casful_authentication_generator 0.1.0

data/LICENSE

@@ -0,0 +1,20 @@
+Copyright (c) 2009 Brian Hogan
+
+Permission is hereby granted, free of charge, to any person obtaining
+a copy of this software and associated documentation files (the
+"Software"), to deal in the Software without restriction, including
+without limitation the rights to use, copy, modify, merge, publish,
+distribute, sublicense, and/or sell copies of the Software, and to
+permit persons to whom the Software is furnished to do so, subject to
+the following conditions:
+
+The above copyright notice and this permission notice shall be
+included in all copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
+EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
+MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
+NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
+LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
+OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
+WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.

data/README.rdoc

@@ -0,0 +1,67 @@
+= casful_authentication_generator
+
+Helper methods to make authenticating your site with CAS a little easier. Based on Restful Authentication, and uses the rubycas-client plugin.
+
+== Installation
+
+  sudo gem install casful_authentication_generator
+  
+== Usage
+
+In your Rails application's root folder,  run this:
+
+  ruby script/generate casful_authentication user https://cas.example.com/
+  
+This will install the rubycas-client plugin and will create the helper file and the initializer to set up CAS.
+
+Then, add
+
+  include CasAuthentication
+  
+to either ApplicationController or specific controllers that need protecting.
+
+Finally, use
+
+  before_filter :login_required
+  
+to protect your controllers.
+
+== Customization
+
+There are a few ways to customize this code:
+
+== Locating users
+
+The plugin assumes you have a User table and each user has a <tt>login</tt> attribute.  When CAS sends the username back to your app, the helpers will look up the user in your table by the login name.
+
+Want to change this? Redefine the <tt>locate_user</tt> method in your controller.
+
+  def locate_user
+    User.find_by_username(session[:cas_user]) if session[:cas_user]
+  end
+
+The name of this method depends on how you called the generator. aIt would be <tt>locate_account</tt> if you generated the code using "account" instead of "user".
+
+== Access Denied
+
+By default, the access_denied method will be called if the user supplied by CAS is not found in your system. If you want to change the behavior, implement the method <tt>access_denied</tt> in your controller.
+
+  def access_denied
+    render :text => "You don't have access to this"
+  end
+
+== Skipping plugin installation
+
+  Run the generator with the --skip-plugin switch to keep it from installing the rubycas-client plugin.
+
+
+== History
+
+=== 0.1.0 = May 26th, 2009
+Initial release
+
+
+
+== Copyright
+
+Copyright (c) 2009 Brian Hogan. See LICENSE for details.

data/Rakefile

@@ -0,0 +1,59 @@
+require 'rubygems'
+require 'rake'
+
+begin
+  require 'jeweler'
+  Jeweler::Tasks.new do |gem|
+    gem.name = "casful_authentication_generator"
+    gem.summary = %Q{TODO}
+    gem.email = "brianhogan@napcs.com"
+    gem.homepage = "http://github.com/napcs/casful_authentication_generator"
+    gem.authors = ["Brian Hogan"]
+    gem.require_paths = ['.']
+    gem.files =   FileList["[A-Z]*", "templates/*", "*.rb" ]
+    gem.rubyforge_project = "casfulauth"
+    # gem is a Gem::Specification... see http://www.rubygems.org/read/chapter/20 for additional settings
+  end
+
+rescue LoadError
+  puts "Jeweler (or a dependency) not available. Install it with: sudo gem install jeweler"
+end
+
+require 'rake/testtask'
+Rake::TestTask.new(:test) do |test|
+  test.libs << 'lib' << 'test'
+  test.pattern = 'test/**/*_test.rb'
+  test.verbose = true
+end
+
+begin
+  require 'rcov/rcovtask'
+  Rcov::RcovTask.new do |test|
+    test.libs << 'test'
+    test.pattern = 'test/**/*_test.rb'
+    test.verbose = true
+  end
+rescue LoadError
+  task :rcov do
+    abort "RCov is not available. In order to run rcov, you must: sudo gem install spicycode-rcov"
+  end
+end
+
+
+task :default => :test
+
+require 'rake/rdoctask'
+Rake::RDocTask.new do |rdoc|
+  if File.exist?('VERSION.yml')
+    config = YAML.load(File.read('VERSION.yml'))
+    version = "#{config[:major]}.#{config[:minor]}.#{config[:patch]}"
+  else
+    version = ""
+  end
+
+  rdoc.rdoc_dir = 'rdoc'
+  rdoc.title = "casful_authentication_generator #{version}"
+  rdoc.rdoc_files.include('README*')
+  rdoc.rdoc_files.include('lib/**/*.rb')
+end
+

data/VERSION

@@ -0,0 +1 @@
+0.1.0

data/casful_authentication_generator.rb

@@ -0,0 +1,60 @@
+class CasfulAuthenticationGenerator < Rails::Generator::NamedBase
+  
+  attr_reader :cas_server
+  def add_options!(opt)
+    opt.separator ''
+    opt.separator 'Options:'
+    opt.on('--skip-plugin', "does not install the plugin") { |value| options[:skip_plugin] = value }    
+  end
+  
+  def banner
+    "Usage: #{$0} casful_authentication ModelName https://cas.example.com/cas/"
+  end
+  
+  def initialize(runtime_args, runtime_options = {})
+    
+    super
+    runtime_args.shift.inspect
+    @cas_server = runtime_args.shift
+  end
+  
+  def manifest
+    
+
+    record do |m|
+      
+      
+      unless options[:skip_plugin]
+        puts "Installing the Cas plugin from"
+        puts "http://rubycas-client.googlecode.com/svn/trunk/rubycas-client"
+        `ruby script/plugin install http://rubycas-client.googlecode.com/svn/trunk/rubycas-client --force`
+      end
+            
+      m.template "cas_authentication.rb", "lib/cas_authentication.rb"
+      m.template "cas.rb", "config/initializers/cas.rb"
+
+      output = %Q{
+        Done! Be sure to add
+
+           include CasAuthentication  
+
+        to your ApplicationController.
+
+        Then just add
+
+          before_filter :login_required
+
+        to any controllers that need CAS authentication.
+
+      }
+
+      puts output
+    end
+    
+
+    
+    
+    
+  end
+   
+end

