casino_core 1.1.0 → 1.2.0

data/Gemfile.lock

@@ -1,7 +1,7 @@
 PATH
   remote: .
   specs:
-    casino_core (1.1.0)
+    casino_core (1.2.0)
       activerecord (~> 3.2.9)
       addressable (~> 2.3)
       terminal-table (~> 1.4)

data/UPGRADE.md

@@ -2,6 +2,12 @@
 
 Here is a list of backward-incompatible changes that were introduced.
 
+## 1.2.0
+
+API changes:
+
+* We extracted user data into an entity. Because of this, attributes such as `username` are no longer accessible directly on a `ticket_granting_ticket`. Use `ticket_granting_ticket.user.username` instead.
+
 ## 1.1.0
 
 API changes:
@@ -10,5 +16,5 @@ API changes:
 
 New callbacks:
 
-* `login_credential_requestor` calls `#service_not_allowed` on the listener, when a service is not in the service whitelist.
+* `login_credential_requestor` and `login_credential_acceptor` call `#service_not_allowed` on the listener, when a service is not in the service whitelist.
 * `api/service_ticket_provider` calls `#service_not_allowed_via_api` on the listener, when a service is not in the service whitelist.

data/casino-public_cert.pem

@@ -0,0 +1,19 @@
+-----BEGIN CERTIFICATE-----
+MIIDKjCCAhKgAwIBAgIBADANBgkqhkiG9w0BAQUFADA7MQ0wCwYDVQQDDARpbmZv
+MRUwEwYKCZImiZPyLGQBGRYFcmJjYXMxEzARBgoJkiaJk/IsZAEZFgNjb20wHhcN
+MTMwMjAyMjIyNjI2WhcNMTQwMjAyMjIyNjI2WjA7MQ0wCwYDVQQDDARpbmZvMRUw
+EwYKCZImiZPyLGQBGRYFcmJjYXMxEzARBgoJkiaJk/IsZAEZFgNjb20wggEiMA0G
+CSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDbdmNy4heNReG8LXB2nakrpArkqWvw
+jVnxXMLS6T5qebfLWal1PRoPHzbhRGmA3uCYYYuVuXv6V1VmCtnM0mj3YgN6h61D
+D+Wnh1KT8sUYhRB36MNtmierS1EcMyvRujXRLk6x06Abz9bJadyEW7DS4VkpCz9n
+f9MEnHqIlyQBPP3zHsDyMrTrIBuvDWPr+aAMKqIXLjqWep1Ebd//ppNcSiVF87s+
+e0JaFe7/1alxIPGOak/cGEvom42TLGdPKyu0Xjk2n/cWTAlBshFPOQS3hks6Rh8s
+Vzwj0LQvU0rhXJWHNb6WujKjiwsvzSTlGydNwIENprJIAQJsaIX3RQInAgMBAAGj
+OTA3MAkGA1UdEwQCMAAwHQYDVR0OBBYEFKyL/UzGU8IZneOjr73XPCLZJ7QuMAsG
+A1UdDwQEAwIEsDANBgkqhkiG9w0BAQUFAAOCAQEAUK+fuki/gUhIlJqM24NCs/y3
+SoqCGP0z+c5g+BMu3sc3xIN/mH+HYlPaEa6Wj4bwmSVgThaZ54OsmRyZIK1VoAym
+T4zOqCwt0twT2az1P6XThVMEebLjZDbuQ/oQzU/fA6DYqjnfmYNtgp5qYX6CKNJz
+w3YRKrK2X6qYYHcHI/KL5wc1DOn+UNU4efmP0VVd5UNfR40IBLNtxX96X9YTXOHE
+wQsLi+Ljnz+UaORk1dxZlcXYGc34wFg1oURvu0G8/YyHUAmIU/WKrjr1bgcf1VRv
+R4KD1MnUV/v502piMlXmjxOWdbK8yvQEHksu/zjbCjSu+M2kwFmWGsx5nx+Vdw==
+-----END CERTIFICATE-----

data/casino_core.gemspec

@@ -17,6 +17,9 @@ Gem::Specification.new do |s|
   s.executables   = `git ls-files -- bin/*`.split("\n").map{ |f| File.basename(f) }
   s.require_paths = ['lib']
 
