Fix KIT shibboleth login

2026-04-12 23:45:05 +02:00 · 2024-11-05 16:36:04 +01:00 · 2024-11-05 16:36:04 +01:00 · ec80e7ba35
commit ec80e7ba35
parent 2b370fc069
2 changed files with 7 additions and 2 deletions
--- a/PFERD/crawl/http_crawler.py
+++ b/PFERD/crawl/http_crawler.py
@ -262,7 +262,12 @@ class HttpCrawler(Crawler):
                    connect=self._http_timeout,
                    sock_connect=self._http_timeout,
                    sock_read=self._http_timeout,
-                )
+                ),
+                # See https://github.com/aio-libs/aiohttp/issues/6626
+                # Without this aiohttp will mangle the redirect header from Shibboleth, invalidating the
+                # passed signature. Shibboleth will not accept the broken signature and authentication will
+                # fail.
+                requote_redirect_url=False
        ) as session:
            self.session = session
            try:
--- a/PFERD/crawl/ilias/shibboleth_login.py
+++ b/PFERD/crawl/ilias/shibboleth_login.py
@ -61,7 +61,7 @@ class ShibbolethLogin:
                "j_password": password,
            }
            if crsf_token_input := form.find("input", {"name": "csrf_token"}):
-                data["crsf_token"] = crsf_token_input["value"]
+                data["csrf_token"] = crsf_token_input["value"]
            soup = await _post(sess, url, data)

            if soup.find(id="attributeRelease"):