From ec80e7ba35d6e4b1887e41ebf38b31c70b136727 Mon Sep 17 00:00:00 2001
From: I-Al-Istannen <i-al-istannen@users.noreply.github.com>
Date: Tue, 5 Nov 2024 16:36:04 +0100
Subject: [PATCH] Fix KIT shibboleth login

---
 PFERD/crawl/http_crawler.py           | 7 ++++++-
 PFERD/crawl/ilias/shibboleth_login.py | 2 +-
 2 files changed, 7 insertions(+), 2 deletions(-)

diff --git a/PFERD/crawl/http_crawler.py b/PFERD/crawl/http_crawler.py
index fe8a360..2cc97e1 100644
--- a/PFERD/crawl/http_crawler.py
+++ b/PFERD/crawl/http_crawler.py
@@ -262,7 +262,12 @@ class HttpCrawler(Crawler):
                     connect=self._http_timeout,
                     sock_connect=self._http_timeout,
                     sock_read=self._http_timeout,
-                )
+                ),
+                # See https://github.com/aio-libs/aiohttp/issues/6626
+                # Without this aiohttp will mangle the redirect header from Shibboleth, invalidating the
+                # passed signature. Shibboleth will not accept the broken signature and authentication will
+                # fail.
+                requote_redirect_url=False
         ) as session:
             self.session = session
             try:
diff --git a/PFERD/crawl/ilias/shibboleth_login.py b/PFERD/crawl/ilias/shibboleth_login.py
index 28f23c2..fbced2b 100644
--- a/PFERD/crawl/ilias/shibboleth_login.py
+++ b/PFERD/crawl/ilias/shibboleth_login.py
@@ -61,7 +61,7 @@ class ShibbolethLogin:
                 "j_password": password,
             }
             if crsf_token_input := form.find("input", {"name": "csrf_token"}):
-                data["crsf_token"] = crsf_token_input["value"]
+                data["csrf_token"] = crsf_token_input["value"]
             soup = await _post(sess, url, data)
 
             if soup.find(id="attributeRelease"):