+  s.signing_key   = File.expand_path '~/.gem/casino-private_key.pem'
+  s.cert_chain    = ['casino-public_cert.pem']
+
   s.add_development_dependency 'rake', '~> 10.0'
   s.add_development_dependency 'rspec', '~> 2.12'
   s.add_development_dependency 'simplecov', '~> 0.7'

data/db/migrate/20130202210100_create_users.rb

@@ -0,0 +1,34 @@
+class CreateUsers < ActiveRecord::Migration
+  def up
+    tgt = CASinoCore::Model::TicketGrantingTicket.new
+    tgt.authenticator = 'foo'
+    tgt.username = 'bar'
+    tgt.ticket = 'TGT-bla'
+    tgt.save!
+
+    create_table :users do |t|
+      t.string :authenticator, null: false
+      t.string :username, null: false
+      t.text :extra_attributes
+
+      t.timestamps
+    end
+
+    add_index :users, [:authenticator, :username], unique: true
+
+    remove_index :ticket_granting_tickets, [:authenticator, :username]
+    add_column :ticket_granting_tickets, :user_id, :integer, null: true
+    CASinoCore::Model::TicketGrantingTicket.reset_column_information
+    CASinoCore::Model::TicketGrantingTicket.all.each do |ticket|
+      user = CASinoCore::Model::User.where(
+        authenticator: ticket.authenticator,
+        username: ticket.username).first_or_initialize
+      user.extra_attributes = ticket.extra_attributes
+      user.save!
+      ticket.user_id = user.id
+      ticket.save!
+    end
+    change_column :ticket_granting_tickets, :user_id, :integer, null: false
+    remove_columns :ticket_granting_tickets, :authenticator, :username, :extra_attributes
+  end
+end

data/db/schema.rb

@@ -11,7 +11,7 @@
 #
 # It's strongly recommended to check this file into your version control system.
 
-ActiveRecord::Schema.define(:version => 20130105152327) do
+ActiveRecord::Schema.define(:version => 20130202210100) do
 
   create_table "login_tickets", :force => true do |t|
     t.string   "ticket",     :null => false
@@ -73,16 +73,23 @@ ActiveRecord::Schema.define(:version => 20130105152327) do
   add_index "service_tickets", ["ticket_granting_ticket_id"], :name => "index_service_tickets_on_ticket_granting_ticket_id"
 
   create_table "ticket_granting_tickets", :force => true do |t|
-    t.string   "ticket",           :null => false
+    t.string   "ticket",     :null => false
+    t.datetime "created_at", :null => false
+    t.datetime "updated_at", :null => false
+    t.string   "user_agent"
+    t.integer  "user_id",    :null => false
+  end
+
+  add_index "ticket_granting_tickets", ["ticket"], :name => "index_ticket_granting_tickets_on_ticket", :unique => true
+
+  create_table "users", :force => true do |t|
+    t.string   "authenticator",    :null => false
     t.string   "username",         :null => false
     t.text     "extra_attributes"
     t.datetime "created_at",       :null => false
     t.datetime "updated_at",       :null => false
-    t.string   "user_agent"
-    t.string   "authenticator",    :null => false
   end
 
-  add_index "ticket_granting_tickets", ["authenticator", "username"], :name => "index_ticket_granting_tickets_on_authenticator_and_username"
-  add_index "ticket_granting_tickets", ["ticket"], :name => "index_ticket_granting_tickets_on_ticket", :unique => true
+  add_index "users", ["authenticator", "username"], :name => "index_users_on_authenticator_and_username", :unique => true
 
 end

data/lib/casino_core/builder/ticket_validation_response.rb

@@ -45,11 +45,12 @@ class CASinoCore::Builder::TicketValidationResponse < CASinoCore::Builder
   end
 
   def build_success_xml(service_response, ticket, ticket_granting_ticket, proxies)
+    user = ticket_granting_ticket.user
     service_response.cas :authenticationSuccess do |authentication_success|
-      authentication_success.cas :user, ticket_granting_ticket.username
-      unless ticket_granting_ticket.extra_attributes.blank?
+      authentication_success.cas :user, user.username
+      unless user.extra_attributes.blank?
         authentication_success.cas :attributes do |attributes|
-          ticket_granting_ticket.extra_attributes.each do |key, value|
+          user.extra_attributes.each do |key, value|
             serialize_extra_attribute(attributes, key, value)
           end
         end

