Skip to main content
Version: 4.1.x

CAS Python应用集成

CAS客户端配置

本文使用Python程序为例

前置条件

Python以其简洁的语法、易读性和可扩展性而闻名。支持多种编程 范式,包含了用于网络编程、数据库交互、文本处理、数学计算等多个方面的功能。

安装以下版本

Python 3.10.9

引入依赖包

包依赖如下

pip install flask
pip install python-cas

运行程序

set FLASK_ENV=development
set FLASK_APP=python_cas_demo.py
flask run --host 0.0.0.0

Python源代码

from flask import Flask, request, session, redirect, url_for
from cas import CASClient

app = Flask(__name__)
app.secret_key = 'V7nlCN90LPHOTA9PGGyf'

cas_client = CASClient(
version=3,
service_url='http://localhost:5000/cas/login?next=%2Fcas%2Fprofile',
server_url='http://sso.maxkey.top/sign/authz/cas/'
)


@app.route('/cas/')
def index():
body = """<!DOCTYPE html>
<html>
<head>
<title>Python CAS Demo</title>
<meta name="viewport" content="width=device-width, height=device-height, initial-scale=1.0, minimum-scale=1.0">
</head>
<body>
<h1>Welcome to python-cas Flask MaxKey Demo</h1>
<p><a href="/cas/login">点击MaxKey登录[CAS]</a></p>
</body>
</html>
"""
return body


@app.route('/cas/profile')
def profile(method=['GET']):
if 'username' in session:
return '欢迎 %s. <a href="/cas/logout">Logout</a>' % session['username']
return 'Login required. <a href="/cas/login">退出登录</a>', 403


@app.route('/cas/login')
def login():
if 'username' in session:
# Already logged in
return redirect(url_for('profile'))

next = request.args.get('next')
ticket = request.args.get('ticket')
print("ticket: ", ticket)
if not ticket:
# No ticket, the request come from end user, send to CAS login
cas_login_url = cas_client.get_login_url()
app.logger.info('CAS login URL: %s', cas_login_url)
print('CAS login URL: %s', cas_login_url)
return redirect(cas_login_url)

# There is a ticket, the request come from CAS as callback.
# need call `verify_ticket()` to validate ticket and get user profile.
app.logger.debug('ticket: %s', ticket)
app.logger.debug('next: %s', next)
print('ticket: %s', ticket)
print('next: %s', next)

user, attributes, pgtiou = cas_client.verify_ticket(ticket)

app.logger.debug(
'CAS verify ticket response: user: %s, attributes: %s, pgtiou: %s', user, attributes, pgtiou)
print(
'CAS verify ticket response: user: %s, attributes: %s, pgtiou: %s', user, attributes, pgtiou)

if not user:
return 'Failed to verify ticket. <a href="/cas/login">Login</a>'
else: # Login successfully, redirect according `next` query parameter.
session['username'] = user
return redirect(next)


@app.route('/cas/logout')
def logout():
redirect_url = url_for('logout_callback', _external=True)
cas_logout_url = cas_client.get_logout_url(redirect_url)
app.logger.debug('CAS logout URL: %s', cas_logout_url)
print('CAS logout URL: %s', cas_logout_url)

return redirect(cas_logout_url)


@app.route('/cas/logout_callback')
def logout_callback():
# redirect from CAS logout request after CAS logout successfully
session.pop('username', None)
return 'Logged out from CAS. <a href="/cas/login">Login</a>'

@app.route('/cas/ping')
def ping():
return 'pong'