casablanca 0.0.2

data/History.txt

@@ -0,0 +1,6 @@
+=== 1.0.0 / 2009-01-07
+
+* 1 major enhancement
+
+  * Birthday!
+

data/Manifest.txt

@@ -0,0 +1,16 @@
+History.txt
+Manifest.txt
+README.textile
+Rakefile
+init.rb
+bin/casablanca
+lib/casablanca.rb
+lib/casablanca/cli.rb
+lib/casablanca/client.rb
+lib/casablanca/filters/rails.rb
+lib/casablanca/response_parsers.rb
+test/test_client.rb
+test/test_helper.rb
+test/test_parser.rb
+test/test_rails_filter.rb
+test/test_ticket.rb

data/README.textile

@@ -0,0 +1,87 @@
+h1. Casablanca
+
+h2. Description
+
+Casablanca is a single sign-on client for the CAS 2.0 protocol.
+It can be run from the commandline and as a filter for Rails.
+
+  sudo gem install p8-casablanca
+
+
+h2. Usage
+
+Commandline:
+
+  casablanca
+
+In IRB:
+
+  require 'casablanca'
+
+  C = Casablanca::CommandLineClient.new({ :cas_server_url => "http://localhost:4567",
+                                        :service_url => "http://localhost:3000" })
+
+  ticket = C.get_service_ticket('admin', 'admin')
+  C.authenticate_ticket(ticket)
+
+
+In a Rails project:
+- environment.rb:
+
+  Casablanca::RailsFilter.config do |config|
+     config[:cas_server_url]  = "http://localhost:4567"
+     config[:service_url]     = "http://localhost:3000"
+  end
+  
+- Add the following to application.rb:
+
+  before_filter Casablanca::RailsFilter
+  
+  def current_person
+    @current_person ||= login_from_cas unless @current_person == false
+  end
+    
+  def login_from_cas
+    if session[:cas_user]
+      person = Person.find_by_name(session[:cas_user])
+      logout_killing_session! unless person
+      person
+    end
+  end
+
+- Add the following to you logout action
+
+  Casablanca::RailsFilter.logout(self)
+
+h2. TODO
+
+* Add logging
+* Add extra attributes returned from the server
+* Implement gateway and proxy
+* Check for single signout
+* Check for endless redirects
+
+h2. LICENSE:
+
+(The MIT License)
+
+Copyright (c) 2009 Petrik de Heus
+
+Permission is hereby granted, free of charge, to any person obtaining
+a copy of this software and associated documentation files (the
+'Software'), to deal in the Software without restriction, including
+without limitation the rights to use, copy, modify, merge, publish,
+distribute, sublicense, and/or sell copies of the Software, and to
+permit persons to whom the Software is furnished to do so, subject to
+the following conditions:
+
+The above copyright notice and this permission notice shall be
+included in all copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED 'AS IS', WITHOUT WARRANTY OF ANY KIND,
+EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
+MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT.
+IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY
+CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT,
+TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE
+SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.

data/Rakefile

@@ -0,0 +1,15 @@
+# -*- ruby -*-
+
+require 'rubygems'
+require 'hoe'
+require 'lib/casablanca.rb'
+
+Hoe.new('casablanca', Casablanca::VERSION) do |p|
+  p.developer('FIX', 'FIX@example.com')
+end
+
+# require 'metric_fu'
+# 
+# MetricFu::Configuration.run do |config|
+#   config.coverage = { :test_files => ['test/**/test_*.rb'] }
+# end

data/bin/casablanca

@@ -0,0 +1,9 @@
+#!/usr/bin/env ruby
+irb = RUBY_PLATFORM =~ /mswin32/ ? 'irb.bat' : 'irb'
+options = { :sandbox => false, :irb => irb }
+
+libs =  " -r irb/completion"
+libs << " -r #{File.dirname(__FILE__)}/../lib/casablanca.rb"
+libs << " -r #{File.dirname(__FILE__)}/../lib/casablanca/cli.rb"
+
+exec "#{options[:irb]} #{libs} --simple-prompt"

data/init.rb

@@ -0,0 +1,3 @@
+$: << File.expand_path(File.dirname(__FILE__))+'/lib'
+require 'casablanca'
+require 'casablanca/filters/rails'