data/lib/casino_core/helper/ticket_granting_tickets.rb

@@ -12,6 +12,7 @@ module CASinoCore
         unless ticket_granting_ticket.nil?
           if same_browser?(ticket_granting_ticket.user_agent, user_agent)
             ticket_granting_ticket.user_agent = user_agent
+            ticket_granting_ticket.touch
             ticket_granting_ticket.save!
             ticket_granting_ticket
           else
@@ -23,15 +24,22 @@ module CASinoCore
 
       def acquire_ticket_granting_ticket(authentication_result, user_agent = nil)
         user_data = authentication_result[:user_data]
-        CASinoCore::Model::TicketGrantingTicket.create!({
+        user = load_or_initialize_user(authentication_result[:authenticator], user_data[:username], user_data[:extra_attributes])
+        user.ticket_granting_tickets.create!({
           ticket: random_ticket_string('TGC'),
-          authenticator: authentication_result[:authenticator],
-          username: user_data[:username],
-          extra_attributes: user_data[:extra_attributes],
           user_agent: user_agent
         })
       end
 
+      def load_or_initialize_user(authenticator, username, extra_attributes)
+        user = CASinoCore::Model::User.where(
+          authenticator: authenticator,
+          username: username).first_or_initialize
+        user.extra_attributes = extra_attributes
+        user.save!
+        return user
+      end
+
       def remove_ticket_granting_ticket(ticket_granting_ticket, user_agent = nil)
         tgt = find_valid_ticket_granting_ticket(ticket_granting_ticket, user_agent)
         unless tgt.nil?

data/lib/casino_core/model/ticket_granting_ticket.rb

@@ -1,9 +1,10 @@
 require 'casino_core/model'
 
 class CASinoCore::Model::TicketGrantingTicket < ActiveRecord::Base
-  attr_accessible :ticket, :authenticator, :username, :user_agent, :extra_attributes
-  serialize :extra_attributes, Hash
+  attr_accessible :ticket, :user_agent
   validates :ticket, uniqueness: true
+
+  belongs_to :user
   has_many :service_tickets
 
   before_destroy :destroy_service_tickets
@@ -24,7 +25,7 @@ class CASinoCore::Model::TicketGrantingTicket < ActiveRecord::Base
     if other_ticket.nil?
       false
     else
-      other_ticket.username == self.username && other_ticket.authenticator == self.authenticator
+      other_ticket.user_id == self.user_id
     end
   end
 

data/lib/casino_core/model/user.rb

@@ -0,0 +1,8 @@
+require 'casino_core/model'
+
+class CASinoCore::Model::User < ActiveRecord::Base
+  attr_accessible :authenticator, :username, :extra_attributes
+  serialize :extra_attributes, Hash
+
+  has_many :ticket_granting_tickets
+end

data/lib/casino_core/model.rb

@@ -8,5 +8,6 @@ module CASinoCore
     autoload :ProxyGrantingTicket, 'casino_core/model/proxy_granting_ticket.rb'
     autoload :ProxyTicket, 'casino_core/model/proxy_ticket.rb'
     autoload :TicketGrantingTicket, 'casino_core/model/ticket_granting_ticket.rb'
+    autoload :User, 'casino_core/model/user.rb'
   end
 end

data/lib/casino_core/processor/legacy_validator.rb

@@ -16,7 +16,7 @@ class CASinoCore::Processor::LegacyValidator < CASinoCore::Processor
     params ||= {}
     ticket = CASinoCore::Model::ServiceTicket.where(ticket: params[:ticket]).first
     if !params[:service].nil? && ticket_valid_for_service?(ticket, params[:service], !!params[:renew])
-      @listener.validation_succeeded("yes\n#{ticket.ticket_granting_ticket.username}\n")
+      @listener.validation_succeeded("yes\n#{ticket.ticket_granting_ticket.user.username}\n")
     else
       @listener.validation_failed("no\n\n")
     end

