cassiopeia 0.0.9 → 0.1.0

data/README.rdoc

@@ -7,6 +7,7 @@
 - Yet another custom CAS client/server implementation. This plugin allows you to perform single-server authorization between two different rails applications. 
 
 = Changelog:
+- 0.1.0: Multiple requests storing fixed. Workarounds for concurrent requests processing applied.
 - 0.0.9: The bug with multiple concurrent requests processing fixed.
 - 0.0.8: Full request saving support via rack middleware.
 - 0.0.7: Some code for redirection added. Added webpath prefix support.
@@ -35,7 +36,8 @@
   server_url: "https://localhost" # Url of cassiopeia server in your environment
   service_url: "https://localhost/myservice/" # Url of your application (for cas to redirect back)
   service_id: "myservice" # Identification of your service (for informational and security purpose)
-  webpath_prefix: "/myservice" # This is used just for correct redirection if you use proxy (default: empty)
+  requests_save_enabled: true # Set this value to true if you want your application to save and restore the previous request when redirecting to cassiopeia (default: true)
+  
 
 ==== Usage:
 <b>Add this line to application_controller.rb:</b>
@@ -52,6 +54,25 @@ This will raise the Cassiopeia::Exception::AccessDenied if user try to access th
     redirect_to root_path
   end
 
+If you set requests_save_enabled to true then you should create the new migration to create 
+the cassiopeia_requests table for storing requests. This is very important if you want to use 
+redirections on the requests that are differ from GET.  So, create this migration: 
+ class AddCassiopeia < ActiveRecord::Migration
+   def self.up
+     create_table :cassiopeia_requests do |t|
+       t.string :uid
+       t.binary :data
+       t.datetime :expires_at
+       t.timestamps
+     end
+   end
+   def self.down
+     drop_table :cassiopeia_requests
+   end
+ end
+
+
+
 === Server configuration
 Create a file named config/cassiopeia.yml:
   ticket_max_lifetime: 5 # Ticket max lifetime (in minutes, default: 120)

data/Rakefile

@@ -10,7 +10,7 @@ PKG_FILES = FileList[ '[a-zA-Z]*',  'lib/**/*' ]
 
 spec = Gem::Specification.new do |s|
   s.name = "cassiopeia"
-  s.version = "0.0.9"
+  s.version = "0.1.0"
   s.author = "smecsia"
   s.email = "smecsia@gmail.com"
   #s.homepage = ""

data/lib/cassiopeia/action_controller_client_mixin.rb

@@ -5,13 +5,13 @@ module Cassiopeia
       ::CAS_USER_KEY = Cassiopeia::CONFIG[:current_user_key]
       ::CAS_TICKET_ID_KEY = Cassiopeia::CONFIG[:ticket_id_key] 
       ::CAS_TICKET_KEY = Cassiopeia::CONFIG[:ticket_key]
-      ::CAS_WEBPATH_PREFIX = Cassiopeia::CONFIG[:webpath_prefix]
-      ::CAS_RETURN_TO_KEY = Cassiopeia::CONFIG[:return_to_key] 
+      ::CAS_UNIQUE_REQ_KEY = Cassiopeia::CONFIG[:rack_unique_req_key]
       def cas_current_ticket
         session[CAS_TICKET_KEY] || params[CAS_TICKET_KEY]
       end
       def cas_current_ticket_id
-        params[CAS_TICKET_ID_KEY] || session[CAS_TICKET_ID_KEY]
+        return session[CAS_TICKET_ID_KEY] if (params[CAS_TICKET_ID_KEY].nil? || params[CAS_TICKET_ID_KEY].empty?)
+        return params[CAS_TICKET_ID_KEY]
       end
       def cas_store_current_user(ticket, user)
         session[CAS_TICKET_KEY] = ticket
@@ -26,15 +26,8 @@ module Cassiopeia
         logger.debug "\nCurrent ticket valid: #{DateTime.parse(cas_current_ticket[:expires_at])} >= #{DateTime.now}\n" + "="*50 if cas_current_ticket && cas_current_ticket[:expires_at]
         cas_current_ticket && DateTime.parse(cas_current_ticket[:expires_at]) >= DateTime.now if cas_current_ticket && cas_current_ticket[:expires_at]
       end
-      def cas_store_location
-        session[CAS_RETURN_TO_KEY] = "#{CAS_WEBPATH_PREFIX}#{request.request_uri}"
-      end
-      def cas_redirect_back_or_default(default)
-        redirect_to(session[CAS_RETURN_TO_KEY] || default)
-        session[CAS_RETURN_TO_KEY] = nil
-      end
       def cas_request_ticket_id
-        cas_store_location
+        logger.debug "\nStoring current request:...#{params[CAS_UNIQUE_REQ_KEY]} \n" + "="*50
         redirect_to Cassiopeia::Client::instance.cas_check_url(session, params) 
       end
       def cas_request_current_user
@@ -44,7 +37,7 @@ module Cassiopeia
         @current_user = Cassiopeia::User.new(@ticket[:user])
         logger.debug "\nCurrent user identified (#{@current_user.login}), storing to session\n" + "="*50
         cas_store_current_user(@ticket, @current_user)
-        logger.debug "\nTicket_id is in request, should process the old request... #{session[:return_to]}\n" + "="*50
+        logger.debug "\nTicket_id is in request, should process the old request...#{params[CAS_UNIQUE_REQ_KEY]} \n" + "="*50
       end
       def cas_required_roles
         self.class.cas_required_roles if self.class.respond_to? :cas_required_roles 

