From ef68b02b2ecfdc0b5408c3381992264085ffba67 Mon Sep 17 00:00:00 2001
From: Valentin Samir <valentin.samir@crans.org>
Date: Sun, 12 Jan 2014 21:52:28 +0100
Subject: [PATCH] =?UTF-8?q?[wiki/auth/cas]=20Probl=C3=A8mes=20de=20redirec?=
 =?UTF-8?q?tion=20quand=20sur=20une=20page=20publique?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 wiki/auth/cas.py | 9 +++++----
 1 file changed, 5 insertions(+), 4 deletions(-)

diff --git a/wiki/auth/cas.py b/wiki/auth/cas.py
index 5ab2ec93..faed5139 100644
--- a/wiki/auth/cas.py
+++ b/wiki/auth/cas.py
@@ -129,9 +129,8 @@ class CASAuth(BaseAuth):
 
         # authenticated user
         if not force and user_obj and user_obj.valid:
-            if self.action == action:
+            if (action == self.action or (ticket and ticket.startswith('ST-'))) and user_obj.auth_method == self.name:
                 request.http_redirect(url)
-            return user_obj, True
 
         if self.ticket_path and request.method == 'POST':
             logoutRequest=request.form.get('logoutRequest', None)
@@ -144,7 +143,7 @@ class CASAuth(BaseAuth):
             return user_obj, True
 
         # valid ticket on CAS
-        if ticket:
+        if ticket and ticket.startswith('ST-'):
             valid, username = self.cas.validate_ticket(url, ticket)
             if valid:
                 sys.stderr.write("Authentifiaction de %s sur le CAS\n" % username)
@@ -179,6 +178,8 @@ class CASAuth(BaseAuth):
 
 
     def login_hint(self, request):
+        p = urlparse.urlparse(request.url)
+        url = urlparse.urlunparse(('https', p.netloc, p.path, "", "", ""))
         _ = request.getText
-        msg = _('<p><a href="?action=login_cas">Se connecter via le CAS</a> (vous devez disposer d\'un compte Cr@ns pour cela)</p>')
+        msg = _('<p><a href="%s">Se connecter via le CAS</a> (vous devez disposer d\'un compte Cr@ns pour cela)</p>' % self.cas.login_url(url))
         return msg