data/lib/casino_core/processor/session_overview.rb

@@ -18,10 +18,7 @@ class CASinoCore::Processor::SessionOverview < CASinoCore::Processor
     if tgt.nil?
       @listener.user_not_logged_in
     else
-      ticket_granting_tickets = CASinoCore::Model::TicketGrantingTicket.where(
-        username: tgt.username,
-        authenticator: tgt.authenticator
-      ).order('updated_at DESC')
+      ticket_granting_tickets = tgt.user.ticket_granting_tickets
       @listener.ticket_granting_tickets_found(ticket_granting_tickets)
     end
   end

data/lib/casino_core/version.rb

@@ -1,3 +1,3 @@
 module CASinoCore
-  VERSION = '1.1.0'
+  VERSION = '1.2.0'
 end

data/spec/model/ticket_granting_ticket_spec.rb

@@ -65,23 +65,15 @@ describe CASinoCore::Model::TicketGrantingTicket do
     end
 
     context 'with a ticket from another user' do
-      let(:other_ticket_granting_ticket) { FactoryGirl.create :ticket_granting_ticket, username: 'bla'  }
+      let(:other_ticket_granting_ticket) { FactoryGirl.create :ticket_granting_ticket  }
 
       it 'should return false' do
         ticket_granting_ticket.same_user?(other_ticket_granting_ticket).should == false
       end
     end
 
-    context 'with a ticket from another authenticator' do
-      let(:other_ticket_granting_ticket) { FactoryGirl.create :ticket_granting_ticket, authenticator: 'bla'  }
-
-      it 'should return false' do
-        ticket_granting_ticket.same_user?(other_ticket_granting_ticket).should == false
-      end
-    end
-
-    context 'with a ticket from the same user and authenticator' do
-      let(:other_ticket_granting_ticket) { FactoryGirl.create :ticket_granting_ticket }
+    context 'with a ticket from the same user' do
+      let(:other_ticket_granting_ticket) { FactoryGirl.create :ticket_granting_ticket, user: ticket_granting_ticket.user }
 
       it 'should return true' do
         ticket_granting_ticket.same_user?(other_ticket_granting_ticket).should == true

data/spec/processor/legacy_validator_spec.rb

@@ -6,6 +6,7 @@ describe CASinoCore::Processor::LegacyValidator do
     let(:processor) { described_class.new(listener) }
     let(:service_ticket) { FactoryGirl.create :service_ticket }
     let(:parameters) { { service: service_ticket.service, ticket: service_ticket.ticket }}
+    let(:username) { service_ticket.ticket_granting_ticket.user.username }
 
     before(:each) do
       listener.stub(:validation_failed)
@@ -21,7 +22,7 @@ describe CASinoCore::Processor::LegacyValidator do
         end
 
         it 'calls the #validation_succeeded method on the listener' do
-          listener.should_receive(:validation_succeeded).with("yes\ntest\n")
+          listener.should_receive(:validation_succeeded).with("yes\n#{username}\n")
           processor.process(parameters)
         end
       end
@@ -55,7 +56,7 @@ describe CASinoCore::Processor::LegacyValidator do
           end
 
           it 'calls the #validation_succeeded method on the listener' do
-            listener.should_receive(:validation_succeeded).with("yes\ntest\n")
+            listener.should_receive(:validation_succeeded).with("yes\n#{username}\n")
             processor.process(parameters_with_renew)
           end
         end

data/spec/processor/login_credential_acceptor_spec.rb

@@ -33,7 +33,9 @@ describe CASinoCore::Processor::LoginCredentialAcceptor do
 
       context 'with valid credentials' do
         let(:service) { 'https://www.example.org' }
-        let(:login_data) { { lt: login_ticket.ticket, username: 'testuser', password: 'foobar123', service: service } }
+        let(:username) { 'testuser' }
+        let(:authenticator) { 'static_1' }
+        let(:login_data) { { lt: login_ticket.ticket, username: username, password: 'foobar123', service: service } }
 
