casino 4.0.2 → 4.0.3

Sign up to get free protection for your applications and to get access to all the features.
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA1:
3
- metadata.gz: 71ae1bec7a01169cd48d92273eeb55768520520d
4
- data.tar.gz: ef47204b0f85ebb44aa7c5414aaa4795f60e0e64
3
+ metadata.gz: ae3e798e52bff45a98cc97f8c3ff311eedd8dd49
4
+ data.tar.gz: 1c4c65c4f35d51b3a39834ef57c3a73098e02c04
5
5
  SHA512:
6
- metadata.gz: 85a8433da5b57b226a73e64a4da02fe3a2e709b7320c6f760c26c112f57b11938317754a872661d71fb455c6d46124ec1b8542de4543f601cf36b6cb1e51f231
7
- data.tar.gz: 7d02c691330c9ebfd92cdd3fcc4daa22af1b199d52c7609decc7c396a23a2d1fcfc8cf0a20dc580d80bbdccac63fc89c5ac8f1a0c3be493fd6eba183f8946afc
6
+ metadata.gz: 1c9d475a473c98034e9e1855811816678a9675b0ea289f5e63dc8a3fb080719cacdd351e179e143e2726a4e7ca0d8562c0ff3402c3015be57bb86d608cdc1cea
7
+ data.tar.gz: 7201dfd17c106e0cd256ff043335885f5a6e3e4905a098ddba85fd1502c40e421b50953f54d56713093cbbc730d723a9ce0c3c05ffc7e4c226552086b5d62d43
@@ -1,6 +1,5 @@
1
1
  language: ruby
2
2
  rvm:
3
- - 1.9.3
4
3
  - 2.0.0
5
4
  - 2.1.0
6
5
  - 2.2.2
data/README.md CHANGED
@@ -2,7 +2,7 @@
2
2
 
3
3
  CASino Rails Engine (used in CASinoApp).
4
4
 
5
- It currently supports [CAS 1.0 and CAS 2.0](http://www.jasig.org/cas/protocol) as well as [CAS 3.1 Single Sign Out](https://wiki.jasig.org/display/CASUM/Single+Sign+Out).
5
+ It currently supports [CAS 1.0 and CAS 2.0](http://jasig.github.io/cas) as well as [CAS 3.1 Single Sign Out](https://wiki.jasig.org/display/CASUM/Single+Sign+Out).
6
6
 
7
7
  ## Setup
8
8
 
@@ -15,7 +15,7 @@ class CASino::SessionsController < CASino::ApplicationController
15
15
 
16
16
  def new
17
17
  tgt = current_ticket_granting_ticket
18
- handle_signed_in(tgt) unless params[:renew] || tgt.nil?
18
+ return handle_signed_in(tgt) unless params[:renew] || tgt.nil?
19
19
  redirect_to(params[:service]) if params[:gateway] && params[:service].present?
20
20
  end
21
21
 
@@ -32,7 +32,7 @@ module CASino::SessionsHelper
32
32
  end
33
33
 
34
34
  def sign_in(authentication_result, options = {})
35
- tgt = acquire_ticket_granting_ticket(authentication_result, request.user_agent, options)
35
+ tgt = acquire_ticket_granting_ticket(authentication_result, request.user_agent, request.remote_ip, options)
36
36
  set_tgt_cookie(tgt)
37
37
  handle_signed_in(tgt, options)
38
38
  end
@@ -5,7 +5,7 @@ class CASino::ServiceRule < ActiveRecord::Base
5
5
 
6
6
  def self.allowed?(service_url)
7
7
  rules = self.where(enabled: true)
8
- if rules.empty?
8
+ if rules.empty? && !CASino.config.require_service_rules
9
9
  true
10
10
  else
11
11
  rules.any? { |rule| rule.allows?(service_url) }
@@ -1,3 +1,5 @@
1
+ require 'addressable/uri'
2
+
1
3
  module CASino::ServiceTicketProcessor
2
4
  extend ActiveSupport::Concern
3
5
 
@@ -25,13 +25,14 @@ module CASino::TicketGrantingTicketProcessor
25
25
  end
26
26
  end
27
27
 
