Paul 31 May 28, 2021
Generic automation framework for acceptance testing and RPA

Robot Framework Introduction Installation Example Usage Documentation Support and contact Contributing License Introduction Robot Framework is a gener

Robot Framework 7.7k Jan 07, 2023
Multi-asset backtesting framework. An intuitive API lets analysts try out their strategies right away

Multi-asset backtesting framework. An intuitive API lets analysts try out their strategies right away. Fast execution of profit-take/loss-cut orders is built-in. Seamless with Pandas.

Epymetheus 39 Jan 06, 2023
Mixer -- Is a fixtures replacement. Supported Django, Flask, SqlAlchemy and custom python objects.

The Mixer is a helper to generate instances of Django or SQLAlchemy models. It's useful for testing and fixture replacement. Fast and convenient test-

Kirill Klenov 871 Dec 25, 2022
A Simple Unit Test Matcher Library for Python 3

pychoir - Python Test Matchers for humans Super duper low cognitive overhead matching for Python developers reading or writing tests. Implemented in p

Antti Kajander 15 Sep 14, 2022
A grab-bag of nifty pytest plugins

A goody-bag of nifty plugins for pytest OS Build Coverage Plugin Description Supported OS pytest-server-fixtures Extensible server-running framework w

Man Group 492 Jan 03, 2023
Data-Driven Tests for Python Unittest

DDT (Data-Driven Tests) allows you to multiply one test case by running it with different test data, and make it appear as multiple test cases. Instal

424 Nov 28, 2022
Python Webscraping using Selenium

Web Scraping with Python and Selenium The code shows how to do web scraping using Python and Selenium. We use as data the https://sbot.org.br/localize

Luís Miguel Massih Pereira 1 Dec 01, 2021
hCaptcha solver and bypasser for Python Selenium. Simple website to try to solve hCaptcha.

hCaptcha solver for Python Selenium. Many thanks to engageub for his hCaptcha solver userscript. This script is solely intended for the use of educati

Maxime Dréan 59 Dec 25, 2022
Show coverage stats online via coveralls.io

Coveralls for Python Test Status: Version Info: Compatibility: Misc: coveralls.io is a service for publishing your coverage stats online. This package

Kevin James 499 Dec 28, 2022
Pynguin, The PYthoN General UnIt Test geNerator is a test-generation tool for Python

Pynguin, the PYthoN General UnIt test geNerator, is a tool that allows developers to generate unit tests automatically.

Chair of Software Engineering II, Uni Passau 997 Jan 06, 2023
0hh1 solver for the web (selenium) and also for mobile (adb)

0hh1 - Solver Aims to solve the '0hh1 puzzle' for all the sizes (4x4, 6x6, 8x8, 10x10 12x12). for both the web version (using selenium) and on android

Adwaith Rajesh 1 Nov 05, 2021
Connexion-faker - Auto-generate mocks from your Connexion API using OpenAPI

Connexion Faker Get Started Install With poetry: poetry add connexion-faker # a

Erle Carrara 6 Dec 19, 2022
API Rest testing FastAPI + SQLAchmey + Docker

Transactions API Rest Implement and design a simple REST API Description We need to a simple API that allow us to register users' transactions and hav

TxeMac 2 Jun 30, 2022
pytest plugin for testing mypy types, stubs, and plugins

pytest plugin for testing mypy types, stubs, and plugins Installation This package is available on PyPI pip install pytest-mypy-plugins and conda-forg

TypedDjango 74 Dec 31, 2022
An interactive TLS-capable intercepting HTTP proxy for penetration testers and software developers.

mitmproxy mitmproxy is an interactive, SSL/TLS-capable intercepting proxy with a console interface for HTTP/1, HTTP/2, and WebSockets. mitmdump is the

mitmproxy 29.7k Jan 02, 2023
Let your Python tests travel through time

FreezeGun: Let your Python tests travel through time FreezeGun is a library that allows your Python tests to travel through time by mocking the dateti

Steve Pulec 3.5k Dec 29, 2022
Based on the selenium automatic test framework of python, the program crawls the score information of the educational administration system of a unive

whpu_spider 该程序基于python的selenium自动化测试框架,对某高校的教务系统的成绩信息实时爬取,在检测到成绩更新之后,会通过电子邮件的方式,将更新的成绩以文本的方式发送给用户,可以使得用户在不必手动登录教务系统网站时,实时获取成绩更新的信息。 该程序仅供学习交流,不可用于恶意攻

1 Dec 30, 2021