authpds 0.2.9 → 1.0.0

Sign up to get free protection for your applications and to get access to all the features.
data/README.rdoc CHANGED
@@ -1,10 +1,10 @@
1
- = Authpds
2
1
  {<img src="https://badge.fury.io/rb/authpds.png" alt="Gem Version" />}[http://badge.fury.io/rb/authpds]
3
2
  {<img src="https://api.travis-ci.org/scotdalton/authpds.png?branch=master" alt="Build Status" />}[https://travis-ci.org/scotdalton/authpds]
4
3
  {<img src="https://gemnasium.com/scotdalton/authpds.png" alt="Dependency Status" />}[https://gemnasium.com/scotdalton/authpds]
5
4
  {<img src="https://codeclimate.com/github/scotdalton/authpds.png" />}[https://codeclimate.com/github/scotdalton/authpds]
6
5
  {<img src="https://coveralls.io/repos/scotdalton/authpds/badge.png?branch=master" alt="Coverage Status" />}[https://coveralls.io/r/scotdalton/authpds]
7
6
 
7
+ = Authpds
8
8
  Libraries for authenticating via Ex Libris' Patron Directory Services (PDS) and provides hooks for making authorization decisions based on the user information provided by PDS. It leverages the authlogic gem and depends on a User-like model.
9
9
 
10
10
  == Basics
@@ -133,7 +133,7 @@ and further details about the module.
133
133
 
134
134
  == Hooks Available for Overriding
135
135
  :pds_record_identifier:: Allows for more complex logic in determining what should be used as the record identifier. Defaults to what was set in the pds_record_identifier config. Returns a Symbol.
136
- :valid_sso_session?:: If there is no PDS handle, can we redirect to PDS to establish a SSO session based on some other information? Returns a Boolean.
136
+ :attempt_sso?:: If there is no PDS handle, can we attempt to establish a PDS session based on some other information? Returns a Boolean.
137
137
  :additional_authorization:: Allows for additions to the authorization decision. Returns a Boolean.
138
138
  :additional_attributes:: Allows for additional attributes to be stored in the record. Returns a Hash.
139
139
  :expiration_date:: Indicates when the record information should be refreshed. Defaults to one week ago. Returns a Date or Time.
@@ -20,7 +20,7 @@ module Authpds
20
20
  #
21
21
  # == Hooks Available
22
22
  # :pds_record_identifier:: Allows for more complex logic in determining what should be used as the record identifier. Defaults to what was set in the pds_record_identifier config. Returns a Symbol.
23
- # :valid_sso_session?:: If there is no PDS handle, can we redirect to PDS to establish a SSO session based on some other information? Returns a Boolean.
23
+ # :attempt_sso:: If there is no PDS handle, can we attempt to establish a PDS session based on some other information? Returns a Boolean.
24
24
  # :additional_authorization:: Allows for additions to the authorization decision. Returns a Boolean.
25
25
  # :additional_attributes:: Allows for additional attributes to be stored in the record. Returns a Hash.
26
26
  # :expiration_date:: Indicates when the record information should be refreshed. Defaults to one week ago. Returns a Date or Time.
@@ -51,7 +51,6 @@ module Authpds
51
51
  include Authpds::Session::PdsHandle
52
52
  include Authpds::Session::PdsUser
53
53
  include Authpds::Session::Record
54
- include Authpds::Session::SessionId
55
54
  include Authpds::Session::UrlHandling
56
55
 