data/lib/casablanca/cli.rb

@@ -0,0 +1,20 @@
+config = { :cas_server_url => "http://localhost:4567", :service_url => "http://localhost:3000" }
+INFO = %(
+=====================================================
+CASABLANCA CLIENT CONSOLE (#{Casablanca::VERSION})
+
+Use C for a configured client (#{config.inspect})
+Example:
+
+t = C.get_service_ticket('admin', 'admin')
+C.authenticate_ticket(t)
+
+The configuration can be changed:
+C.cas_server_url = "http://example.com/cas_server"
+C.service_url = "http://example.com/application"
+
+)
+
+C = @client = Casablanca::CommandLineClient.new(config)
+
+puts INFO

data/lib/casablanca/client.rb

@@ -0,0 +1,163 @@
+require 'uri'
+require 'cgi'
+require 'net/https'
+require 'rexml/document'
+
+module Casablanca
+
+  class Client
+    attr_accessor :cas_server_url, :service_url
+
+    def initialize(config)
+      raise ":cas_server_url is required" unless config[:cas_server_url]
+      @cas_server_url = config[:cas_server_url]
+      @service_url = config[:service_url]
+    end
+
+    def authenticate_ticket(ticket)
+      response = request_validation(ticket)
+      ticket.authenticate(response)
+    end
+
+    def login_url
+      url = "#{@cas_server_url}/login?service=#{@service_url}" 
+    end
+
+    def logout_url
+      "#{@cas_server_url}/logout"
+    end
+
+    def validate_url
+      "#{@cas_server_url}/proxyValidate"
+    end
+
+    private
+
+    def request_validation(ticket)
+      raise "ticket.service_url cannot be empty" if ticket.service_url.nil? || ticket.service_url.strip == ""      
+      uri = URI.parse(validate_url)
+      uri.merge_query(ticket.to_request_params)
+      response = get(uri)
+      puts "#{@cas_server_url} #{response.inspect}:\n#{response.body}"
+      unless response.kind_of?(Net::HTTPSuccess)
+        raise ResponseError, "#{response.code}, #{response.body}"
+      end
+      response.body
+    end
+    
+    def get(uri)
+      https(uri) do |h|
+        h.get("#{uri.path}?#{uri.query}")
+      end   
+    end 
+
+    def https(uri)
+      https = Net::HTTP.new(uri.host, uri.port)
+      https.use_ssl = (uri.scheme == 'https')
+      begin
+        https.start do |h|
+          yield(h)
+        end
+      rescue Errno::ECONNREFUSED => error
+        raise CasServerException
+      end
+    end
+
+  end
+
+  class CommandLineClient < Client
+
+    def login(username, password)
+      post(URI.parse(login_url), {:username => username, :password => password, :service => service_url})
+    end
+
+    def get_service_ticket(username, password)
+      location = login(username, password)['location']
+      query = {}
+      URI.parse(location).query.collect{|q| k,v = q.split('='); query[k] = v }
+      Ticket.new(query['ticket'], @service_url)
+    end
+    
+    private
+    
+    def post(uri, form_data)
+      req = Net::HTTP::Post.new(uri.path)
+      req.set_form_data(form_data, ';')
+      https(uri) do |h|
+        h.request(req)
+      end
+    end  
+  end
+
+  class Ticket
+    attr_accessor :user, :failure_code, :failure_message
+    attr_reader :service_url, :ticket
+    
+    def initialize(ticket, service_url, renew = false)      
+      @service_url = service_url
+      @ticket  = ticket
+      @renew   = renew
+    end
+
+    def self.from_hash(hash)
+      ticket = Ticket.new(hash[:ticket], hash[:service_url], hash[:renew])
+      ticket.user = hash[:user]
+      ticket
+    end
+
+    def to_request_params
+      params = {:service =>  @service_url,
+        :ticket => @ticket }
+      params[:renew] = 1 if @renew
+      params
+    end
+
+    def to_hash
+      props = {}
+      props[:user] = @user if authenticated?
+      props[:renew] = @renew if @renew
+      props[:service_url] = @service_url
+      props[:ticket] = @ticket
+      props
+    end
+    
+    def authenticated?
+      !!@user
+    end
+
+    def authenticate(body)
+      response = CasResponseParser.parse(self, body)
+      authenticated?
+    end
+  end
+
+  class ResponseError < Exception
+  end
+
+  class CasServerException < Exception
+  end
+  
+  class UnknownTicketType <  Exception
+  end
+end
+
+class URI::HTTP
+  def merge_query(hash)
+    q = query ? query + '&' : ''
+    self.query = "#{q}#{hash_to_uri_array(hash)}"
+  end
+  
+  def hash_to_uri_array(hash)
+    hash.collect do |name, value|
+      if value.kind_of? Array
+        value.map {|v| stringify_param(name, v) }
+      else
+        stringify_param(name, value)
+      end
+    end.join('&')
+  end
+
+  def stringify_param(name, value)
+    "#{CGI::escape(name.to_s)}=#{CGI::escape(value.to_s)}"
+  end  
+end

