cas-client 0.1.2.pre.p19 → 0.1.3

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 6310d39c782652573f0e55f5d138f52bccd32a15f088a233bb85c9757a6d5cf4
-  data.tar.gz: 3715448946ebae64d744d83c01a53a944adcc2a4b9dd9723b44a3d83495c4d53
+  metadata.gz: 3dec8e7b15d53fc005cf9b9d4d3f5bf39e1e0cf7c5df64387dd2e2615bb89bcc
+  data.tar.gz: 305516439c3dadc49a90cd02c27a8d65868ea8ae1b020e23c7306e10cbf165c8
 SHA512:
-  metadata.gz: d6c941dd9c4b2c49f5f04e07a03ce13937d6445d296ec41fd85aaa163b95c65ad00b6a59b70b916bb7b7362014160823b3ff0a6878a34bd40e332168e083eefc
-  data.tar.gz: 5e813ec40e95b7eed0606b9e485315e849acd65508ed447ef69363a1bb4ac00c69507a0d7a77440a6bb7aeeef313c73150ad1622ee80f4eacbf646b358bdee32
+  metadata.gz: 46b9c8224cc102f852bb2f7aded2810b4701ed662b6477812095612acd28921c3d25d2a28e452af210702b6d80e035674f4fabbc5f626572f4bd522d8ea9c9ce
+  data.tar.gz: ad0f99174aa6ceeea27ee2b60f756539cef7db143f5f3cd133b72d602ae9090645c7fc9ae3ebc28352466f3d8ce64b9067fd5c5cb4bb692ac98869cee46e3c9c

data/Gemfile.lock

@@ -0,0 +1,37 @@
+PATH
+  remote: .
+  specs:
+    cas-client (0.1.3)
+      rack (>= 1.3)
+
+GEM
+  remote: https://rubygems.org/
+  specs:
+    diff-lcs (1.3)
+    rack (2.0.5)
+    rake (10.5.0)
+    rspec (3.8.0)
+      rspec-core (~> 3.8.0)
+      rspec-expectations (~> 3.8.0)
+      rspec-mocks (~> 3.8.0)
+    rspec-core (3.8.0)
+      rspec-support (~> 3.8.0)
+    rspec-expectations (3.8.1)
+      diff-lcs (>= 1.2.0, < 2.0)
+      rspec-support (~> 3.8.0)
+    rspec-mocks (3.8.0)
+      diff-lcs (>= 1.2.0, < 2.0)
+      rspec-support (~> 3.8.0)
+    rspec-support (3.8.0)
+
+PLATFORMS
+  ruby
+
+DEPENDENCIES
+  bundler (~> 1.16)
+  cas-client!
+  rake (~> 10.0)
+  rspec (~> 3.0)
+
+BUNDLED WITH
+   1.16.4

data/README.md

@@ -22,7 +22,14 @@ Or install it yourself as:
 
 ## Usage
 
-TODO: Write usage instructions here
+Configure middleware from the specific environment file
+
+```ruby
+config.middleware.insert_after ActionDispatch::Session::CookieStore, Cas::Client::Middleware, {
+  server_url: "https://idpqa.americanfinancing.net",
+  extra_attributes: [:first_name, :last_name, :email, :external_id]
+}
+```
 
 ## Development
 

data/cas-client.gemspec

@@ -32,6 +32,7 @@ Gem::Specification.new do |spec|
   spec.executables   = spec.files.grep(%r{^exe/}) { |f| File.basename(f) }
   spec.require_paths = ["lib"]
 