57
56
  def self.included(klass)
@@ -9,13 +9,15 @@ module Authpds
9
9
  def authenticate
10
10
  # Don't authenticate if the system is inaccessible.
11
11
  # If the application session id is nil, skip this check.
12
- return false if controller.cookies["#{calling_system}_inaccessible".to_sym] == session_id unless session_id.nil?
12
+ return false if controller.cookies["#{calling_system}_inaccessible".to_sym] == true
13
13
  # If PDS session already established, authenticate
14
14
  return true unless pds_user.nil?
15
- # Establish a PDS session if the user logged in via an alternative SSO mechanism and this isn't being called after login
16
- controller.redirect_to sso_url({
17
- :return_url => controller.request.url }) if valid_sso_session? unless controller.params["action"] =="validate" or controller.performed?
18
- # Otherwise, do not authenticate
15
+ # Try to establish a PDS session if the user logged in via an alternative
16
+ # SSO mechanism and this isn't being called after login
17
+ unless controller.params["action"] =="validate" or controller.performed?
18
+ controller.redirect_to sso_url({ :return_url => controller.request.url }) if attempt_sso?
19
+ end
20
+ # Definitely, do not authenticate if we got this far
19
21
  return false
20
22
  end
21
23
  protected :authenticate
@@ -6,8 +6,8 @@ module Authpds
6
6
  @pds_record_identifier ||= self.class.pds_record_identifier
7
7
  end
8
8
 
9
- # Hook to determine if we should set up an SSO session
10
- def valid_sso_session?
9
+ # Hook to determine if we should attempt to establish a PDS session
10
+ def attempt_sso?
11
11
  return false
12
12
  end
13
13
 
@@ -21,8 +21,10 @@ module Authpds
21
21
 
22
22
  # Mapping of PDS attributes
23
23
  def pds_attributes(value = nil)
24
- value.each_value { |pds_attr| pds_attr.gsub!("-", "_") } unless value.nil?
25
- rw_config(:pds_attributes, value, {:email => "email", :firstname => "name", :lastname => "name", :primary_institution => "institute" })
24
+ value.each_value { |pds_attr|
25
+ pds_attr.gsub!("-", "_") } unless value.nil?
26
+ rw_config(:pds_attributes, value, { email: "email", firstname: "name",
27
+ lastname: "name", primary_institution: "institute" })
26
28
  end
27
29
  alias_method :pds_attributes=, :pds_attributes
28
30
 
@@ -36,7 +38,7 @@ module Authpds
36
38
  def login_inaccessible_url(value = nil)
37
39
  rw_config(:login_inaccessible_url, value, "")
38
40
  end
39
- alias_method :redirect_logout_url=, :redirect_logout_url
41
+ alias_method :login_inaccessible_url=, :login_inaccessible_url
40
42
 
41
43
  # PDS user method to call to identify record
42
44
  def pds_record_identifier(value = nil)
@@ -3,11 +3,10 @@ module Authpds
3
3
  module ExceptionHandling
4
4
  def handle_login_exception(error)
5
5
  # Set a cookie saying that we've got some invalid stuff going on
6
- # in this session. Either PDS is screwy, OpenSSO is screwy, or both.
7
- # Either way, we want to skip logging in since it's problematic (if anonymous).
6
+ # in this session. PDS may be screwy. We want to skip logging in
7
+ # since it's problematic (if anonymous).
8
8
  controller.cookies["#{calling_system}_inaccessible".to_sym] = {
9
- :value => session_id,
10
- :path => "/" } if anonymous?
9
+ :value => true, :path => "/" } if anonymous?
11
10
  # If anonymous access isn't allowed, we can't rightfully set the cookie.
12
11
  # We probably should send to a system down page.
13
12
  controller.redirect_to(login_inaccessible_url)
@@ -15,7 +14,9 @@ module Authpds
15
14
  end
16
15
 
17
16
  def alert_the_authorities(error)
18
- controller.logger.error("Error in #{self.class}. Something is amiss with PDS authentication.\n#{error}\n#{error.backtrace.inspect}}")
17
+ controller.logger.error("Error in #{self.class}. " +
18
+ "Something is amiss with PDS authentication.\n" +
19
+ "#{error}\n#{error.backtrace.inspect}")
19
20
  end
20
21
  end
21
22
  end
@@ -3,8 +3,9 @@ module Authpds
3
3
  module InstitutionAttributes
4
4
  def institution_attributes
5
5
  @institution_attributes ||=
6
- (controller.current_primary_institution.nil? or controller.current_primary_institution.auth.nil?) ?
7
- {} : controller.current_primary_institution.auth
6
+ (controller.current_primary_institution.nil? or
7
+ controller.current_primary_institution.auth.nil?) ?
8
+ {} : controller.current_primary_institution.auth
8
9
  end
9
10
 