data/templates/cas.rb

@@ -0,0 +1,6 @@
+require 'casclient'
+require 'casclient/frameworks/rails/filter'
+
+CASClient::Frameworks::Rails::Filter.configure(
+  :cas_base_url => "<%=cas_server %>"
+)

data/templates/cas_authentication.rb

@@ -0,0 +1,78 @@
+module CasAuthentication
+  protected
+  
+  # Inclusion hook to make #current_user and #logged_in?
+  # available as ActionView helper methods.
+  def self.included(base)
+    base.send :helper_method, :current_<%=singular_name %>, :logged_in?
+  end
+  
+  def logged_in?
+    !!current_<%=singular_name %>
+  end
+  
+  def login_required
+    logged_in? 
+  end
+    
+  def login_from_cas
+     unless session[:cas_user]
+       ## HACK HACK HACK. 
+       # This is gonna get called twice. The first time it gets called is the redirection
+       # to CAS. This needs to redirect. We will explicitly return
+       # if we don't have a cas_user in the session.
+       # The second time through the CAS filter will not redirect. The return
+       # is not necessary, and in fact we'll never get this far if CAS didn't 
+       # let them through, so session[:cas_user] WILL have data in it, so we will 
+       # not return. 
+        CASClient::Frameworks::Rails::Filter.filter(self)
+        return unless session[:cas_user]
+     end
+     # look them up in our system - based on restful_auth's login_from_session
+     self.current_user = locate_<%=singular_name %>
+     access_denied if self.current_<%=singular_name %>.nil?  
+  end
+  
+  # override this in your own controller
+  # if you want different rules, for example
+  # if you would like to find only active users,
+  # or users of a certain role.
+  def locate_<%=singular_name %>
+    <%=class_name %>.find_by_username(session[:cas_user]) if session[:cas_user]
+  end
+  
+  
+  # feel free to override this method in your own controller
+  # to handle situations where they get past CAS but
+  # don't get past your own internal database.
+  def access_denied
+    render :text => "You don't have access to this"
+  end
+
+  
+  # Accesses the current user from the session. 
+  # Future calls avoid the database because nil is not equal to false.
+  def current_<%=singular_name %>
+    @current_user ||= (login_from_cas) unless @current_<%=singular_name %> == false
+  end
+
+  # Store the given user id in the session.
+  def current_<%=singular_name %>=(new_<%=singular_name %>)
+    @current_<%=singular_name %> = new_<%=singular_name %> || false
+  end
+  
+  # Store the URI of the current request in the session.
+  #
+  # We can return to this location by calling #redirect_back_or_default.
+  def store_location
+    session[:return_to] = request.request_uri
+  end
+
+  # Redirect to the URI stored by the most recent store_location call or
+  # to the passed default.
+  def redirect_back_or_default(default)
+    redirect_to(session[:return_to] || default)
+    session[:return_to] = nil
+  end
+  
+end

data/test/casful_authentication_generator_test.rb

@@ -0,0 +1,5 @@
+require 'test_helper'
+
+class CasfulAuthenticationGeneratorTest < Test::Unit::TestCase
+
+end

data/test/test_helper.rb

@@ -0,0 +1,10 @@
+require 'rubygems'
+require 'test/unit'
+require 'shoulda'
+
+$LOAD_PATH.unshift(File.join(File.dirname(__FILE__), '..', 'lib'))
+$LOAD_PATH.unshift(File.dirname(__FILE__))
+require 'casful_authentication_generator'
+
+class Test::Unit::TestCase
+end

metadata

@@ -0,0 +1,61 @@
+--- !ruby/object:Gem::Specification 
+name: casful_authentication_generator
+version: !ruby/object:Gem::Version 
+  version: 0.1.0
+platform: ruby
+authors: 
+- Brian Hogan
+autorequire: 
+bindir: bin
+cert_chain: []
+
+date: 2009-05-26 00:00:00 -05:00
+default_executable: 
+dependencies: []
+
+description: 
+email: brianhogan@napcs.com
+executables: []
+
+extensions: []
+
+extra_rdoc_files: 
+- LICENSE
+- README.rdoc
+files: 
+- LICENSE
+- README.rdoc
+- Rakefile
+- VERSION
+- casful_authentication_generator.rb
+- templates/cas.rb
+- templates/cas_authentication.rb
+has_rdoc: true
+homepage: http://github.com/napcs/casful_authentication_generator
+post_install_message: 
+rdoc_options: 
+- --charset=UTF-8
+require_paths: 
+- .
+required_ruby_version: !ruby/object:Gem::Requirement 
+  requirements: 
+  - - ">="
+    - !ruby/object:Gem::Version 
+      version: "0"
+  version: 
+required_rubygems_version: !ruby/object:Gem::Requirement 
+  requirements: 
+  - - ">="
+    - !ruby/object:Gem::Version 
+      version: "0"
+  version: 
+requirements: []
+
+rubyforge_project: casfulauth
+rubygems_version: 1.3.1
+signing_key: 
+specification_version: 2
+summary: TODO
+test_files: 
+- test/casful_authentication_generator_test.rb
+- test/test_helper.rb