search

jbittel / django-mama-cas

A Django Central Authentication Service (CAS) single sign-on server
BSD 3-Clause "New" or "Revised" License
395 stars 112 forks source link

Single logout should raise on request failure #82

Open beheh opened 5 years ago

beheh commented 5 years ago

Right now, a network failure during remote logout (as part of SLO) will be silently ignored by mama_cas. It seems crucial that a logout failure is raised or at least returned so that the user can take appropriate action, like retry or refuse to logout.

Specifically, ServiceTicket.request_sign_out will blindly session.post without looking at the response.

https://github.com/jbittel/django-mama-cas/blob/03935d97442b46d8127ab9e1cd8deb96953fe156/mama_cas/models.py#L248-L257

This should probably raise on at least some very severe network errors, like timeouts or internal server errors.

I'm not sure how this plays with the requests-futures support, but it seems like mama_cas should at least expose a way to do this if you really want to.

zxbzxb180 commented 5 years ago

Excuse me, why does my request_sign_out not execute?