Always return authenticationDate, longTermAuthenticationRequestTokenUsed and isFromNewLogin attributes

As specified in the CAS response XML schema (see Appendix A). Fix #37 as returned attributes are now never empty.
2018-04-29 18:48:41 +02:00
parent 4123450e9f
commit ff8373ee6a
7 changed files with 42 additions and 8 deletions
--- a/cas_server/views.py
+++ b/cas_server/views.py
@ -1153,7 +1153,9 @@ class ValidateService(View):
                params = {
                    'username': self.ticket.username(),
                    'attributes': self.ticket.attributs_flat(),
-                    'proxies': proxies
+                    'proxies': proxies,
+                    'auth_date': self.ticket.user.last_login.replace(microsecond=0).isoformat(),
+                    'is_new_login': 'true' if self.ticket.renew else 'false'
                }
                # if pgtUrl is set, require https or localhost
                if self.pgt_url and (
@ -1415,7 +1417,10 @@ class SamlValidate(CsrfExemptView):
                'Recipient': self.target,
                'ResponseID': utils.gen_saml_id(),
                'username': self.ticket.username(),
-                'attributes': self.ticket.attributs_flat()
+                'attributes': self.ticket.attributs_flat(),
+                'auth_date': self.ticket.user.last_login.replace(microsecond=0).isoformat(),
+                'is_new_login': 'true' if self.ticket.renew else 'false'
+
            }
            logger.info(
                "SamlValidate: ticket %s validated for user %s on service %s." % (