data/lib/cassiopeia/action_controller_server_mixin.rb

@@ -3,8 +3,10 @@ module Cassiopeia
 
   module ActionControllerServerMixin
     module ActionControllerMethods
+      private
       def cas_ticket_id
-        params[@ticket_id_key] || session[@ticket_id_key]
+        return session[@ticket_id_key] if (params[@ticket_id_key].nil? || params[@ticket_id_key].empty?)
+        return params[@ticket_id_key]
       end
       def cas_service_url
         params[@service_url_key] || session[@service_url_key]
@@ -51,11 +53,11 @@ module Cassiopeia
       end
 
       def cas_current_ticket_exists?
-        Cassiopeia::CONFIG[:ticketClass].exists?(cas_ticket_id) if cas_ticket_id > ""
+        Cassiopeia::CONFIG[:ticketClass].exists?(cas_ticket_id) 
       end
 
       def cas_current_ticket_valid?
-        logger.debug "\nTicketValid = #{cas_current_ticket.valid_for?(cas_service_id)}\n" + "="*50 if cas_current_ticket_exists?
+        logger.debug("\nTicketValid = #{cas_current_ticket.valid_for?(cas_service_id)}\n" + "="*50) if cas_current_ticket_exists?
         cas_current_ticket.valid_for?(cas_service_id) if cas_current_ticket_exists?
       end
 
@@ -93,23 +95,34 @@ module Cassiopeia
         redirect_to url
       end
 
-      def cas_proceed_auth
-        service_url = Cassiopeia::Server::instance.service_url(session, params)
-        if cas_current_ticket_valid? && current_user
-          logger.debug "\nCurrentTicketValid, current_user exists redirecting to service...\n" + "="*50
-          return cas_redirect_to service_url
-        elsif current_user
-          logger.debug "\nCurrentTicketInvalid, but current_user exists, should create new ticket...\n" + "="*50
-          cas_current_ticket.destroy if cas_current_ticket_exists?
-          cas_create_or_find_ticket
-          return cas_redirect_to service_url
-        elsif cas_current_ticket_exists?
-          logger.debug "\nCurrentTicketInvalid, but current_user exists, destroying ticket, redirecting to login...\n" + "="*50
-          cas_current_ticket.destroy
+      def cas_service_url_build
+        Cassiopeia::Server::instance.service_url(session, params)
+      end
+
+      def cas_proceed_auth        
+        Thread.exclusive do
+          if cas_current_ticket_valid? && current_user
+            logger.debug "\nCurrentTicketValid, current_user exists redirecting to service...\n" + "="*50
+            return cas_redirect_to cas_service_url_build
+          elsif current_user
+            logger.debug "\nCurrentTicketInvalid, but current_user exists, should create new ticket...\n" + "="*50
+            cas_current_ticket.destroy if cas_current_ticket_exists?
+            cas_create_or_find_ticket
+            return cas_redirect_to cas_service_url_build
+          elsif cas_current_ticket_exists?
+            logger.debug "\nCurrentTicketInvalid, but current_user exists, destroying ticket, redirecting to login...\n" + "="*50
+            cas_current_ticket.destroy
+          end
         end
         cas_redirect_to login_url
       end
 
