casino_core 0.0.3 → 0.0.4
Sign up to get free protection for your applications and to get access to all the features.
- data/VERSION +1 -1
- data/casino_core.gemspec +2 -2
- data/lib/casino_core/model/ticket_granting_ticket.rb +8 -0
- data/lib/casino_core/processor/logout.rb +7 -13
- data/lib/casino_core/processor/session_destroyer.rb +15 -4
- data/spec/processor/logout_spec.rb +7 -6
- data/spec/processor/session_destroyer_spec.rb +36 -11
- metadata +3 -3
data/VERSION
CHANGED
@@ -1 +1 @@
|
|
1
|
-
0.0.
|
1
|
+
0.0.4
|
data/casino_core.gemspec
CHANGED
@@ -5,11 +5,11 @@
|
|
5
5
|
|
6
6
|
Gem::Specification.new do |s|
|
7
7
|
s.name = "casino_core"
|
8
|
-
s.version = "0.0.
|
8
|
+
s.version = "0.0.4"
|
9
9
|
|
10
10
|
s.required_rubygems_version = Gem::Requirement.new(">= 0") if s.respond_to? :required_rubygems_version=
|
11
11
|
s.authors = ["Nils Caspar"]
|
12
|
-
s.date = "2012-12-
|
12
|
+
s.date = "2012-12-19"
|
13
13
|
s.description = "A CAS server core library."
|
14
14
|
s.email = "ncaspar@me.com"
|
15
15
|
s.extra_rdoc_files = [
|
@@ -11,4 +11,12 @@ class CASinoCore::Model::TicketGrantingTicket < ActiveRecord::Base
|
|
11
11
|
user_agent = UserAgent.parse(self.user_agent)
|
12
12
|
"#{user_agent.browser} (#{user_agent.platform})"
|
13
13
|
end
|
14
|
+
|
15
|
+
def same_user?(other_ticket)
|
16
|
+
if other_ticket.nil?
|
17
|
+
false
|
18
|
+
else
|
19
|
+
other_ticket.username == self.username
|
20
|
+
end
|
21
|
+
end
|
14
22
|
end
|
@@ -3,21 +3,15 @@ require 'casino_core/helper'
|
|
3
3
|
require 'casino_core/model'
|
4
4
|
|
5
5
|
class CASinoCore::Processor::Logout < CASinoCore::Processor
|
6
|
-
include CASinoCore::Helper
|
6
|
+
include CASinoCore::Helper::TicketGrantingTickets
|
7
7
|
|
8
|
-
def process(params = nil, cookies = nil)
|
9
|
-
params
|
8
|
+
def process(params = nil, cookies = nil, user_agent = nil)
|
9
|
+
params ||= {}
|
10
10
|
cookies ||= {}
|
11
|
-
|
12
|
-
|
13
|
-
|
14
|
-
end
|
15
|
-
|
16
|
-
class DummyListener
|
17
|
-
def ticket_deleted(*args)
|
18
|
-
end
|
19
|
-
|
20
|
-
def ticket_not_found(*args)
|
11
|
+
ticket_granting_ticket = find_valid_ticket_granting_ticket(cookies[:tgt], user_agent)
|
12
|
+
unless ticket_granting_ticket.nil?
|
13
|
+
ticket_granting_ticket.destroy
|
21
14
|
end
|
15
|
+
@listener.user_logged_out(params[:url])
|
22
16
|
end
|
23
17
|
end
|
@@ -2,12 +2,23 @@ require 'casino_core/processor'
|
|
2
2
|
require 'casino_core/helper'
|
3
3
|
require 'casino_core/model'