28
- def acquire_ticket_granting_ticket(authentication_result, user_agent, options = {})
28
+ def acquire_ticket_granting_ticket(authentication_result, user_agent, user_ip, options = {})
29
29
  user_data = authentication_result[:user_data]
30
30
  user = load_or_initialize_user(authentication_result[:authenticator], user_data[:username], user_data[:extra_attributes])
31
31
  cleanup_expired_ticket_granting_tickets(user)
32
32
  user.ticket_granting_tickets.create!({
33
33
  awaiting_two_factor_authentication: !user.active_two_factor_authenticator.nil?,
34
34
  user_agent: user_agent,
35
+ user_ip: user_ip,
35
36
  long_term: !!options[:long_term]
36
37
  })
37
38
  end
@@ -0,0 +1,88 @@
1
+ ar:
2
+ login_credential_acceptor:
3
+ invalid_login_ticket: "لم يتضمّن طلب تسجيل دخولك شهادة تسجيل صالحة."
4
+ invalid_login_credentials: "اسم المستخدم أو كلمة المرور غير صحيحة."
5
+ login:
6
+ label_username: "اسم المستخدم"
7
+ label_password: "كلمة المرور"
8
+ label_button: "تسجيل الدخول"
9
+ label_remember_me: "البقاء مُسجّلًا الدخول"
10
+ notice:
11
+ service_not_allowed:
12
+ title: "الخدمة غير متوفّرة"
13
+ message: "هذا الخادم SSO غير مُعدّ للسماح بالدخول إلى \"%{service}\". إن كنت تَشك بوجود مشكلة ما يُرجى مراجعة مُدير النظام."
14
+ validate_otp:
15
+ title: "التصديق الثنائي"
16
+ description: "يُرجى إدخال كلمة مرور صالحة لمرّة واحدة."
17
+ code: "الكود"
18
+ submit: "متابعة"
19
+ invalid_otp: "كلمة المرور المُدخلة لمرّة واحدة غير صحيحة."
20
+ logout:
21
+ title: "رافقتك السلامة."
22
+ logged_out_without_url: "سُجّل الخروج بنجاح."
23
+ logged_out_with_url: "زوّد التطبيق الذي قمت بتسجيل الخروج منه برابط من المستحسن متابعته:"
24
+ sessions:
25
+ title: "مرحبًا"
26
+ currently_logged_in_as: "أنت مُسجّل الدخول حاليًا كـ <strong>%{username}</strong>."
27
+ label_logout_button: "تسجيل الخروج"
28
+ your_active_sessions: "الجلسات النشطة"
29
+ table:
30
+ column_browser: "المتصفح"
31
+ column_services: "الخدمات"
32
+ column_activity: "آخر النشاطات الأخيرة"
33
+ current_session: "الجلسة الحالية"
34
+ end_session: "إنهاء الجلسة"
35
+ two_factor_authenticators:
36
+ title: "التصديق الثنائي"
37
+ setup: "إعداد التصديق الثنائي"
38
+ description: "يتطلّب التصديق الثنائي منك إدخال كلمة مرور لمرّة واحدة إضافيّة في كل مرّة تحاول فيها الدخول على حسابك. وتُنشئ كلمة المرور هذه عبر تطبيق مثل <a href='http://support.google.com/accounts/bin/answer.py?hl=en&answer=1066447'>تصديق Google</a> with your mobile phone مع هاتفك الجوّال."
39
+ instructions: "إن كنت تستخدم موثّق Google، امسح كود QR في الأسفل مع التطبيق. أدخل كود التحقق في الحقل النصي في الأسفل."
40
+ disabled: "معطل حاليًا"
41
+ enable: "مفعل"
42
+ enabled: "مفعل حاليًا"
43
+ disable: "معطل"
44
+ cancel: "إلغاء"
45
+ secret: "سري"
46
+ code: "كود التأكيد"
47
+ submit: "تأكيد وتفعيل"
48
+ invalid_one_time_password: "لم تكن كلمة مرور المرّة الواحدة صحيحة."
49
+ invalid_two_factor_authenticator: "انتهت صلاحية المُوثّق الثنائي. فضلًا اتبع التعليمات التالية."
50
+ successfully_activated: "أصبح المُوثّق الثنائي مرتبطًا مع هذا الحساب."
51
+ successfully_deleted: "حُذف المُوثّق الثنائي بنجاح."
52
+ datetime:
53
+ ago: "منذ %{datetime}"
54
+ distance_in_words:
55
+ about_x_hours:
56
+ one: "حوالي ساعة"
57
+ other: "حوالي %{count} ساعات"
58
+ about_x_months:
59
+ one: "حوالي شهر"
60
+ other: "حوالي %{count} أشهر"
61
+ about_x_years:
62
+ one: "حوالي سنة"
63
+ other: "حوالي %{count} أعوام"
64
+ almost_x_years:
65
+ one: "تقريبًا سنة واحدة"
66
+ other: "تقريبًا %{count} أعوام"
67
+ half_a_minute: "نصف دقيقة"
68
+ less_than_x_minutes:
69
+ one: "أقل من دقيقة واحدة"
70
+ other: "أقل من %{count} دقائق"
71
+ less_than_x_seconds:
72
+ one: "أقل من ثانية واحدة"
73
+ other: "أقل من %{count} ثانية"
74
+ over_x_years:
75
+ one: "أكثر من سنة"
76
+ other: "أكثر من %{count} أعوام"
77
+ x_days:
78
+ one: "يوم واحد"
79
+ other: ! "%{count} أيام"
80
+ x_minutes:
81
+ one: "دقيقة واحدة"
82
+ other: ! "%{count} دقائق"
83
+ x_months:
84
+ one: "شهر واحد"
85
+ other: ! "%{count} أشهر"
86
+ x_seconds:
87
+ one: "ثانية واحدة"
88
+ other: ! "%{count} ثواني"
@@ -53,11 +53,11 @@ en:
53
53
  ago: "%{datetime} ago"
54
54
  distance_in_words:
55
55
  about_x_hours:
56
- one: about oue hour
56
+ one: about one hour
57
57
  other: about %{count} hours
58
58
  about_x_months:
59
- one: about one monate
60
- other: about %{count} monates
59
+ one: about one month
60
+ other: about %{count} months
61
61
  about_x_years:
62
62
  one: about one year
63
63
  other: about %{count} years
@@ -0,0 +1,88 @@
1
+ pt-BR:
2
+ login_credential_acceptor:
3
+ invalid_login_ticket: "Por favor, insira seus dados de acesso."
4
+ invalid_login_credentials: "Usuário ou senha incorretos."
5
+ login:
6
+ label_username: "Usuário"
7
+ label_password: "Senha"
8
+ label_button: "Acessar"
9
+ label_remember_me: "Lembre-se de mim"
10
+ notice: ""
11
+ service_not_allowed:
12
+ title: "Serviço não permitido"
13
+ message: "Este servidor SSO não está configurado para aceitar acessos para \"%{service}\". Se isso for um erro, por favor contacte o administrador."
14
+ validate_otp:
15
+ title: "Autenticação dupla"
16
+ description: "Por favor, insira a senha única corretamente"
17
+ code: "Código"
18
+ submit: "Continuar"
19
+ invalid_otp: "A senha única informada está incorreta"
20
+ logout:
21
+ title: "Até logo."
22
+ logged_out_without_url: "Saiu com sucesso"
23
+ logged_out_with_url: "A aplicação que você acabou de sair retornou um link para você:"
24
+ sessions:
25
+ title: "Olá!"
26
+ currently_logged_in_as: "Você está logado como <strong>%{username}</strong>."
27
+ label_logout_button: "Sair"
28
+ your_active_sessions: "Suas sessões ativas"
29
+ table:
30
+ column_browser: "Navegador"
31
+ column_services: "Serviços"
32
+ column_activity: "Atividade mais recente"
33
+ current_session: "Sessão atual"
34
+ end_session: "Finalizar sessão"
35
+ two_factor_authenticators:
36
+ title: "Autenticação dupla"
37
+ setup: "Configure a autenticação dupla"
38
+ description: "A autenticação única requer que você insira uma senha única adicional (OTP) cada vez que você tentar acessar sua conta. Uma senha única (OTP) pode ser criada com uma aplicação como o <a href='http://support.google.com/accounts/bin/answer.py?hl=en&answer=1066447'>Google Authenticator</a> em seu telefone celular."
39
+ instructions: "Se você está utilizando o Google Authenticator, escaneie o QR code abaixo com a aplicação. Insira o código de verificação no campo abaixo."
40
+ disabled: "Desabilitado"
41
+ enable: "Habilitar"
42
+ enabled: "Habilitado"
43
+ disable: "Desabilitar"
44
+ cancel: "Cancelar"
45
+ secret: "Secreto"
46
+ code: "Código de confirmação"
47
+ submit: "Verificar e ativar"
48
+ invalid_one_time_password: "A senha única está incorreta."
49
+ invalid_two_factor_authenticator: "A autenticação dupla expirou. Por favor, siga as instruções baixo."
50
+ successfully_activated: "A autenticação dupla está habilitada para essa conta."
51
+ successfully_deleted: "A autenticação dupla foi excluída com sucesso."
52
+ datetime:
53
+ ago: "%{datetime} atrás"
54
+ distance_in_words:
55
+ about_x_hours:
56
+ one: cerca de uma hora
57
+ other: cerca de %{count} horas
58
+ about_x_months:
59
+ one: cerca de um mês
60
+ other: cerca de %{count} meses
61
+ about_x_years:
62
+ one: cerca de um ano
63
+ other: cerca de %{count} anos
64
+ almost_x_years:
65
+ one: quase um ano
66
+ other: quase %{count} anos
67
+ half_a_minute: meio minuto
68
+ less_than_x_minutes:
69
+ one: menos de um minuto
70
+ other: menos de %{count} minutos
71
+ less_than_x_seconds:
72
+ one: menos de um segundo
73
+ other: menos de %{count} segundos
74
+ over_x_years:
75
+ one: mais de um ano
76
+ other: mais de %{count} anos
77
+ x_days:
78
+ one: um dia
79
+ other: ! '%{count} dias'
80
+ x_minutes:
81
+ one: um minuto
82
+ other: ! '%{count} minutos'
83
+ x_months:
84
+ one: um mês
85
+ other: ! '%{count} meses'
86
+ x_seconds:
87
+ one: um segundo
88
+ other: ! '%{count} segundos'
@@ -0,0 +1,9 @@
1
+ class AddUserIpToTicketGrantingTicket < ActiveRecord::Migration
2
+ def up
3
+ add_column :casino_ticket_granting_tickets, :user_ip, :string
4
+ end
5
+
6
+ def down
7
+ remove_column :casino_ticket_granting_tickets, :user_ip
8
+ end
9
+ end
@@ -6,6 +6,7 @@ module CASino
6
6
 