+  spec.add_dependency 'rack', '>= 1.3'
   spec.add_development_dependency "bundler", "~> 1.16"
   spec.add_development_dependency "rake", "~> 10.0"
   spec.add_development_dependency "rspec", "~> 3.0"

data/lib/cas-client.rb

@@ -1,5 +1,9 @@
+require 'rack'
+require 'cas/client/middleware'
+require 'cas/client/response'
+require 'cas/client/server'
+require 'cas/client/url'
 require 'cas/client/version'
-require 'cas/client/rack'
 
 module Cas
   module Client

data/lib/cas/client/middleware.rb

@@ -0,0 +1,65 @@
+require 'net/http'
+
+module Cas
+  module Client
+    class Middleware
+      def initialize(app, config={})
+        @app = app
+        @config = config
+        @config[:extra_attributes] = [] if config[:extra_attributes].nil?
+        @request = nil
+      end
+
+      def call(env)
+        @request = Rack::Request.new(env)
+        server = Cas::Client::Server.new(@config[:server_url])
+        status, headers, rack_body = @app.call(env)
+        log(env, "Middleware called. Status: #{status}, Headers: #{headers}")
+
+        if ticket_validation?
+          attributes = server.validate_service(self_url(@request), ticket_param, {extra_attributes: @config[:extra_attributes]})
+          set_session(@request, attributes)
+          return redirect_to(self_url(@request))
+        elsif status == 401
+          return redirect_to(server.login_url({service_url: self_url(@request)}))
+        else
+          return [status, headers, rack_body]
+        end
+      end
+
+      private
+
+      def set_session(req, attributes)
+        req.session['cas'] = attributes
+      end
+
+      def redirect_to(url, status=302)
+        [ status, { 'Location' => url, 'Content-Type' => 'text/plain' }, ["Redirecting you to #{url}"] ]
+      end
+
+      def self_url(req)
+        req.url.split('?')[0]
+      end
+
+      def ticket_validation?
+        !!(@request.get? && ticket_param && ticket_param.to_s =~ /\AST\-[^\s]{1,253}\Z/)
+      end
+
+      def ticket_param
+        @request.params['ticket']
+      end
+
+      def xml_namespace
+        @config[:cas_namespace] || 'cas'
+      end
+
+      def log(env, message, level = :info)
+        if env['rack.logger']
+          env['rack.logger'].send(level, message)
+        else
+          env['rack.errors'].write(message)
+        end
+      end
+    end
+  end
+end

data/lib/cas/client/response.rb

@@ -0,0 +1,48 @@
+module Cas
+  module Client
+    class Response
+      def initialize(uri)
+        @request_uri = uri
+        @response = nil
+      end
+
+      def validate_service_response
+        @response = Net::HTTP.get(@request_uri)
+      end
+
+      def success?
+        @response.to_s.match(/<cas:authenticationSuccess>/).captures.length > 0
+      end
+
+      def all_attributes(extra_attributes)
+        {}.merge!(get_user(@response)).merge!(get_extra_attributes(@response, extra_attributes))
+      end
+
+      protected
+
+      def xml_namespace
+        "cas"
+      end
+
+      def get_user(res)
+        match = res.match(/<#{xml_namespace}:user>(.*)<\/#{xml_namespace}:user>/)
+        if match
+          { user: match.captures.first }
+        else # Failed login
+          {}
+        end
+      end
+
+      def get_extra_attributes(res, extra_attributes)
+        attributes = {}
+        extra_attributes.each do |ea|
+          match = res.match(/<#{xml_namespace}:#{ea}>(.*)<\/#{xml_namespace}:#{ea}>/)
+          if match
+            attributes[ea] = match.captures.first
+          end
+        end
+        attributes
+      end
+    end
+  end
+end

