From 2714ac6be6881e7a49e59d6aa8c709700720e8e8 Mon Sep 17 00:00:00 2001 From: I-Al-Istannen Date: Wed, 30 Dec 2020 14:34:11 +0100 Subject: [PATCH] Send CSRF token to Shibboleth --- PFERD/ilias/authenticators.py | 3 +++ 1 file changed, 3 insertions(+) diff --git a/PFERD/ilias/authenticators.py b/PFERD/ilias/authenticators.py index e70f459..4b99dd8 100644 --- a/PFERD/ilias/authenticators.py +++ b/PFERD/ilias/authenticators.py @@ -74,6 +74,8 @@ class KitShibbolethAuthenticator(IliasAuthenticator): form = soup.find("form", {"class": "full content", "method": "post"}) action = form["action"] + csrf_token = form.find("input", {"name": "csrf_token"})["value"] + # Equivalent: Enter credentials in # https://idp.scc.kit.edu/idp/profile/SAML2/Redirect/SSO LOGGER.debug("Attempt to log in to Shibboleth using credentials") @@ -82,6 +84,7 @@ class KitShibbolethAuthenticator(IliasAuthenticator): "_eventId_proceed": "", "j_username": self._auth.username, "j_password": self._auth.password, + "csrf_token": csrf_token } soup = soupify(sess.post(url, data=data))