10
11
  def insitution_code
@@ -2,7 +2,8 @@ module Authpds
2
2
  module Session
3
3
  module PdsHandle
4
4
  def pds_handle
5
- @pds_handle ||= (controller.cookies[:PDS_HANDLE] || controller.params[:pds_handle])
5
+ @pds_handle ||= (controller.cookies[:PDS_HANDLE] ||
6
+ controller.params[:pds_handle])
6
7
  end
7
8
  end
8
9
  end
@@ -2,15 +2,12 @@ module Authpds
2
2
  module Session
3
3
  module PdsUser
4
4
  def pds_user
5
- begin
6
- @pds_user ||= Authpds::Exlibris::Pds::BorInfo.new(pds_url, calling_system, pds_handle) unless pds_handle.nil?
7
- return @pds_user unless @pds_user.nil? or @pds_user.error
8
- rescue Exception => e
9
- # Delete the PDS_HANDLE, since this isn't working.
10
- # controller.cookies.delete(:PDS_HANDLE) unless pds_handle.nil?
11
- handle_login_exception e
12
- return nil
13
- end
5
+ @pds_user ||= Authpds::Exlibris::Pds::BorInfo.new(pds_url,
6
+ calling_system, pds_handle) unless pds_handle.nil?
7
+ return @pds_user unless @pds_user.nil? or @pds_user.error
8
+ rescue Exception => e
9
+ handle_login_exception e
10
+ return nil
14
11
  end
15
12
  end
16
13
  end
@@ -3,7 +3,8 @@ module Authpds
3
3
  module Record
4
4
  # Get the record associated with this PDS user.
5
5
  def get_record(login)
6
- record = (klass.find_by_smart_case_login_field(login) || klass.new(login_field => login))
6
+ record = (klass.find_by_smart_case_login_field(login) ||
7
+ klass.new(login_field => login))
7
8
  end
8
9
 
9
10
  # Set the record information associated with this PDS user.
@@ -18,8 +19,9 @@ module Authpds
18
19
  # Reset expired data
19
20
  def reset_record(attempted_record)
20
21
  pds_attributes.each do |record_attr, pds_attr|
22
+ next unless self.attempted_record.respond_to?("#{record_attr}=".to_sym)
21
23
  attempted_record.send("#{record_attr}=".to_sym,
22
- pds_user.send(pds_attr.to_sym)) if self.attempted_record.respond_to?("#{record_attr}=".to_sym)
24
+ pds_user.send(pds_attr.to_sym))
23
25
  end
24
26
  pds_user.class.public_instance_methods(false).each do |pds_attr_reader|
25
27
  attempted_record.user_attributes = {
@@ -16,18 +16,21 @@ module Authpds
16
16
 
17
17
  # URL to redirect to after logout.
18
18
  def logout_url(params={})
19
- auth_pds_url "logout", user_session_redirect_url(redirect_logout_url), params
19
+ auth_pds_url "logout",
20
+ user_session_redirect_url(redirect_logout_url), params
20
21
  end
21
22
 
22
23
  def auth_pds_login_url(func, params)
23
- auth_pds_url func, validate_url(params), :institute => insitution_code, :calling_system => calling_system
24
+ auth_pds_url func, validate_url(params),
25
+ :institute => insitution_code, :calling_system => calling_system
24
26
  end
25
- protected :auth_pds_login_url
27
+ private :auth_pds_login_url
26
28
 