+      def cas_remove_expired_tickets
+        Cassiopeia::CONFIG[:ticketClass].delete_all(:conditions => ["expired_at <= '?'", Time.now.utc])
+      end
+
+      public
+
       def create
         cas_process_request
       end

data/lib/cassiopeia/active_record_server_mixin.rb

@@ -2,23 +2,20 @@ require 'uuidtools'
 
 module Cassiopeia
   module ActiveRecordServerMixin 
-    def self.cassiopeia_ticketClass=(c)
-      @@cassiopeia_ticketClass = c
-    end
     # cas ticket
     def acts_as_cas_ticket
       class_eval do
         def valid_for?(service)
           return false unless identity && user
-          (ticket = self.for_service service) && ticket.expires_at >= DateTime.now
+          (ticket = self.for_service(service)) && ticket.expires_at.utc >= Time.now.utc
         end
         def for_service(service)
-          @@cassiopeia_ticketClass.find(:first, :conditions => {:service => service, :user_id => user.id })
+          Cassiopeia::CONFIG[:ticketClass].find(:first, :conditions => {:service => service, :user_id => user.id, :identity=>identity })
         end
       end
       instance_eval do
         def generate_expiration
-          DateTime.now() + Cassiopeia::CONFIG[:ticket_max_lifetime] / 24.0 / 60.0
+          Time.now.utc + Cassiopeia::CONFIG[:ticket_max_lifetime].to_i.minute
         end
         def generate_uuid
           UUIDTools::UUID.timestamp_create.to_s

data/lib/cassiopeia/base.rb

@@ -16,6 +16,8 @@ module Cassiopeia
   end
 
   module Exception
+    class MissConfiguration < Object::Exception
+    end
     class ConfigRequired < Object::Exception
     end
     class AccessDenied < Object::Exception

data/lib/cassiopeia/base_rack.rb

@@ -0,0 +1,61 @@
+require(File.join(RAILS_ROOT,"config/environment")) unless defined?(Rails)
+module Cassiopeia
+  class BaseRack < Base
+    CAS_RACK_SESSION_STORE = Cassiopeia::CONFIG[:rack_session_store] 
+    CAS_RACK_SESSION_KEY = Cassiopeia::CONFIG[:rack_session_key]
+    CAS_TICKET_ID_KEY = Cassiopeia::CONFIG[:ticket_id_key]
+    CAS_TICKET_KEY = Cassiopeia::CONFIG[:ticket_key]
+    CAS_REQUEST_URI_KEY = Cassiopeia::CONFIG[:rack_request_uri_key]
+    CAS_QUERY_STRING_KEY = Cassiopeia::CONFIG[:rack_query_string_key]
+    CAS_SAVE_KEYS = Cassiopeia::CONFIG[:rack_save_keys]
+    CAS_UNIQUE_REQ_KEY = Cassiopeia::CONFIG[:rack_unique_req_key]
+    CAS_REQ_EXPIRES_AT_KEY = Cassiopeia::CONFIG[:rack_session_store_expires_at_key]
+    CAS_REQ_TIMEOUT = Cassiopeia::CONFIG[:rack_session_store_timeout]
+
+    def session(env)
+      env[CAS_RACK_SESSION_KEY]
+    end
+
+    def cas_current_ticket(env)
+      session(env)[CAS_TICKET_KEY]
+    end
+
+    def cas_current_ticket_valid?(env)
+      @ticket = cas_current_ticket(env)
+      @ticket && DateTime.parse(@ticket[:expires_at]) >= DateTime.now if @ticket && @ticket[:expires_at]
+    end
+
+    def enabled
+      Cassiopeia::CONFIG[:requests_save_enabled]
+    end
+
+    def initialize( app )
+      @app = app
+    end
+
+    def response( env )
+      @status, @headers, @body = @app.call env
+      [@status, @headers, @body]
+    end
+
+    def restore_headers_required?(env)
+      env[CAS_QUERY_STRING_KEY] && env[CAS_QUERY_STRING_KEY].match(CAS_TICKET_ID_KEY.to_s) && env[CAS_RACK_SESSION_KEY] && env[CAS_RACK_SESSION_KEY][CAS_RACK_SESSION_STORE]
+    end
+
+    def store_headers_required?(env)
+      !cas_current_ticket_valid?(env)
+    end
+
+    def generate_expiration
+      DateTime.now() + CAS_REQ_TIMEOUT / 24.0 / 60.0
+    end
+
+    def generate_req_key
+      UUIDTools::UUID.timestamp_create.to_s
+    end
+
+    def raise_missconfiguration(msg)
+      raise Cassiopeia::Exception::MissConfiguration.new "Cannot modify or delete cassiopeia request instance! Please, create table casssiopeia_requests[:uid, :expires_at, :data] or disable requests saving in configuration! (#{msg})"
+    end
+  end
+end