         before(:each) do
           listener.stub(:user_logged_in)
@@ -77,6 +79,38 @@ describe CASinoCore::Processor::LoginCredentialAcceptor do
               processor.process(login_data)
             end.should change(CASinoCore::Model::TicketGrantingTicket, :count).by(1)
           end
+
+          context 'when the user does not exist yet' do
+            it 'generates exactly one user' do
+              lambda do
+                processor.process(login_data)
+              end.should change(CASinoCore::Model::User, :count).by(1)
+            end
+
+            it 'sets the users attributes' do
+              processor.process(login_data)
+              user = CASinoCore::Model::User.last
+              user.username.should == username
+              user.authenticator.should == 'static_1'
+            end
+          end
+
+          context 'when the user already exists' do
+            it 'does not regenerate the user' do
+              CASinoCore::Model::User.create! username: username, authenticator: authenticator
+              lambda do
+                processor.process(login_data)
+              end.should_not change(CASinoCore::Model::User, :count)
+            end
+
+            it 'updates the extra attributes' do
+              user = CASinoCore::Model::User.create! username: username, authenticator: authenticator
+              lambda do
+                processor.process(login_data)
+                user.reload
+              end.should change(user, :extra_attributes)
+            end
+          end
         end
 
         context 'with a service' do

data/spec/processor/session_destroyer_spec.rb

@@ -5,6 +5,7 @@ describe CASinoCore::Processor::SessionDestroyer do
     let(:listener) { Object.new }
     let(:processor) { described_class.new(listener) }
     let(:owner_ticket_granting_ticket) { FactoryGirl.create :ticket_granting_ticket }
+    let(:user) { owner_ticket_granting_ticket.user }
     let(:user_agent) { owner_ticket_granting_ticket.user_agent }
     let(:cookies) { { tgt: owner_ticket_granting_ticket.ticket } }
 
@@ -14,12 +15,12 @@ describe CASinoCore::Processor::SessionDestroyer do
     end
 
     context 'with an existing ticket-granting ticket' do
-      let(:ticket_granting_ticket) { FactoryGirl.create :ticket_granting_ticket }
+      let(:ticket_granting_ticket) { FactoryGirl.create :ticket_granting_ticket, user: user }
       let(:service_ticket) { FactoryGirl.create :service_ticket, ticket_granting_ticket: ticket_granting_ticket }
       let(:consumed_service_ticket) { FactoryGirl.create :service_ticket, :consumed, ticket_granting_ticket: ticket_granting_ticket }
       let(:params) { { id: ticket_granting_ticket.id } }
 
-      it 'deletes only one ticket-granting ticket' do
+      it 'deletes exactly one ticket-granting ticket' do
         ticket_granting_ticket
         owner_ticket_granting_ticket
         lambda do
@@ -54,7 +55,7 @@ describe CASinoCore::Processor::SessionDestroyer do
     end
 
     context 'when trying to delete ticket-granting ticket of another user' do
-      let(:ticket_granting_ticket) { FactoryGirl.create :ticket_granting_ticket, username: 'other_user' }
+      let(:ticket_granting_ticket) { FactoryGirl.create :ticket_granting_ticket }
       let(:params) { { id: ticket_granting_ticket.id } }
 
       it 'does not delete a ticket-granting ticket' do

data/spec/processor/session_overview_spec.rb

@@ -5,6 +5,7 @@ describe CASinoCore::Processor::SessionOverview do
     let(:listener) { Object.new }
     let(:processor) { described_class.new(listener) }
     let(:other_ticket_granting_ticket) { FactoryGirl.create :ticket_granting_ticket }
+    let(:user) { other_ticket_granting_ticket.user }
     let(:user_agent) { other_ticket_granting_ticket.user_agent }
     let(:cookies) { { tgt: tgt } }
 
@@ -15,7 +16,7 @@ describe CASinoCore::Processor::SessionOverview do
     end
 
     context 'with an existing ticket-granting ticket' do
-      let(:ticket_granting_ticket) { FactoryGirl.create :ticket_granting_ticket }
+      let(:ticket_granting_ticket) { FactoryGirl.create :ticket_granting_ticket, user: user }
       let(:tgt) { ticket_granting_ticket.ticket }
       it 'calls the #ticket_granting_tickets_found method on the listener' do
         listener.should_receive(:ticket_granting_tickets_found) do |tickets|
@@ -26,7 +27,7 @@ describe CASinoCore::Processor::SessionOverview do
     end
 
     context 'with a ticket-granting ticket with same username but different authenticator' do
-      let(:ticket_granting_ticket) { FactoryGirl.create :ticket_granting_ticket, authenticator: 'other' }
+      let(:ticket_granting_ticket) { FactoryGirl.create :ticket_granting_ticket }
       let(:tgt) { ticket_granting_ticket.ticket }
 
       it 'calls the #ticket_granting_tickets_found method on the listener' do

data/spec/support/factories/ticket_granting_ticket_factory.rb

@@ -2,12 +2,10 @@ require 'factory_girl'
 
