castanet-testing 0.0.1

checksums.yaml

@@ -0,0 +1,7 @@
+---
+SHA1:
+  metadata.gz: ba7386f0f2b4c9dcbd87159b1439b088de18c42b
+  data.tar.gz: 886b574886eb12ffeaa301fb9c9f88d2427437a9
+SHA512:
+  metadata.gz: 1d325e9a92d0c3448c600a66b35ffc78c3aeb551451d355365808a68517a30c211dc2477111dc67860e3f6660c748e7fc7d21e837701cccc437ead067363547f
+  data.tar.gz: ecf4967bf03daff3194fa6033a67208aa9cf01f7f3d01f0aeaa80a84228e129d8ef589934d23343a6533b8ed84fceac43b371a19f425917e8e042df819a83528

data/.gitignore

@@ -0,0 +1,19 @@
+*.gem
+.rbx
+.bundle
+.config
+.yardoc
+Gemfile.lock
+InstalledFiles
+_yardoc
+coverage
+doc/
+lib/bundler/man
+pkg
+rdoc
+spec/reports
+test/tmp
+test/version_tmp
+tmp
+*.sw?
+foreman.log

data/.travis.yml

@@ -0,0 +1,7 @@
+rvm:
+  - 1.9.3
+  - jruby-19mode
+  - rbx-19mode
+before_script:
+  - "bundle install"
+script: ./test.sh 5000 6000

data/CHANGELOG

@@ -0,0 +1,4 @@
+0.0.1 (2013-09-10)
+------------------
+
+Initial release

data/Gemfile

@@ -0,0 +1,4 @@
+source 'https://rubygems.org'
+
+# Specify your gem's dependencies in castanet-testing.gemspec
+gemspec

data/LICENSE

@@ -0,0 +1,20 @@
+Copyright (c) 2013 David Yip
+
+Permission is hereby granted, free of charge, to any person obtaining
+a copy of this software and associated documentation files (the
+"Software"), to deal in the Software without restriction, including
+without limitation the rights to use, copy, modify, merge, publish,
+distribute, sublicense, and/or sell copies of the Software, and to
+permit persons to whom the Software is furnished to do so, subject to
+the following conditions:
+
+The above copyright notice and this permission notice shall be
+included in all copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
+EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
+MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
+NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
+LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
+OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
+WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.

data/Procfile

@@ -0,0 +1,2 @@
+jasig: rake castanet:testing:jasig:start
+callback: rake castanet:testing:callback:start

data/README

@@ -0,0 +1,50 @@
+1. castanet-testing
+
+Castanet[1] contains Rake tasks to start the Jasig CAS Server[2] and a CAS
+proxy callback in a test environment.
+
+This gem contains an adaptation of those tasks for use in other projects.
+
+2. Requirements
+
+* A Ruby environment: Ruby 1.9.3, JRuby 1.7.0, and Rubinius 2.0.0 are
+  regularly tested
+* curl(1)
+* openssl(1)
+* patch(1)
+* test(1)
+* GNU tar
+
+3. Usage
+
+In a Rakefile:
+
+    require 'castanet/testing'
+
+    Castanet::Testing::JasigServerTasks.new
+    Castanet::Testing::CallbackServerTasks.new
+
+This will install the following tasks:
+
+    castanet:testing:jasig:start
+    castanet:testing:jasig:waitall
+    castanet:testing:jasig:cleanall
+    castanet:testing:callback:start
+    castanet:testing:callback:waitall
+    castanet:testing:callback:cleanall
+
+The start tasks can be used on their own or as part of a Procfile.  If used in
+a Procfile, you may freely vary concurrency levels.  (Often, however, you'll
+want just one server instance.)
+
+All *Tasks classes have optional parameters.  See the class docs for more
+information.
+
+4. License and authorship
+
+Copyright (c) 2013 David Yip.  Made available under the MIT license.
+
+[1]: https://github.com/NUBIC/castanet
+[2]: http://www.jasig.org/cas
+
+# vim:ts=2:sw=2:et:tw=78

data/Rakefile

@@ -0,0 +1,5 @@
+require "bundler/gem_tasks"
+require "castanet/testing"
+
+Castanet::Testing::JasigServerTasks.new
+Castanet::Testing::CallbackServerTasks.new