27
29
  def auth_pds_url(func, url, params)
28
30
  auth_pds_url = "#{pds_url}/pds?func=#{func}"
29
31
  params.each_pair do |key, value|
30
- auth_pds_url << "&#{key}=#{CGI::escape(value)}" unless key.nil? or value.nil?
32
+ next if key.blank? or value.blank?
33
+ auth_pds_url << "&#{key}=#{CGI::escape(value)}"
31
34
  end
32
35
  auth_pds_url << "&url=#{CGI::escape(url)}"
33
36
  end
@@ -38,14 +41,17 @@ module Authpds
38
41
  end
39
42
  private :user_session_redirect_url
40
43
 
41
- # Returns the URL for validating a UserSession on return from a remote login system.
44
+ # Returns the URL for validating a UserSession on
45
+ # return from a remote login system
42
46
  def validate_url(params={})
43
- url = controller.send(validate_url_name, :return_url => user_session_redirect_url(params[:return_url]))
44
- return url if params.nil? or params.empty?
45
- url << "?" if url.match('\?').nil?
47
+ url = controller.send(validate_url_name,
48
+ :return_url => user_session_redirect_url(params[:return_url]))
49
+ return url if params.blank?
50
+ url << "?" if url.match('\?').blank?
46
51
  params.each do |key, value|
47
52
  next if [:controller, :action, :return_url].include?(key)
48
- url << "&#{calling_system}_#{key}=#{CGI::escape(value)}" unless key.nil? or value.nil?
53
+ next if key.blank? or value.blank?
54
+ url << "&#{calling_system}_#{key}=#{CGI::escape(value)}"
49
55
  end
50
56
  url
51
57
  end
@@ -1,3 +1,3 @@
1
1
  module Authpds
2
- VERSION = "0.2.9"
2
+ VERSION = "1.0.0"
3
3
  end
metadata CHANGED
@@ -1,141 +1,160 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: authpds
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.2.9
4
+ version: 1.0.0
5
+ prerelease:
5
6
  platform: ruby
6
7
  authors:
7
8
  - Scot Dalton
8
9
  autorequire:
9
10
  bindir: bin
10
11
  cert_chain: []
11
- date: 2013-07-23 00:00:00.000000000 Z
12
+ date: 2013-09-24 00:00:00.000000000 Z
12
13
  dependencies:
13
14
  - !ruby/object:Gem::Dependency
14
15
  name: require_all
15
16
  requirement: !ruby/object:Gem::Requirement
17
+ none: false
16
18
  requirements:
17
19
  - - ~>
18
20
  - !ruby/object:Gem::Version
19
- version: 1.2.1
21
+ version: 1.3.1
20
22
  type: :runtime
21
23
  prerelease: false
22
24
  version_requirements: !ruby/object:Gem::Requirement
25
+ none: false
23
26
  requirements:
24
27
  - - ~>
25
28
  - !ruby/object:Gem::Version
26
- version: 1.2.1
29
+ version: 1.3.1
27
30
  - !ruby/object:Gem::Dependency
28
31
  name: authlogic
29
32
  requirement: !ruby/object:Gem::Requirement
33
+ none: false
30
34
  requirements:
31
35
  - - ~>
32
36
  - !ruby/object:Gem::Version
33
- version: 3.1.3
37
+ version: 3.3.0
34
38
  type: :runtime
35
39
  prerelease: false
36
40
  version_requirements: !ruby/object:Gem::Requirement
41
+ none: false
37
42
  requirements:
38
43
  - - ~>
39
44
  - !ruby/object:Gem::Version
40
- version: 3.1.3
45
+ version: 3.3.0
41
46
  - !ruby/object:Gem::Dependency
42
47
  name: activerecord
43
48
  requirement: !ruby/object:Gem::Requirement
