Garmelon/PFERD
1
0
Fork 0
mirror of https://github.com/Garmelon/PFERD.git synced 2026-04-12 23:45:05 +02:00
Code Issues Projects Releases Packages Wiki Activity Actions

checked and formatted

Browse source
This commit is contained in:
NIKL45 2025-10-24 21:59:51 +02:00
parent afbfea6ba5
commit 2509711d62
1 changed files with 8 additions and 12 deletions
Download patch file Download diff file Expand all files Collapse all files

20
PFERD/crawl/ilias/simplesaml_login.py
View file

@ -14,7 +14,7 @@ class SimpleSAMLLogin:
""" """
Login via a SimpleSAML system. Login via a SimpleSAML system.
It performs a basic authentication by following the login redirect It performs a basic authentication by following the login redirect
and posting credentials to the indicated form. It also supports TFA similar to Shibboleth. and posting credentials to the indicated form. It also supports TFA similar to Shibboleth.
""" """
@ -36,7 +36,7 @@ class SimpleSAMLLogin:
saml_url = response.url saml_url = response.url
# If the redirect stayed on the ILIAS host, assume we're already logged in # If the redirect stayed on the ILIAS host, assume we're already logged in
if str(saml_url).startswith(self._ilias_url): if str(saml_url).startswith(self._ilias_url):
log.explain("ILIAS recognized our simple-saml token and logged us in in the background, returning") log.explain("ILIAS recognized our SAML token and logged us in in the background, returning")
return return
soup: BeautifulSoup = soupify(await response.read()) soup: BeautifulSoup = soupify(await response.read())
@ -45,10 +45,8 @@ class SimpleSAMLLogin:
while not self._login_successful(soup): while not self._login_successful(soup):
form = cast(Tag, soup.find("form", {"method": "post"})) form = cast(Tag, soup.find("form", {"method": "post"}))
action = cast(str, form["action"]) action = cast(str, form["action"])
if action.startswith("https"): # FAU uses full URL here # dynamically determine full URL from action (FAU uses full URL here, KIT uses relative URL)
url = action url = action if action.startswith("https") else str(saml_url.origin()) + action
else:
url = str(saml_url.origin()) + action #KIT uses relative URL here
username, password = await self._auth.credentials() username, password = await self._auth.credentials()
data = { data = {
@ -63,7 +61,7 @@ class SimpleSAMLLogin:
# Detect attribute release prompt # Detect attribute release prompt
if soup.find(id="attributeRelease"): if soup.find(id="attributeRelease"):
raise CrawlError( raise CrawlError(
"ILIAS SimpleSAML entitlements changed! Please log in once in your browser and review them" "ILIAS SAML entitlements changed! Please log in once in your browser and review them"
) )
if self._tfa_required(soup): if self._tfa_required(soup):
@ -95,12 +93,10 @@ class SimpleSAMLLogin:
# credentials rather than after asking. # credentials rather than after asking.
form = cast(Tag, soup.find("form", {"method": "post"})) form = cast(Tag, soup.find("form", {"method": "post"}))
action = cast(str, form["action"]) action = cast(str, form["action"])
# dynamically determine full URL from action (FAU uses full URL here, KIT uses relative URL)
url = action if action.startswith("https") else str(saml_url.origin()) + action
if action.startswith("https"): # FAU uses full URL here data = { # for www.sso.uni-erlangen.de/simplesaml/module.php/mfa/otp?...
url = action
else:
url = str(saml_url.origin()) + action #KIT uses relative URL here
data = { # for www.sso.uni-erlangen.de/simplesaml/module.php/mfa/otp?...
"otp": tfa_token "otp": tfa_token
} }
if csrf_token_input := form.find("input", {"name": "csrf_token"}): if csrf_token_input := form.find("input", {"name": "csrf_token"}):