data/lib/casablanca/filters/rails.rb

@@ -0,0 +1,58 @@
+module Casablanca
+  class RailsFilter
+    @@client = nil
+
+    class << self
+      
+      def client=client
+        @@client = client
+      end
+      
+      def client
+        @@client
+      end
+            
+      def config
+        config = {}
+        yield config
+        @@client = Client.new(config)
+      end
+      
+      def filter(controller)
+        return true if previous_ticket(controller) && !controller.params[:renew]     
+        ticket = Ticket.new(controller.params[:ticket], @@client.service_url, controller.params[:renew])
+        if @@client.authenticate_ticket(ticket)
+          puts "Ticket authenticated"
+          controller.session[:cas_user] = ticket.user
+          controller.session[:cas_ticket] = ticket.to_hash
+          return true
+        else
+          puts "Ticket authentication failed: #{ticket.failure_message}"          
+          controller.session[:cas_user] = nil
+          controller.session[:cas_ticket] = nil
+          controller.send(:redirect_to, login_url)
+          return false
+        end
+      end
+
+      def login_url
+        @@client.login_url
+      end
+
+      def logout(controller)
+        controller.send(:reset_session)
+        controller.send(:redirect_to, @@client.logout_url)
+      end
+      
+      private
+      
+      def previous_ticket(controller)
+        hash = controller.session[:cas_ticket]
+        return nil unless hash
+        Ticket.from_hash(hash)
+      end
+      
+    end
+  end
+
+end

data/lib/casablanca/response_parsers.rb

@@ -0,0 +1,50 @@
+module Casablanca
+
+  class CasResponseParser
+    def protocol
+      self.class.to_s.gsub(/(Casablanca::Cas_|_ResponseParser)/, '').gsub('_', '.').to_f
+    end
+
+    def self.parse(ticket, body)
+      raise ResponseError, "Response body is empty" if body.nil? || body.strip == ""
+      #return Cas_1_0_Parser.new(body) if ?
+      response = Cas_2_0_ResponseParser.new(body)
+      ticket.user = response.user      
+      unless response.authenticated?
+        ticket.failure_code = response.failure_code
+        ticket.failure_message = response.failure_message
+      end
+    end
+  end
+
+  class Cas_2_0_ResponseParser < CasResponseParser
+    def initialize(xml)
+      doc = REXML::Document.new(xml)
+      @xml = doc.elements['cas:serviceResponse'].elements[1]
+    end
+
+    def user
+      strip_text(@xml.elements['cas:user'])
+    end
+
+    def authenticated?
+      @xml.name == 'authenticationSuccess'
+    end
+
+    def failure_code
+      @xml.elements['//cas:authenticationFailure'].attributes['code']
+    end
+
+    def failure_message
+      strip_text(@xml.elements['//cas:authenticationFailure'])
+    end
+
+    private
+
+    def strip_text(tag)
+      tag.text.strip if tag
+    end
+
+  end
+
+end

data/lib/casablanca.rb

@@ -0,0 +1,5 @@
+module Casablanca
+  VERSION = '0.0.2'
+end
+require 'casablanca/client'
+require 'casablanca/response_parsers'