data/lib/cassiopeia/client.rb

@@ -7,6 +7,9 @@ require 'rexml/document'
 # Client
 ##################
 module Cassiopeia
+  class CassiopeiaRequest < ActiveRecord::Base
+  end
+
   class Client < Base
     SERVICE_URL = Cassiopeia::CONFIG[:service_url]
     SERVICE_ID = Cassiopeia::CONFIG[:service_id]

data/lib/cassiopeia/config.rb

@@ -11,8 +11,6 @@ module Cassiopeia
     :service_url_key => "cas_service_url",
     :server_url => nil,
     :service_url => nil,
-    :webpath_prefix => "",
-    :return_to_key => "cas_return_to",
     :service_id => nil,
     :current_user_key => "current_user",
     :format => "js",
@@ -23,7 +21,8 @@ module Cassiopeia
     :rack_session_key => "rack.session",
     :rack_unique_req_key => "cas_req_key",
     :rack_session_store_timeout => 1,
-    :rack_session_store_expires_at_key => "cas_req_expires"
+    :rack_session_store_expires_at_key => "cas_req_expires",
+    :requests_save_enabled => true
   }
   CONFIG_PATH = "#{RAILS_ROOT}/config/cassiopeia.yml"
   @@conf = {}

data/lib/cassiopeia/rack_restore_request.rb

@@ -1,110 +1,80 @@
 module Cassiopeia
-  class RackRestoreRequest
-    CAS_RACK_SESSION_STORE = Cassiopeia::CONFIG[:rack_session_store] 
-    CAS_RACK_SESSION_KEY = Cassiopeia::CONFIG[:rack_session_key]
-    CAS_TICKET_ID_KEY = Cassiopeia::CONFIG[:ticket_id_key]
-    CAS_REQUEST_URI_KEY = Cassiopeia::CONFIG[:rack_request_uri_key]
-    CAS_QUERY_STRING_KEY = Cassiopeia::CONFIG[:rack_query_string_key]
-    CAS_SAVE_KEYS = Cassiopeia::CONFIG[:rack_save_keys]
-    CAS_UNIQUE_REQ_KEY = Cassiopeia::CONFIG[:rack_unique_req_key]
-    CAS_REQ_EXPIRES_AT_KEY = Cassiopeia::CONFIG[:rack_session_store_expires_at_key]
-    CAS_REQ_TIMEOUT = Cassiopeia::CONFIG[:rack_session_store_timeout]
-
-    def initialize( app )
-      @app = app
-    end
-
+  class RackRestoreRequest < BaseRack
     def call( env )
-      if restore_headers_required?(env)
-        env = restore_headers(env)
-      else
-        save_headers(env)
-      end
-      @status, @headers, @body = @app.call env
-      [@status, @headers, @body]
-    end
-
-    def query_to_hash(query)
-      CGI.parse(query)
-    end
-
-    def hash_to_query(hash)
-      pairs = []
-      hash.each do |k, vals|
-        vals = [vals] unless vals.kind_of? Array
-        vals.each {|v| pairs << "#{CGI.escape(k.to_s)}=#{(v)?CGI.escape(v.to_s):''}"}
+      if enabled
+        if restore_headers_required?(env)
+          env = restore_old_request(env)
+        elsif store_headers_required?(env)
+          remove_expired_requests
+          store_current_request(env)
+        end
       end
-      pairs.join("&")
-    end
-
-    def restore_headers_required?(env)
-      env[CAS_QUERY_STRING_KEY] && env[CAS_QUERY_STRING_KEY].match(CAS_TICKET_ID_KEY.to_s) && env[CAS_RACK_SESSION_KEY] && env[CAS_RACK_SESSION_KEY][CAS_RACK_SESSION_STORE]
+      response(env)
     end
 