49
+ none: false
44
50
  requirements:
45
51
  - - ~>
46
52
  - !ruby/object:Gem::Version
47
- version: '3.2'
53
+ version: 3.2.14
48
54
  type: :runtime
49
55
  prerelease: false
50
56
  version_requirements: !ruby/object:Gem::Requirement
57
+ none: false
51
58
  requirements:
52
59
  - - ~>
53
60
  - !ruby/object:Gem::Version
54
- version: '3.2'
61
+ version: 3.2.14
55
62
  - !ruby/object:Gem::Dependency
56
63
  name: activesupport
57
64
  requirement: !ruby/object:Gem::Requirement
65
+ none: false
58
66
  requirements:
59
67
  - - ~>
60
68
  - !ruby/object:Gem::Version
61
- version: '3.2'
69
+ version: 3.2.14
62
70
  type: :runtime
63
71
  prerelease: false
64
72
  version_requirements: !ruby/object:Gem::Requirement
73
+ none: false
65
74
  requirements:
66
75
  - - ~>
67
76
  - !ruby/object:Gem::Version
68
- version: '3.2'
77
+ version: 3.2.14
69
78
  - !ruby/object:Gem::Dependency
70
79
  name: nokogiri
71
80
  requirement: !ruby/object:Gem::Requirement
81
+ none: false
72
82
  requirements:
73
83
  - - ~>
74
84
  - !ruby/object:Gem::Version
75
- version: 1.5.3
85
+ version: 1.6.0
76
86
  type: :runtime
77
87
  prerelease: false
78
88
  version_requirements: !ruby/object:Gem::Requirement
89
+ none: false
79
90
  requirements:
80
91
  - - ~>
81
92
  - !ruby/object:Gem::Version
82
- version: 1.5.3
93
+ version: 1.6.0
83
94
  - !ruby/object:Gem::Dependency
84
95
  name: institutions
85
96
  requirement: !ruby/object:Gem::Requirement
97
+ none: false
86
98
  requirements:
87
99
  - - ~>
88
100
  - !ruby/object:Gem::Version
89
- version: 0.0.4
101
+ version: 0.0.7
90
102
  type: :runtime
91
103
  prerelease: false
92
104
  version_requirements: !ruby/object:Gem::Requirement
105
+ none: false
93
106
  requirements:
94
107
  - - ~>
95
108
  - !ruby/object:Gem::Version
96
- version: 0.0.4
109
+ version: 0.0.7
97
110
  - !ruby/object:Gem::Dependency
98
111
  name: rake
99
112
  requirement: !ruby/object:Gem::Requirement
113
+ none: false
100
114
  requirements:
101
115
  - - ~>
102
116
  - !ruby/object:Gem::Version
103
- version: 10.0.3
117
+ version: 10.1.0
104
118
  type: :development
105
119
  prerelease: false
106
120
  version_requirements: !ruby/object:Gem::Requirement
121
+ none: false
107
122
  requirements:
108
123
  - - ~>
109
124
  - !ruby/object:Gem::Version
110
- version: 10.0.3
125
+ version: 10.1.0
111
126
  - !ruby/object:Gem::Dependency
112
127
  name: vcr
113
128
  requirement: !ruby/object:Gem::Requirement
129
+ none: false
114
130
  requirements:
115
131
  - - ~>
116
132
  - !ruby/object:Gem::Version
117
- version: 2.4.0
133
+ version: 2.5.0
118
134
  type: :development
119
135
  prerelease: false
120
136
  version_requirements: !ruby/object:Gem::Requirement
137
+ none: false
121
138
  requirements:
122
139
  - - ~>
123
140
  - !ruby/object:Gem::Version
124
- version: 2.4.0
141
+ version: 2.5.0
125
142
  - !ruby/object:Gem::Dependency
126
143
  name: webmock
127
144
  requirement: !ruby/object:Gem::Requirement
145
+ none: false
128
146