 FactoryGirl.define do
   factory :ticket_granting_ticket, class: CASinoCore::Model::TicketGrantingTicket do
+    user
     sequence :ticket do |n|
       "TGC-ticket#{n}"
     end
-    authenticator 'test'
-    username 'test'
-    extra_attributes({ fullname: "Test User", age: 15, roles: [:user] })
     user_agent 'TestBrowser 1.0'
   end
 end

data/spec/support/factories/user_factory.rb

@@ -0,0 +1,11 @@
+require 'factory_girl'
+
+FactoryGirl.define do
+  factory :user, class: CASinoCore::Model::User do
+    authenticator 'test'
+    sequence(:username) do |n|
+      "test#{n}"
+    end
+    extra_attributes({ fullname: "Test User", age: 15, roles: [:user] })
+  end
+end

metadata

@@ -1,14 +1,41 @@
 --- !ruby/object:Gem::Specification
 name: casino_core
 version: !ruby/object:Gem::Version
-  version: 1.1.0
+  version: 1.2.0
   prerelease: 
 platform: ruby
 authors:
 - Nils Caspar
 autorequire: 
 bindir: bin
-cert_chain: []
+cert_chain:
+- !binary |-
+  LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tCk1JSURLakNDQWhLZ0F3SUJB
+  Z0lCQURBTkJna3Foa2lHOXcwQkFRVUZBREE3TVEwd0N3WURWUVFEREFScGJt
+  WnYKTVJVd0V3WUtDWkltaVpQeUxHUUJHUllGY21KallYTXhFekFSQmdvSmtp
+  YUprL0lzWkFFWkZnTmpiMjB3SGhjTgpNVE13TWpBeU1qSXlOakkyV2hjTk1U
+  UXdNakF5TWpJeU5qSTJXakE3TVEwd0N3WURWUVFEREFScGJtWnZNUlV3CkV3
+  WUtDWkltaVpQeUxHUUJHUllGY21KallYTXhFekFSQmdvSmtpYUprL0lzWkFF
+  WkZnTmpiMjB3Z2dFaU1BMEcKQ1NxR1NJYjNEUUVCQVFVQUE0SUJEd0F3Z2dF
+  S0FvSUJBUURiZG1OeTRoZU5SZUc4TFhCMm5ha3JwQXJrcVd2dwpqVm54WE1M
+  UzZUNXFlYmZMV2FsMVBSb1BIemJoUkdtQTN1Q1lZWXVWdVh2NlYxVm1DdG5N
+  MG1qM1lnTjZoNjFECkQrV25oMUtUOHNVWWhSQjM2TU50bWllclMxRWNNeXZS
+  dWpYUkxrNngwNkFiejliSmFkeUVXN0RTNFZrcEN6OW4KZjlNRW5IcUlseVFC
+  UFAzekhzRHlNclRySUJ1dkRXUHIrYUFNS3FJWExqcVdlcDFFYmQvL3BwTmNT
+  aVZGODdzKwplMEphRmU3LzFhbHhJUEdPYWsvY0dFdm9tNDJUTEdkUEt5dTBY
+  amsybi9jV1RBbEJzaEZQT1FTM2hrczZSaDhzClZ6d2owTFF2VTByaFhKV0hO
+  YjZXdWpLaml3c3Z6U1RsR3lkTndJRU5wckpJQVFKc2FJWDNSUUluQWdNQkFB
+  R2oKT1RBM01Ba0dBMVVkRXdRQ01BQXdIUVlEVlIwT0JCWUVGS3lML1V6R1U4
+  SVpuZU9qcjczWFBDTFpKN1F1TUFzRwpBMVVkRHdRRUF3SUVzREFOQmdrcWhr
+  aUc5dzBCQVFVRkFBT0NBUUVBVUsrZnVraS9nVWhJbEpxTTI0TkNzL3kzClNv
+  cUNHUDB6K2M1ZytCTXUzc2MzeElOL21IK0hZbFBhRWE2V2o0YndtU1ZnVGhh
+  WjU0T3NtUnlaSUsxVm9BeW0KVDR6T3FDd3QwdHdUMmF6MVA2WFRoVk1FZWJM
+  alpEYnVRL29RelUvZkE2RFlxam5mbVlOdGdwNXFZWDZDS05Kegp3M1lSS3JL
+  Mlg2cVlZSGNISS9LTDV3YzFET24rVU5VNGVmbVAwVlZkNVVOZlI0MElCTE50
+  eFg5Nlg5WVRYT0hFCndRc0xpK0xqbnorVWFPUmsxZHhabGNYWUdjMzR3Rmcx