data/test/test_client.rb

@@ -0,0 +1,100 @@
+require File.join(File.dirname(__FILE__), 'test_helper.rb')
+
+class TestClient < Test::Unit::TestCase
+  def setup
+    @client = Client.new(:cas_server_url => "http://localhost:4567", :service_url => "http://localhost:3000")
+  end
+  
+  def test_config
+    assert_equal @client.service_url, "http://localhost:3000"
+  end
+
+  def test_config_requires_cas_server_url
+    assert_raises(RuntimeError) do
+      @client = Client.new({})
+    end
+  end
+
+  def test_authenticate_ticket
+    service_ticket = get_service_ticket
+    @client = Client.new(:cas_server_url => "http://localhost:4567", :service_url => "http://localhost:3000")    
+    mock_authenticate_ticket(VALID_REQUEST)    
+    @client.authenticate_ticket(service_ticket)
+    assert_equal 'admin', service_ticket.user
+  end
+  
+  def test_validate_expired_ticket
+    mock_authenticate_ticket(INVALID_TICKET)
+    ticket = 'ST-1231341579r871C5757B79767C21E'
+    service_ticket = Ticket.new(ticket, 'http://localhost:3000', true)
+    @client.authenticate_ticket(service_ticket)
+    assert_equal 'INVALID_TICKET', service_ticket.failure_code
+    #assert_equal "Ticket 'ST-1231341579r871C5757B79767C21E' has already been used up.", ticket.failure_message
+  end  
+
+  def test_validate_invalid_ticket
+    mock_authenticate_ticket(INVALID_TICKET)
+    ticket = 'ST-1231242314r72465638160B31E8D1'
+    service_ticket =  Ticket.new(ticket, 'http://localhost:3000', true)
+    @client.authenticate_ticket(service_ticket)
+    assert_equal 'INVALID_TICKET', service_ticket.failure_code
+    assert_equal "Ticket ST-1231242314r72465638160B31E8D1 not recognized.", service_ticket.failure_message
+  end
+
+  def test_authenticate_ticket_with_empty_service_url
+    service_ticket = Ticket.new('ticket', nil)
+    assert_raises(RuntimeError) do
+      @client.authenticate_ticket(service_ticket)
+    end
+  end
+
+  def test_login_url
+    assert_equal 'http://localhost:4567/login?service=http://localhost:3000', @client.login_url
+  end
+  
+  def test_logout_url
+    assert_equal 'http://localhost:4567/logout', @client.logout_url
+  end
+ 
+  def test_validate_url
+    assert_equal 'http://localhost:4567/proxyValidate', @client.validate_url
+  end
+
+end
+
+class TestCommandLineClient < Test::Unit::TestCase
+  def setup
+    @client = CommandLineClient.new(:cas_server_url => "http://localhost:4567", :service_url => "http://localhost:3000")
+  end
+
+  def test_login
+    mock_get_service_ticket
+    res = @client.login('admin', 'admin')
+    assert_equal '', res.body
+    assert_equal '303', res.code
+    assert_equal 0, res['location'] =~ /^http:\/\/localhost:3000\?ticket=ST-/
+    assert_equal 61, res['location'].size
+  end
+
+  def test_get_service_ticket
+    mock_get_service_ticket
+    ticket = @client.get_service_ticket('admin', 'admin')
+    assert_equal 0, ticket.ticket =~ /^ST-/
+    assert_equal 32, ticket.ticket.size    
+  end
+  
+end
+
+class TestURIHTTP < Test::Unit::TestCase
+  def test_merge_query
+    uri = URI.parse('http://localhost:4567/login')
+    uri.merge_query({:order_by => ['1', '2']})
+    assert_equal 'order_by=1&order_by=2', uri.query   
+  end
+    
+  def test_merge_query_with_existing_query
+    uri = URI.parse('http://localhost:4567/login?search=ah')
+    uri.merge_query({:order_by => ['1', '2']})
+    assert_equal 'search=ah&order_by=1&order_by=2', uri.query   
+  end
+end