-    def remove_expired_headers(env)
-      if(env[CAS_RACK_SESSION_KEY] && env[CAS_RACK_SESSION_KEY][CAS_RACK_SESSION_STORE])
-        stores = env[CAS_RACK_SESSION_KEY][CAS_RACK_SESSION_STORE]
-        stores.each do |key, store|
-          if store && store[CAS_REQ_EXPIRES_AT_KEY] && store[CAS_REQ_EXPIRES_AT_KEY] >= DateTime.now 
-            stores.delete key
+    def store_current_request(env)
+      begin
+        request = CassiopeiaRequest.new({:uid => store_req_key(env), :expires_at => generate_expiration})
+        store = {}
+        env.each do |key,value|
+          if env[key] && (key.is_a? String) && (key.match("HTTP_") || CAS_SAVE_KEYS.match(key))
+            store[key] = value
           end
         end
+        request.data = Marshal.dump(store)
+        request.save!
+      rescue Exception => e
+        raise_missconfiguration(e)
       end
     end
 
-    def generate_expiration
-        DateTime.now() + CAS_REQ_TIMEOUT / 24.0 / 60.0
-    end
 
-    def save_headers(env)
-      if(env[CAS_RACK_SESSION_KEY])
-        remove_expired_headers(env)
-        req_key = store_req_key(env)
-        env[CAS_RACK_SESSION_KEY][CAS_RACK_SESSION_STORE] = {} unless env[CAS_RACK_SESSION_KEY][CAS_RACK_SESSION_STORE]
-        store = env[CAS_RACK_SESSION_KEY][CAS_RACK_SESSION_STORE]
-        store[req_key] = { CAS_REQ_EXPIRES_AT_KEY => generate_expiration }
-        env.each do |key,value|
-          if env[key] && (key.is_a? String) && (key.match("HTTP_") || CAS_SAVE_KEYS.match(key))
-            store[req_key][key] = value
+    def restore_old_request(env)
+      begin
+        key = restore_req_key(env)
+        request = CassiopeiaRequest.find_by_uid(key)
+        stored_keys = Marshal.load(request.data)
+        stored_keys.each do |key,value|
+          if(key.match(CAS_QUERY_STRING_KEY))
+            add_ticket_id_to_req(env,key,value)
+          else
+            env[key] = value
           end
         end
+        request.delete
+      rescue Exception => e
+        raise_missconfiguration(e)
       end
+      env
     end
 
-    def add_ticket_id_to_req(env, key, value)
-      newparams = query_to_hash(value)
-      params = query_to_hash(env[key])
-      newparams[CAS_TICKET_ID_KEY] = params[CAS_TICKET_ID_KEY]
-      newparams.delete CAS_UNIQUE_REQ_KEY
-      env[key] = hash_to_query(newparams)
-    end
-
-    def restore_req_key(env)
-      newparams = query_to_hash(env[CAS_QUERY_STRING_KEY])
-      newparams[CAS_UNIQUE_REQ_KEY]
+    def remove_expired_requests
+      begin
+        CassiopeiaRequest.delete_all(["expires_at <= ?", Time.now.utc])
+      rescue Exception => e
+        raise_missconfiguration(e)
+      end
     end
 
     def store_req_key(env)
       params = query_to_hash(env[CAS_QUERY_STRING_KEY])
-      params[CAS_UNIQUE_REQ_KEY] = UUIDTools::UUID.timestamp_create.to_s
+      params[CAS_UNIQUE_REQ_KEY] = generate_req_key
       env[CAS_QUERY_STRING_KEY] = hash_to_query(params)
       params[CAS_UNIQUE_REQ_KEY]
     end
 