+  b1VSdnUwRzgvWXlIVUFtSVUvV0tyanIxYmdjZjFWUnYKUjRLRDFNblVWL3Y1
+  MDJwaU1sWG1qeE9XZGJLOHl2UUVIa3N1L3pqYkNqU3UrTTJrd0ZtV0dzeDVu
+  eCtWZHc9PQotLS0tLUVORCBDRVJUSUZJQ0FURS0tLS0tCg==
 date: 2013-02-02 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
@@ -239,6 +266,7 @@ files:
 - Rakefile
 - UPGRADE.md
 - VERSION
+- casino-public_cert.pem
 - casino_core.gemspec
 - config/cas.yml
 - config/database.yml
@@ -262,6 +290,7 @@ files:
 - db/migrate/20121226211511_allow_service_tickets_without_ticket_granting_ticket.rb
 - db/migrate/20121231114141_add_authenticator_to_ticket_granting_tickets.rb
 - db/migrate/20130105152327_create_service_rules.rb
+- db/migrate/20130202210100_create_users.rb
 - db/schema.rb
 - lib/casino_core.rb
 - lib/casino_core/authenticator.rb
@@ -286,6 +315,7 @@ files:
 - lib/casino_core/model/service_ticket.rb
 - lib/casino_core/model/service_ticket/single_sign_out_notifier.rb
 - lib/casino_core/model/ticket_granting_ticket.rb
+- lib/casino_core/model/user.rb
 - lib/casino_core/processor.rb
 - lib/casino_core/processor/api.rb
 - lib/casino_core/processor/api/login_credential_acceptor.rb
@@ -335,6 +365,7 @@ files:
 - spec/support/factories/service_rule_factory.rb
 - spec/support/factories/service_ticket_factory.rb
 - spec/support/factories/ticket_granting_ticket_factory.rb
+- spec/support/factories/user_factory.rb
 homepage: http://rbcas.org/
 licenses:
 - MIT
@@ -350,7 +381,7 @@ required_ruby_version: !ruby/object:Gem::Requirement
       version: '0'
       segments:
       - 0
-      hash: 4552405534502231272
+      hash: -2617767929690973862
 required_rubygems_version: !ruby/object:Gem::Requirement
   none: false
   requirements:
@@ -359,7 +390,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
       version: '0'
       segments:
       - 0
-      hash: 4552405534502231272
+      hash: -2617767929690973862
 requirements: []
 rubyforge_project: 
 rubygems_version: 1.8.24
@@ -395,4 +426,5 @@ test_files:
 - spec/support/factories/service_rule_factory.rb
 - spec/support/factories/service_ticket_factory.rb
 - spec/support/factories/ticket_granting_ticket_factory.rb
+- spec/support/factories/user_factory.rb
 has_rdoc: 

metadata.gz.sig

@@ -0,0 +1,3 @@
+�n�̢���csxh]?u��8�)��dg-��'��ɏ�q�Gd:�p)[�e���zK�"���t��Q�s��H�C{��A�wPw���K��8�*.<��"c}}���
@�2$RЎ�`������$��\(N�7�J�ђ�O��W�Ϥ
+�Do�^�L��P+r�m�>�橿c��1���87O�(��_�>^�
+�D�^�d]�_�M`b��IS^/���i�%���!�]&���J�֣���� B�0�yP�-l��;