  requirements:
129
147
  - - ~>
130
148
  - !ruby/object:Gem::Version
131
- version: 1.9.0
149
+ version: 1.13.0
132
150
  type: :development
133
151
  prerelease: false
134
152
  version_requirements: !ruby/object:Gem::Requirement
153
+ none: false
135
154
  requirements:
136
155
  - - ~>
137
156
  - !ruby/object:Gem::Version
138
- version: 1.9.0
157
+ version: 1.13.0
139
158
  description: Libraries that use Ex Libris products, can integrate Rails application
140
159
  with PDS to provide single sign-on across systems.
141
160
  email:
@@ -165,7 +184,6 @@ files:
165
184
  - lib/authpds/session/pds_handle.rb
166
185
  - lib/authpds/session/pds_user.rb
167
186
  - lib/authpds/session/record.rb
168
- - lib/authpds/session/session_id.rb
169
187
  - lib/authpds/session/url_handling.rb
170
188
  - lib/authpds/session.rb
171
189
  - lib/authpds/version.rb
@@ -196,26 +214,33 @@ files:
196
214
  - test/vcr_cassettes/nyu.yml
197
215
  homepage: http://github.com/scotdalton/authpds
198
216
  licenses: []
199
- metadata: {}
200
217
  post_install_message:
201
218
  rdoc_options: []
202
219
  require_paths:
203
220
  - lib
204
221
  required_ruby_version: !ruby/object:Gem::Requirement
222
+ none: false
205
223
  requirements:
206
224
  - - ! '>='
207
225
  - !ruby/object:Gem::Version
208
226
  version: '0'
227
+ segments:
228
+ - 0
229
+ hash: -3908509940850661859
209
230
  required_rubygems_version: !ruby/object:Gem::Requirement
231
+ none: false
210
232
  requirements:
211
233
  - - ! '>='
212
234
  - !ruby/object:Gem::Version
213
235
  version: '0'
236
+ segments:
237
+ - 0
238
+ hash: -3908509940850661859
214
239
  requirements: []
215
240
  rubyforge_project:
216
- rubygems_version: 2.0.3
241
+ rubygems_version: 1.8.25
217
242
  signing_key:
218
- specification_version: 4
243
+ specification_version: 3
219
244
  summary: Allows applications to use Ex Libris' Patron Directory Service (PDS) for
220
245
  authentication.
221
246
  test_files:
checksums.yaml DELETED
@@ -1,15 +0,0 @@
1
- ---
2
- !binary "U0hBMQ==":
3
- metadata.gz: !binary |-
4
- ZjFlODczYmRlNDhhMzI0NTY1NzkwNDk2ZWUxZjFjYWQ3YTQwNzgwZQ==
5
- data.tar.gz: !binary |-
6
- NmYzMTUyOWU1MDVmZmIwMzIwYjY2MzhhNmVmZjdiMTkwMDQzYWU1NA==
7
- !binary "U0hBNTEy":
8
- metadata.gz: !binary |-
9
- ZjhiOTUxYzI0M2Y1NDZlMDFkYmQ5NmE4MmYwMjcxODVkNDQzOTYxYmRhZGM3
10
- OWZjOGRhNzRhNGEwOTQyNmFjMjk5MjBhOGEwMmQ2NjBkYTY4MTkxMWZhZWUw
11
- ZWYwY2VjZTBkNDA3OGJmYjQ2ZWQ1ZmE5ZDdlOWI0ZDRiNjQ0NWU=
12
- data.tar.gz: !binary |-
13
- Y2U3MWY1MjhhMjU1MzY0OTY0YmY2MTg2MDZhZGIzMWYwZDZlZmRiMWNmNjM4
14
- ZDQ5YzkxZjlhZWFlMTBiNDBkNGVjMjM4M2IyZTQxYTIzZTBjYjljYmIwYmJm
15
- Y2VjYjU1MTE5YjIzYThiODQwYzVjOTQ2Y2UyMzRiMDUzMDhmMGU=
@@ -1,12 +0,0 @@
1
- module Authpds
2
- module Session
3
- module SessionId
4
- def session_id
5
- @session_id ||=
6
- (controller.session.respond_to?(:session_id)) ?
7
- (controller.session.session_id) ?
8
- controller.session.session_id : controller.session[:session_id] : controller.session[:session_id]
9
- end
10
- end
11
- end
12
- end