data/assets/callback/callback.rb

@@ -0,0 +1,190 @@
+require 'rack'
+require 'webrick/https'
+require 'openssl'
+
+##
+# Rack code for handling the PGT callback part of the CAS proxy
+# authentication protocol.  The class itself is middleware; it can
+# also generate an {.application endpoint}.
+#
+# ## Behavior
+#
+# As middleware, this class intercepts and handles two paths and
+# passes all other requests down the chain.  The paths are:
+#
+# * `/receive_pgt`: implements the PGT callback process per section
+#   2.5.4 of the CAS protocol.
+# * `/retrieve_pgt`: allows an application to retrieve the PGT for
+#   a PGTIOU.  The PGTIOU is returned to the application as part of
+#   the CAS ticket validation process.  It should be passed to
+#   `/receive_pgt` as the `pgtIou` query parameter.  Note that a
+#   given PGT may only be retrieved once.
+#
+# As a full rack app, it handles the same two paths and returns `404
+# Not Found` for all other requests.
+#
+# ## Middleware vs. Application
+#
+# It is **only** appropriate to use the class as middleware in a
+# **multithreaded or multiprocessing deployment**.  If your application
+# only has one executor at a time, using this class as middleware
+# **will cause a deadlock** during CAS authentication.
+#
+# ## Based on
+#
+# This class was heavily influenced by `CasProxyCallbackController`
+# in rubycas-client.  That class has approximately the same
+# behavior, but is Rails-specific.
+#
+# @see http://www.jasig.org/cas/protocol
+#      CAS protocol, section 2.5.4
+class RackProxyCallback
+  RETRIEVE_PATH = "/retrieve_pgt"
+  RECEIVE_PATH = "/receive_pgt"
+
+  ##
+  # Create a new instance of the middleware.
+  #
+  # @param [#call] app the next rack application in the chain.
+  # @param [Hash] options
+  # @option options [String] :store the file where the middleware
+  #   will store the received PGTs until they are retrieved.
+  def initialize(app, options={})
+    @app = app
+    @pgts = {}
+  end
+
+  ##
+  # Handles a single request in the manner specified in the class
+  # overview.
+  #
+  # @param [Hash] env the rack environment for the request.
+  #
+  # @return [Array] an appropriate rack response.
+  def call(env)
+    return echo if env["PATH_INFO"] == "/"
+    return receive(env) if env["PATH_INFO"] == RECEIVE_PATH
+    return retrieve(env) if env["PATH_INFO"] == RETRIEVE_PATH
+    @app.call(env)
+  end
+
+  ##
+  # Creates a rack application which responds as described in the
+  # class overview.
+  #
+  # @param [Hash] options the same options that you can pass to
+  #   {#initialize}.
+  #
+  # @return [#call] a full rack application
+  def self.application(options={})
+    app = lambda { |env|
+      [404, { "Content-Type" => "text/plain" }, ["Unknown resource #{env['PATH_INFO']}"]]
+    }
+    new(app, options)
+  end
+
+  protected
+
+  ##
+  # Associates the given PGTIOU and PGT.
+  #
+  # @param [String] pgt_iou
+  # @param [String] pgt
+  #
+  # @return [void]
+  def store_iou(pgt_iou, pgt)
+    @pgts[pgt_iou] = pgt
+  end
+
+  ##
+  # Finds the PGT for the given PGTIOU.  If there isn't one, it
+  # returns nil.  If there is one, it deletes it from the store
+  # before returning it.
+  #
+  # @param [String] pgt_iou
+  # @return [String,nil]
+  def resolve_iou(pgt_iou)
+    @pgts.delete(pgt_iou)
+  end
+
+  private
+
+  def echo
+    Rack::Response.new.tap do |r|
+      r.status = 200
+    end.finish
+  end
+
+  def receive(env)
+    req = Rack::Request.new(env)
+    resp = Rack::Response.new
+    resp.headers["Content-Type"] = "text/plain"
+
+    pgt = req.params["pgtId"]
+    pgt_iou = req.params["pgtIou"]
+
+    unless pgt && pgt_iou
+      missing = [("pgtId" unless pgt), ("pgtIou" unless pgt_iou)].compact
+      missing_msg =
+        if missing.size == 1
+          "#{missing.first} is a required query parameter."
+        else
+          "Both #{missing.join(' and ')} are required query parameters."
+        end
+      resp.status =
+        if missing.size == 2
+          #
+          # This oddity is required by the JA-SIG CAS Server.
+          #
+          200
+        else
+          400
+        end
+
+      resp.body = ["#{missing_msg}\nSee section 2.5.4 of the CAS protocol specification."]
+    else
+      store_iou(pgt_iou, pgt)
+
+      resp.body = ["PGT and PGTIOU received.  Thanks, my robotic friend."]
+    end
+
+    resp.finish
+  end
+
+  def retrieve(env)
+    req = Rack::Request.new(env)
+    resp = Rack::Response.new
+    resp.headers["Content-Type"] = "text/plain"
+
+    pgt_iou = req.params["pgtIou"]
+
+    if pgt_iou
+      pgt = resolve_iou(pgt_iou)
+      if pgt
+        resp.body = [pgt]
+      else
+        resp.status = 404
+        resp.body = ["pgtIou=#{pgt_iou} does not exist.  Perhaps it has already been retrieved."]
+      end
+    else
+      resp.status = 400
+      resp.body = ["pgtIou is a required query parameter."]
+    end
+
+    resp.finish
+  end
+end
+
+# ---------------------------------------------------------------------------- 
+
+trap('INT') { exit! }
+trap('TERM') { exit! }
+
+# Start it up.
+Rack::Handler::WEBrick.run(RackProxyCallback.application, {
+  :BindAddress => ENV['HOST'],
+  :Port => ENV['PORT'] || 9292,
+  :SSLEnable => true,
+  :SSLCertificate => OpenSSL::X509::Certificate.new(File.read(ENV['SSL_CERT_PATH'])),
+  :SSLPrivateKey => OpenSSL::PKey::RSA.new(File.read(ENV['SSL_KEY_PATH']))
+})