7
7
  defaults = {
8
8
  authenticators: HashWithIndifferentAccess.new,
9
+ require_service_rules: false,
9
10
  logger: Rails.logger,
10
11
  frontend: HashWithIndifferentAccess.new(
11
12
  sso_name: 'CASino',
@@ -2,6 +2,5 @@
2
2
  # the Railtie is going to declare a table_name_suffix based upon the name of the
3
3
  # Railtie. Without this definition, the Railtie would use 'ca_s_ino'
4
4
  ActiveSupport::Inflector.inflections do |inflect|
5
- inflect.acronym 'CAS'
6
5
  inflect.acronym 'CASino'
7
6
  end
@@ -1,3 +1,3 @@
1
1
  module CASino
2
- VERSION = '4.0.2'
2
+ VERSION = '4.0.3'
3
3
  end
@@ -204,6 +204,12 @@ describe CASino::SessionsController do
204
204
  response.cookies['tgt'].should_not be_nil
205
205
  end
206
206
 
207
+ it 'saves user_ip' do
208
+ post :create, request_options
209
+ tgt = CASino::TicketGrantingTicket.last
210
+ tgt.user_ip.should == '0.0.0.0'
211
+ end
212
+
207
213
  context 'with rememberMe set' do
208
214
  let(:cookie_jar) { HashWithIndifferentAccess.new }
209
215
 
@@ -0,0 +1,10 @@
1
+ # This migration comes from casino (originally 20151022192752)
2
+ class AddUserIpToTicketGrantingTicket < ActiveRecord::Migration
3
+ def up
4
+ add_column :casino_ticket_granting_tickets, :user_ip, :string
5
+ end
6
+
7
+ def down
8
+ remove_column :casino_ticket_granting_tickets, :user_ip
9
+ end
10
+ end
@@ -11,7 +11,7 @@
11
11
  #
12
12
  # It's strongly recommended that you check this file into your version control system.
13
13
 
14
- ActiveRecord::Schema.define(version: 20140831214852) do
14
+ ActiveRecord::Schema.define(version: 20151026130743) do
15
15
 
16
16
  create_table "casino_auth_token_tickets", force: true do |t|
17
17
  t.string "ticket", null: false
@@ -89,6 +89,7 @@ ActiveRecord::Schema.define(version: 20140831214852) do
89
89
  t.boolean "long_term", default: false, null: false
90
90
  t.datetime "created_at"
91
91
  t.datetime "updated_at"
92
+ t.string "user_ip"
92
93
  end
93
94
 
94
95
  add_index "casino_ticket_granting_tickets", ["ticket"], name: "index_casino_ticket_granting_tickets_on_ticket", unique: true
@@ -3,9 +3,23 @@ require 'spec_helper'
3
3
  describe CASino::ServiceRule do
4
4
  describe '.allowed?' do
5
5
  context 'with an empty table' do
6
- ['https://www.example.org/', 'http://www.google.com/'].each do |service_url|
7
- it "allows access to #{service_url}" do
8
- described_class.allowed?(service_url).should == true
6
+ context 'with default settings' do
7
+ ['https://www.example.org/', 'http://www.google.com/'].each do |service_url|
8
+ it "allows access to #{service_url}" do
9
+ described_class.allowed?(service_url).should == true
10
+ end
11
+ end
12
+ end
13
+
14
+ context 'with require_service_rules option' do
15
+ before(:each) do
16
+ CASino.config.require_service_rules = true
17
+ end
18
+
19
+ ['https://www.example.org/', 'http://www.google.com/'].each do |service_url|
20
+ it "does not allow access to #{service_url}" do
21
+ described_class.allowed?(service_url).should == false
22
+ end
9
23
  end
10
24
  end
11
25
  end
@@ -28,6 +28,14 @@ describe CASino::TicketGrantingTicket do
28
28
  end
29
29
  end
30
30
 