|
4
4
|
|
5
|
+
# The SessionDestroyer processor is used to destroy a ticket-granting ticket.
|
6
|
+
#
|
7
|
+
# This feature is not described in the CAS specification so it's completly optional
|
8
|
+
# to implement this on the web application side. It is especially useful in
|
9
|
+
# combination with the {CASinoCore::Processor::SessionOverview} processor.
|
5
10
|
class CASinoCore::Processor::SessionDestroyer < CASinoCore::Processor
|
6
|
-
include CASinoCore::Helper
|
7
11
|
|
8
|
-
|
9
|
-
|
10
|
-
|
12
|
+
# This method will call `#ticket_not_found` or `#ticket_deleted` on the listener.
|
13
|
+
# @param [Hash] params parameters supplied by user (ID of ticket-granting ticket to delete should by in params[:id])
|
14
|
+
# @param [Hash] cookies cookies supplied by user
|
15
|
+
# @param [String] user_agent user-agent delivered by the client
|
16
|
+
def process(params = nil, cookies = nil, user_agent = nil)
|
17
|
+
params ||= {}
|
18
|
+
cookies ||= {}
|
19
|
+
ticket = CASinoCore::Model::TicketGrantingTicket.where(id: params[:id]).first
|
20
|
+
owner_ticket = CASinoCore::Model::TicketGrantingTicket.where(ticket: cookies[:tgt]).first
|
21
|
+
if ticket.nil? || !ticket.same_user?(owner_ticket)
|
11
22
|
@listener.ticket_not_found
|
12
23
|
else
|
13
24
|
ticket.destroy
|
@@ -7,6 +7,7 @@ describe CASinoCore::Processor::Logout do
|
|
7
7
|
let(:cookies) { { tgt: tgt } }
|
8
8
|
let(:url) { nil }
|
9
9
|
let(:params) { { :url => url } unless url.nil? }
|
10
|
+
let(:user_agent) { 'TestBrowser 1.0' }
|
10
11
|
|
11
12
|
before(:each) do
|
12
13
|
listener.stub(:user_logged_out)
|
@@ -18,19 +19,19 @@ describe CASinoCore::Processor::Logout do
|
|
18
19
|
ticket: 'TGC-HXdkW233TsRtiqYGq4b8U7',
|
19
20
|
username: 'test',
|
20
21
|
extra_attributes: nil,
|
21
|
-
user_agent:
|
22
|
+
user_agent: user_agent
|
22
23
|
})
|
23
24
|
}
|
24
25
|
let(:tgt) { ticket_granting_ticket.ticket }
|
25
26
|
|
26
|
-
it '
|
27
|
-
|
28
|
-
|
27
|
+
it 'deletes the ticket-granting ticket' do
|
28
|
+
processor.process(params, cookies, user_agent)
|
29
|
+
CASinoCore::Model::TicketGrantingTicket.where(id: ticket_granting_ticket.id).first.should == nil
|
29
30
|
end
|
30
31
|
|
31
32
|
it 'calls the #user_logged_out method on the listener' do
|
32
33
|
listener.should_receive(:user_logged_out).with(nil)
|
33
|
-
processor.process(params, cookies)
|
34
|
+
processor.process(params, cookies, user_agent)
|
34
35
|
end
|
35
36
|
|
36
37
|
context 'with an URL' do
|
@@ -38,7 +39,7 @@ describe CASinoCore::Processor::Logout do
|
|
38
39
|
|
39
40
|
it 'calls the #user_logged_out method on the listener and passes the URL' do
|
40
41
|
listener.should_receive(:user_logged_out).with(url)
|
41
|
-
processor.process(params, cookies)
|
42
|
+
processor.process(params, cookies, user_agent)
|
42
43
|
end
|
43
44
|
end
|
44
45
|
end
|
@@ -5,7 +5,7 @@ describe CASinoCore::Processor::SessionDestroyer do
|
|
5
5
|
let(:listener) { Object.new }
|
6
6
|
let(:processor) { described_class.new(listener) }
|
7
7
|
let(:user_agent) { 'TestBrowser 1.0' }
|
8
|
-
let(:
|
8
|
+
let(:owner_ticket_granting_ticket) {
|
9
9
|
CASinoCore::Model::TicketGrantingTicket.create!({
|
10
10
|
ticket: 'TGC-ocCudGzZjJtrvOXJ485mt3',
|
11
11
|
username: 'test',
|
@@ -13,6 +13,7 @@ describe CASinoCore::Processor::SessionDestroyer do
|
|
13
13
|
user_agent: user_agent
|
14
14
|
})
|
15
15
|
}
|
16
|
+
let(:cookies) { { tgt: owner_ticket_granting_ticket.ticket } }
|
16
17
|
|
17
18
|
before(:each) do
|
18
19
|
listener.stub(:ticket_deleted)
|