data/lib/cas/client/server.rb

@@ -0,0 +1,40 @@
+module Cas
+  module Client
+    class Server
+      def initialize(server_url)
+        @url = Cas::Client::URL.new(server_url)
+      end
+
+      def login_url(options={})
+        if options.key?(:service_url)
+          @url.append_path('/login').add_query("service=#{options[:service_url]}")
+        else
+          @url.append_path('/login')
+        end
+      end
+
+      def logout_url(options={})
+        if options.key?(:service_url)
+          @url.append_path('/logout').add_query("service=#{options[:service_url]}")
+        else
+          @url.append_path('/logout')
+        end
+      end
+
+      def validate_service(service_url, ticket, option={})
+        uri = Cas::Client::URL.new(validate_service_url(service_url, ticket)).to_uri
+        res = Cas::Client::Response.new(uri)
+        res.validate_service_response
+        res.all_attributes(option[:extra_attributes]||[])
+      end
+
+      protected
+
+      def validate_service_url(service_url, ticket)
+        protocol_path = "p3"
+        server_url = @url
+        URI("#{server_url}/#{protocol_path}/serviceValidate?service=#{service_url}&ticket=#{ticket}")
+      end
+    end
+  end
+end

data/lib/cas/client/url.rb

@@ -0,0 +1,34 @@
+module Cas
+  module Client
+    class URL
+      def initialize(url)
+        begin
+          @url = URI(url)
+        rescue URI::Error => e
+          raise e
+        end
+      end
+
+      def append_path(path_string)
+        Cas::Client::URL.new("#{@url}#{path_string}")
+      end
+
+      def add_query(query_string)
+        if @url.query.nil?
+          @url.query = query_string
+        else
+          @url.query += "&#{query_string}"
+        end
+        @url
+      end
+
+      def to_uri
+        URI(@url.to_s)
+      end
+
+      def to_s
+        @url.to_s
+      end
+    end
+  end
+end

data/lib/cas/client/version.rb

@@ -1,5 +1,5 @@
 module Cas
   module Client
-    VERSION = "0.1.2-p19"
+    VERSION = "0.1.3"
   end
 end

metadata

@@ -1,15 +1,29 @@
 --- !ruby/object:Gem::Specification
 name: cas-client
 version: !ruby/object:Gem::Version
-  version: 0.1.2.pre.p19
+  version: 0.1.3
 platform: ruby
 authors:
 - Donavan White
 autorequire: 
 bindir: exe
 cert_chain: []
-date: 2018-08-28 00:00:00.000000000 Z
+date: 2018-08-29 00:00:00.000000000 Z
 dependencies:
+- !ruby/object:Gem::Dependency
+  name: rack
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '1.3'
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '1.3'
 - !ruby/object:Gem::Dependency
   name: bundler
   requirement: !ruby/object:Gem::Requirement
@@ -64,6 +78,7 @@ files:
 - ".travis.yml"
 - CODE_OF_CONDUCT.md
 - Gemfile
+- Gemfile.lock
 - LICENSE.txt
 - README.md
 - Rakefile
@@ -71,7 +86,10 @@ files:
 - bin/setup
 - cas-client.gemspec
 - lib/cas-client.rb
-- lib/cas/client/rack.rb
+- lib/cas/client/middleware.rb
+- lib/cas/client/response.rb
+- lib/cas/client/server.rb
+- lib/cas/client/url.rb
 - lib/cas/client/version.rb
 homepage: ''
 licenses:
@@ -88,9 +106,9 @@ required_ruby_version: !ruby/object:Gem::Requirement
       version: '0'
 required_rubygems_version: !ruby/object:Gem::Requirement
   requirements:
-  - - ">"
+  - - ">="
     - !ruby/object:Gem::Version
-      version: 1.3.1
+      version: '0'
 requirements: []
 rubyforge_project: 
 rubygems_version: 2.7.6

data/lib/cas/client/rack.rb

@@ -1,22 +0,0 @@
-module Cas
-  module Client
-    class Rack
-      def initialize(app)
-        @app = app
-      end
-
-      def call(env)
-        status, headers, rack_body = @app.call(env)
-        puts "Middleware called. Status: #{status}, Headers: #{headers}"
-
-        if status == 401
-          response = "CAS Client Called!!!"
-          headers["Content-Length"] = response.length.to_s
-          return [status, headers, [response]]
-        else
-          return [status, headers, rack_body]
-        end
-      end
-    end
-  end
-end