-    def restore_headers(env)
-      current_req_key = restore_req_key(env)
-      stored_keys = env[CAS_RACK_SESSION_KEY][CAS_RACK_SESSION_STORE][current_req_key.to_s]
-      if(env[CAS_RACK_SESSION_KEY] && stored_keys)
-        stored_keys.each do |key,value|
-          if(key.match(CAS_QUERY_STRING_KEY))
-            add_ticket_id_to_req(env,key,value)
-          else
-            env[key] = value
-          end
-        end
-        env[CAS_RACK_SESSION_KEY][CAS_RACK_SESSION_STORE].delete current_req_key.to_s
-      end
-      env
+
+    def restore_req_key(env)
+      newparams = query_to_hash(env[CAS_QUERY_STRING_KEY])
+      newparams[CAS_UNIQUE_REQ_KEY]
+    end
+
+    def add_ticket_id_to_req(env, key, value)
+      newparams = query_to_hash(value)
+      params = query_to_hash(env[key])
+      newparams[CAS_TICKET_ID_KEY] = params[CAS_TICKET_ID_KEY]
+      newparams.delete CAS_UNIQUE_REQ_KEY
+      env[key] = hash_to_query(newparams)
     end
   end
 end

data/lib/cassiopeia.rb

@@ -1,7 +1,7 @@
 $:.unshift(File.dirname(__FILE__)) unless
 $:.include?(File.dirname(__FILE__)) || $:.include?(File.expand_path(File.dirname(__FILE__)))
 module Cassiopeia
-  VERSION = '0.0.9'
+  VERSION = '0.1.0'
   autoload :User, 'cassiopeia/user'
   autoload :Base, 'cassiopeia/base'
   autoload :Exception, 'cassiopeia/base'
@@ -12,6 +12,8 @@ module Cassiopeia
   autoload :ActionControllerServerMixin, 'cassiopeia/action_controller_server_mixin'
   autoload :ActionControllerClientMixin, 'cassiopeia/action_controller_client_mixin'
   autoload :RackRestoreRequest, 'cassiopeia/rack_restore_request'
+  autoload :BaseRack, 'cassiopeia/base_rack'
+  autoload :CassiopeiaRequest, 'cassiopeia/client'
 
   class << self
     def enable
@@ -19,7 +21,7 @@ module Cassiopeia
       ActiveRecord::Base.send :extend, ActiveRecordServerMixin
       ActionController::Base.send :extend, ActionControllerClientMixin
       Rails.configuration.middleware.use RackRestoreRequest if CONFIG[:service_id]
-      puts "Cassiopeia 0.0.9 enabled"
+      puts "Cassiopeia 0.1.0 enabled"
     end
   end
 end

metadata

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification 
 name: cassiopeia
 version: !ruby/object:Gem::Version 
-  version: 0.0.9
+  version: 0.1.0
 platform: ruby
 authors: 
 - smecsia
@@ -9,7 +9,7 @@ autorequire:
 bindir: bin
 cert_chain: []
 
-date: 2010-04-09 00:00:00 +04:00
+date: 2010-04-13 00:00:00 +04:00
 default_executable: 
 dependencies: 
 - !ruby/object:Gem::Dependency 
@@ -55,6 +55,7 @@ files:
 - Rakefile
 - lib/cassiopeia.rb
 - lib/cassiopeia/active_record_server_mixin.rb
+- lib/cassiopeia/base_rack.rb
 - lib/cassiopeia/action_controller_server_mixin.rb
 - lib/cassiopeia/config.rb
 - lib/cassiopeia/server.rb