data/test/test_helper.rb

@@ -0,0 +1,77 @@
+require(File.expand_path(File.join(File.dirname(__FILE__), '..', 'lib', 'casablanca.rb')))
+require(File.expand_path(File.join(File.dirname(__FILE__), '..', 'lib', 'casablanca', 'filters', 'rails.rb')))
+require 'test/unit'
+require 'rubygems'
+require 'mocha'
+
+# set to false if you're integration testing against a real server
+MOCK_REQUESTS = true
+
+class Test::Unit::TestCase
+  include Casablanca
+  
+  def mock_authenticate_ticket(body)
+    if MOCK_REQUESTS
+      @client.expects(:get).returns(MockResponse.new(body, '200', :location => 'http://localhost:3000?ticket=ST-1231341579r871C5757B79767C21E'))
+    end
+  end
+  
+  def mock_get_service_ticket
+    if MOCK_REQUESTS
+      @client.expects(:post).returns(MockResponse.new('', '303', :location => 'http://localhost:3000?ticket=ST-1231341579r871C5757B79767C21E'))
+    end
+  end
+
+  def get_service_ticket
+    cli = CommandLineClient.new(:cas_server_url => "http://localhost:4567", :service_url => "http://localhost:3000")
+    if MOCK_REQUESTS
+      cli.expects(:post).returns(MockResponse.new('', '303', :location => 'http://localhost:3000?ticket=ST-1231341579r871C5757B79767C21E'))
+    end
+    cli.get_service_ticket('admin', 'admin')
+  end 
+end
+
+class MockResponse < Net::HTTPResponse
+  attr_accessor :body, :code
+  def initialize(body, code=200, header={})
+      @body, @code, @header = body, code, header
+  end
+
+  def []= key, value
+      @header[key.to_sym] = value
+  end
+
+  def [] key
+      @header[key.to_sym]
+  end
+  
+  def kind_of?(klass)
+    if klass == Net::HTTPSuccess
+      code.to_i == 200
+    end
+  end
+end
+
+VALID_REQUEST = %(
+<cas:serviceResponse xmlns:cas='http://www.yale.edu/tp/cas'>
+  <cas:authenticationSuccess>
+    <cas:user>admin</cas:user>        
+  </cas:authenticationSuccess>
+</cas:serviceResponse>
+)
+
+INVALID_REQUEST = %(
+  <cas:serviceResponse xmlns:cas='http://www.yale.edu/tp/cas'>
+    <cas:authenticationFailure code="INVALID_REQUEST">
+    Ticket or service parameter was missing in the request.
+    </cas:authenticationFailure>
+  </cas:serviceResponse>
+)
+
+INVALID_TICKET = %(
+<cas:serviceResponse xmlns:cas='http://www.yale.edu/tp/cas'>
+  <cas:authenticationFailure code="INVALID_TICKET">
+  Ticket ST-1231242314r72465638160B31E8D1 not recognized.
+  </cas:authenticationFailure>
+</cas:serviceResponse>
+)

data/test/test_parser.rb

@@ -0,0 +1,22 @@
+require File.join(File.dirname(__FILE__), 'test_helper.rb')
+
+class TestCas_2_0_ResponseParser < Test::Unit::TestCase
+  def test_parse_valid_ticket
+    response = Cas_2_0_ResponseParser.new(VALID_REQUEST)
+    assert_equal 'admin', response.user
+    assert_equal 2.0, response.protocol
+  end
+    
+  def test_parse_invalid_request
+    response = Cas_2_0_ResponseParser.new(INVALID_REQUEST)
+    assert_equal 'INVALID_REQUEST', response.failure_code    
+    assert_equal 'Ticket or service parameter was missing in the request.', response.failure_message
+  end
+  
+  def test_parse_invalid_ticket
+    response = Cas_2_0_ResponseParser.new(INVALID_TICKET)
+    assert_equal 'INVALID_TICKET', response.failure_code    
+    assert_equal 'Ticket ST-1231242314r72465638160B31E8D1 not recognized.', response.failure_message
+  end
+    
+end