@@ -28,40 +29,64 @@ describe CASinoCore::Processor::SessionDestroyer do
|
|
28
29
|
user_agent: user_agent
|
29
30
|
})
|
30
31
|
}
|
31
|
-
let(:
|
32
|
+
let(:params) { { id: ticket_granting_ticket.id } }
|
32
33
|
|
33
34
|
it 'deletes only one ticket-granting ticket' do
|
34
35
|
ticket_granting_ticket
|
35
|
-
|
36
|
+
owner_ticket_granting_ticket
|
36
37
|
lambda do
|
37
|
-
processor.process(
|
38
|
+
processor.process(params, cookies, user_agent)
|
38
39
|
end.should change(CASinoCore::Model::TicketGrantingTicket, :count).by(-1)
|
39
40
|
end
|
40
41
|
|
41
42
|
it 'deletes the ticket-granting ticket' do
|
42
|
-
processor.process(
|
43
|
-
CASinoCore::Model::TicketGrantingTicket.where(
|
43
|
+
processor.process(params, cookies, user_agent)
|
44
|
+
CASinoCore::Model::TicketGrantingTicket.where(id: params[:id]).length.should == 0
|
44
45
|
end
|
45
46
|
|
46
47
|
it 'calls the #ticket_deleted method on the listener' do
|
47
48
|
listener.should_receive(:ticket_deleted).with(no_args)
|
48
|
-
processor.process(
|
49
|
+
processor.process(params, cookies, user_agent)
|
49
50
|
end
|
50
51
|
end
|
51
52
|
|
52
53
|
context 'with an invlaid ticket-granting ticket' do
|
53
|
-
let(:
|
54
|
+
let(:params) { { id: 99999 } }
|
55
|
+
it 'does not delete a ticket-granting ticket' do
|
56
|
+
owner_ticket_granting_ticket
|
57
|
+
lambda do
|
58
|
+
processor.process(params, cookies, user_agent)
|
59
|
+
end.should change(CASinoCore::Model::TicketGrantingTicket, :count).by(0)
|
60
|
+
end
|
61
|
+
|
62
|
+
it 'calls the #ticket_not_found method on the listener' do
|
63
|
+
listener.should_receive(:ticket_not_found).with(no_args)
|
64
|
+
processor.process(params, cookies, user_agent)
|
65
|
+
end
|
66
|
+
end
|
67
|
+
|
68
|
+
context 'when trying to delete ticket-granting ticket of another user' do
|
69
|
+
let(:ticket_granting_ticket) {
|
70
|
+
CASinoCore::Model::TicketGrantingTicket.create!({
|
71
|
+
ticket: 'TGC-HXdkW233TsRtiqYGq4b8U7',
|
72
|
+
username: 'this_is_another_user',
|
73
|
+
extra_attributes: nil,
|
74
|
+
user_agent: user_agent
|
75
|
+
})
|
76
|
+
}
|
77
|
+
let(:params) { { id: ticket_granting_ticket.id } }
|
54
78
|
|
55
79
|
it 'does not delete a ticket-granting ticket' do
|
56
|
-
|
80
|
+
owner_ticket_granting_ticket
|
81
|
+
ticket_granting_ticket
|
57
82
|
lambda do
|
58
|
-
processor.process(
|
83
|
+
processor.process(params, cookies, user_agent)
|
59
84
|
end.should change(CASinoCore::Model::TicketGrantingTicket, :count).by(0)
|
60
85
|
end
|
61
86
|
|
62
87
|
it 'calls the #ticket_not_found method on the listener' do
|
63
88
|
listener.should_receive(:ticket_not_found).with(no_args)
|
64
|
-
processor.process(
|
89
|
+
processor.process(params, cookies, user_agent)
|
65
90
|
end
|
66
91
|
end
|
67
92
|
end
|
metadata
CHANGED
@@ -2,7 +2,7 @@
|
|
2
2
|
name: casino_core
|
3
3
|
version: !ruby/object:Gem::Version
|
4
4
|
prerelease:
|
5
|
-
version: 0.0.
|
5
|
+
version: 0.0.4
|
6
6
|
platform: ruby
|
7
7
|
authors:
|
8
8
|
- Nils Caspar
|
@@ -10,7 +10,7 @@ autorequire:
|
|
10
10
|
bindir: bin
|
11
11
|
cert_chain: []
|
12
12
|
|
13
|
-
date: 2012-12-
|
13
|
+
date: 2012-12-19 00:00:00 Z
|
14
14
|
dependencies:
|
15
15
|
- !ruby/object:Gem::Dependency
|
16
16
|
name: activerecord
|
@@ -219,7 +219,7 @@ required_ruby_version: !ruby/object:Gem::Requirement
|
|
219
219
|
requirements:
|
220
220
|
- - ">="
|
221
221
|
- !ruby/object:Gem::Version
|
222
|
-
hash:
|
222
|
+
hash: 3879793628887711018
|
223
223
|
segments:
|
224
224
|
- 0
|
225
225
|
version: "0"
|