31
+ describe "user_ip" do
32
+
33
+ it 'returns request remote_ip' do
34
+ ticket_granting_ticket.user_ip.should == '127.0.0.1'
35
+ end
36
+
37
+ end
38
+
31
39
  describe '#browser_info' do
32
40
  let(:user_agent) { Object.new }
33
41
  before(:each) do
@@ -7,6 +7,7 @@ FactoryGirl.define do
7
7
  "TGC-ticket#{n}"
8
8
  end
9
9
  user_agent 'TestBrowser 1.0'
10
+ user_ip '127.0.0.1'
10
11
 
11
12
  trait :awaiting_two_factor_authentication do
12
13
  awaiting_two_factor_authentication true
metadata CHANGED
@@ -1,7 +1,7 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: casino
3
3
  version: !ruby/object:Gem::Version
4
- version: 4.0.2
4
+ version: 4.0.3
5
5
  platform: ruby
6
6
  authors:
7
7
  - Nils Caspar
@@ -10,7 +10,7 @@ authors:
10
10
  autorequire:
11
11
  bindir: bin
12
12
  cert_chain: []
13
- date: 2015-07-30 00:00:00.000000000 Z
13
+ date: 2015-12-18 00:00:00.000000000 Z
14
14
  dependencies:
15
15
  - !ruby/object:Gem::Dependency
16
16
  name: capybara
@@ -374,9 +374,11 @@ files:
374
374
  - config/database.yml
375
375
  - config/initializers/mime_types.rb
376
376
  - config/initializers/wrap_parameters.rb
377
+ - config/locales/ar.yml
377
378
  - config/locales/de.yml
378
379
  - config/locales/en.yml
379
380
  - config/locales/fr.yml
381
+ - config/locales/pt-BR.yml
380
382
  - config/locales/zh-CN.yml
381
383
  - config/locales/zh-TW.yml
382
384
  - config/routes.rb
@@ -388,6 +390,7 @@ files:
388
390
  - db/migrate/20140821142611_change_user_agent_to_text.rb
389
391
  - db/migrate/20140827183611_fix_length_of_text_fields.rb
390
392
  - db/migrate/20140831205255_create_auth_token_tickets.rb
393
+ - db/migrate/20151022192752_add_user_ip_to_ticket_granting_ticket.rb
391
394
  - lib/assets/.gitkeep
392
395
  - lib/casino.rb
393
396
  - lib/casino/authenticator.rb
@@ -455,6 +458,7 @@ files:
455
458
  - spec/dummy/db/migrate/20140831214850_change_user_agent_to_text.casino.rb
456
459
  - spec/dummy/db/migrate/20140831214851_fix_length_of_text_fields.casino.rb
457
460
  - spec/dummy/db/migrate/20140831214852_create_auth_token_tickets.casino.rb
461
+ - spec/dummy/db/migrate/20151026130743_add_user_ip_to_ticket_granting_ticket.casino.rb
458
462
  - spec/dummy/db/schema.rb
459
463
  - spec/dummy/lib/assets/.gitkeep
460
464
  - spec/dummy/log/.gitkeep
@@ -513,7 +517,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
513
517
  version: '0'
514
518
  requirements: []
515
519
  rubyforge_project:
516
- rubygems_version: 2.4.5
520
+ rubygems_version: 2.4.5.1
517
521
  signing_key:
518
522
  specification_version: 4
519
523
  summary: A simple CAS server written in Ruby using the Rails framework.
@@ -561,6 +565,7 @@ test_files:
561
565
  - spec/dummy/db/migrate/20140831214850_change_user_agent_to_text.casino.rb
562
566
  - spec/dummy/db/migrate/20140831214851_fix_length_of_text_fields.casino.rb
563
567
  - spec/dummy/db/migrate/20140831214852_create_auth_token_tickets.casino.rb
568
+ - spec/dummy/db/migrate/20151026130743_add_user_ip_to_ticket_granting_ticket.casino.rb
564
569
  - spec/dummy/db/schema.rb
565
570
  - spec/dummy/lib/assets/.gitkeep
566
571
  - spec/dummy/log/.gitkeep