data/test/test_rails_filter.rb

@@ -0,0 +1,103 @@
+require File.join(File.dirname(__FILE__), 'test_helper.rb')
+require 'action_pack'
+class TestRailsFilter < Test::Unit::TestCase
+  def setup
+    @client = Client.new(:cas_server_url => "http://localhost:4567", :service_url => "http://localhost:3000")
+    RailsFilter.client = @client
+    @controller = Controller.new    
+    @controller.params = {}       
+  end
+  
+  def test_login_url
+    assert_equal 'http://localhost:4567/login?service=http://localhost:3000', RailsFilter.login_url
+  end  
+  
+  def test_config
+    Casablanca::RailsFilter.config do |config|
+       config[:cas_server_url]  = "http://example.com/cas_server"
+       config[:service_url]     = "http://example.com/application"
+    end
+    assert_equal "http://example.com/cas_server", RailsFilter.client.cas_server_url
+    assert_equal "http://example.com/application", RailsFilter.client.service_url    
+  end
+  # def test_filter_requires_config
+  #   RailsFilter.config = nil
+  #   assert_raises(RuntimeError) do
+  #     RailsFilter.filter(Controller.new)
+  #   end
+  # end
+
+  def test_logout
+    RailsFilter.logout(@controller)
+    assert_equal({}, @controller.session)
+  end
+
+  def test_filter_invalid_attempt
+    mock_authenticate_ticket(INVALID_TICKET)
+    @controller.session = {}    
+    assert_equal false, RailsFilter.filter(@controller)
+  end
+
+  def test_filter_authenticated
+    service_ticket = get_service_ticket    
+    params = {:ticket => service_ticket.ticket}
+    mock_authenticate_ticket(VALID_REQUEST)
+    @controller.params = params
+    assert_equal true, RailsFilter.filter(@controller)
+    assert_session('admin', { :ticket => service_ticket.ticket, :user => 'admin', :service_url => 'http://localhost:3000' })
+  end
+
+  def test_filter_same_ticket
+    params = {:ticket => 'a'}
+    @controller.session = { :cas_ticket => params, :cas_user => 'admin' }
+    @controller.params = params
+    assert_equal true, RailsFilter.filter(@controller)
+    assert_session('admin', params)
+  end
+
+  def test_filter_resets_sessions_for_renew
+    mock_authenticate_ticket(INVALID_TICKET)
+    @controller.session[:cas_ticket] = { :ticket => 'a', :service_url => 'b'   }
+    @controller.params = {:renew => true }    
+    assert_equal false, RailsFilter.filter(@controller)
+    assert_session(nil, nil)
+  end
+
+  def assert_session(user, ticket)
+    assert_equal ticket, @controller.session[:cas_ticket]
+    assert_equal user, @controller.session[:cas_user]
+  end
+
+end
+
+class Controller # < ActionController::Base
+  attr_accessor :params, :session
+  def initialize
+    @session = {}
+  end
+  
+  def request
+    Request.new
+  end
+  
+  def url_for(url)
+    url
+  end
+  
+  def redirect_to(url)
+  end
+  
+  private
+  
+  def reset_session
+    @session = {}
+  end
+end
+
+class Request
+  def headers
+    {}
+  end
+  def post?
+  end
+end

data/test/test_ticket.rb

@@ -0,0 +1,71 @@
+require File.join(File.dirname(__FILE__), 'test_helper.rb')
+
+class TestTicket < Test::Unit::TestCase
+  def setup
+    @ticket = Ticket.new('ST-1231242314r72465638160B31E8D1', 'http://localhost:3000')
+  end
+  
+  def test_create_service_ticket
+    ticket = Ticket.new('ST-1231242314r72465638160B31E8D1', 'http://localhost:3000')
+    assert_equal 'ST-1231242314r72465638160B31E8D1', ticket.to_hash[:ticket]
+  end
+  
+  def test_create_proxy_ticket
+    ticket = Ticket.new('PT-1231242314r72465638160B31E8D1', 'http://localhost:3000')
+    assert_equal 'PT-1231242314r72465638160B31E8D1', ticket.to_hash[:ticket]
+  end
+
+  def test_to_hash
+    ticket = Ticket.new('ST-1231242314r72465638160B31E8D1', 'http://localhost:3000')
+    assert_equal 'ST-1231242314r72465638160B31E8D1', ticket.to_hash[:ticket]
+  end
+
+  def test_from_hash
+    props = {:ticket => 'ticket',
+                  :service_url => "http://localhost:3000",
+                  :renew    => 1,
+                  :user     => 'admin' }
+    ticket = Ticket.from_hash(props)
+    assert_equal props, ticket.to_hash
+  end
+
+  def test_to_request_params
+    ticket = Ticket.new('ticket', 'http://localhost:3000')
+    expected = {:ticket => 'ticket',
+                  :service  => "http://localhost:3000" }
+    assert_equal(expected, ticket.to_request_params)
+  end
+
+  def test_to_request_params_with_renew
+    ticket = Ticket.new('ticket', 'http://localhost:3000', true)
+    expected = {:ticket => 'ticket',
+                  :service  => "http://localhost:3000",
+                  :renew    => 1 }
+    assert_equal(expected, ticket.to_request_params)
+  end
+  
+  def test_authenticate_valid_ticket
+    @ticket.authenticate(VALID_REQUEST)
+    assert_equal 'admin', @ticket.user
+  end
+
+  def test_authenticate_invalid_request_resets_ticket_to_unauthenticated
+    @ticket.authenticate(VALID_REQUEST)
+    assert_equal true, @ticket.authenticated?
+    @ticket.authenticate(INVALID_REQUEST)
+    assert_equal false, @ticket.authenticated?
+  end
+    
+  def test_authenticate_invalid_request
+    @ticket.authenticate(INVALID_REQUEST)
+    assert_equal 'INVALID_REQUEST', @ticket.failure_code    
+    assert_equal 'Ticket or service parameter was missing in the request.', @ticket.failure_message
+  end
+  
+  def test_authenticate_invalid_ticket
+    @ticket.authenticate(INVALID_TICKET)
+    assert_equal 'INVALID_TICKET', @ticket.failure_code    
+    assert_equal 'Ticket ST-1231242314r72465638160B31E8D1 not recognized.', @ticket.failure_message
+  end
+
+end

metadata

@@ -0,0 +1,84 @@
+--- !ruby/object:Gem::Specification 
+name: casablanca
+version: !ruby/object:Gem::Version 
+  version: 0.0.2
+platform: ruby
+authors: 
+- FIX
+autorequire: 
+bindir: bin
+cert_chain: []
+
+date: 2009-01-19 00:00:00 +01:00
+default_executable: 
+dependencies: 
+- !ruby/object:Gem::Dependency 
+  name: hoe
+  type: :development
+  version_requirement: 
+  version_requirements: !ruby/object:Gem::Requirement 
+    requirements: 
+    - - ">="
+      - !ruby/object:Gem::Version 
+        version: 1.8.2
+    version: 
+description: A single sign-on client for the CAS 2.0 protocol
+email: 
+- FIX@example.com
+executables: 
+- casablanca
+extensions: []
+
+extra_rdoc_files: 
+- History.txt
+- Manifest.txt
+files: 
+- History.txt
+- Manifest.txt
+- README.textile
+- Rakefile
+- init.rb
+- bin/casablanca
+- lib/casablanca.rb
+- lib/casablanca/cli.rb
+- lib/casablanca/client.rb
+- lib/casablanca/filters/rails.rb
+- lib/casablanca/response_parsers.rb
+- test/test_client.rb
+- test/test_helper.rb
+- test/test_parser.rb
+- test/test_rails_filter.rb
+- test/test_ticket.rb
+has_rdoc: true
+homepage: http://rubyforge.org/projects/casablanca/
+post_install_message: 
+rdoc_options: 
+- --main
+- README.txt
+require_paths: 
+- lib
+required_ruby_version: !ruby/object:Gem::Requirement 
+  requirements: 
+  - - ">="
+    - !ruby/object:Gem::Version 
+      version: "0"
+  version: 
+required_rubygems_version: !ruby/object:Gem::Requirement 
+  requirements: 
+  - - ">="
+    - !ruby/object:Gem::Version 
+      version: "0"
+  version: 
+requirements: []
+
+rubyforge_project: casablanca
+rubygems_version: 1.2.0
+signing_key: 
+specification_version: 2
+summary: A single sign-on client for the CAS 2.0 protocol
+test_files: 
+- test/test_client.rb
+- test/test_helper.rb
+- test/test_parser.rb
+- test/test_rails_filter.rb
+- test/test_ticket.rb