data/assets/jasig/jetty.xml.erb

@@ -0,0 +1,36 @@
+<?xml version="1.0"?>
+<!DOCTYPE Configure PUBLIC "-//Jetty//Configure//EN" "http://www.eclipse.org/jetty/configure.dtd">
+<Configure id="Server" class="org.eclipse.jetty.server.Server">
+  <New id="sslContextFactory" class="org.eclipse.jetty.http.ssl.SslContextFactory">
+    <Set name="KeyStore"><%= jetty_keystore %></Set>
+    <Set name="KeyStorePassword"><%= jetty_storepass %></Set>
+    <Set name="TrustStore"><%= jetty_keystore %></Set>
+    <Set name="TrustStorePassword"><%= jetty_storepass %></Set>
+    <Set name="IncludeCipherSuites">
+      <Array type="java.lang.String">
+        <Item>TLS_DHE_RSA_WITH_AES_128_CBC_SHA</Item>
+      </Array>
+    </Set>
+  </New>
+  <Call class="java.lang.System" name="setProperty">
+    <Arg>javax.net.ssl.trustStore</Arg>
+    <Arg><%= jetty_keystore %></Arg>
+  </Call>
+  <Call class="java.lang.System" name="setProperty">
+    <Arg>javax.net.ssl.trustStorePassword</Arg>
+    <Arg><%= jetty_storepass %></Arg>
+  </Call>
+  <Call name="addConnector">
+    <Arg>
+      <New class="org.eclipse.jetty.server.ssl.SslSelectChannelConnector">
+        <Arg><Ref id="sslContextFactory" /></Arg>
+        <Set name="Port">
+          <Property name="jetty.ssl_port" default="<%= port %>" />
+        </Set>
+        <Set name="maxIdleTime">30000</Set>
+        <Set name="Acceptors">2</Set>
+        <Set name="AcceptQueueSize">100</Set>
+      </New>
+    </Arg>
+  </Call>
+</Configure>

data/assets/jasig/jetty.xml.patch

@@ -0,0 +1,28 @@
+--- a/jetty.xml	2012-10-24 18:06:23.000000000 -0500
++++ b/jetty.xml	2012-10-24 18:06:29.000000000 -0500
+@@ -30,25 +30,6 @@
+     </Set>
+ 
+     <!-- =========================================================== -->
+-    <!-- Set connectors                                              -->
+-    <!-- =========================================================== -->
+-
+-    <Call name="addConnector">
+-      <Arg>
+-          <New class="org.eclipse.jetty.server.nio.SelectChannelConnector">
+-            <Set name="host"><Property name="jetty.host" /></Set>
+-            <Set name="port"><Property name="jetty.port" default="8080"/></Set>
+-            <Set name="maxIdleTime">300000</Set>
+-            <Set name="Acceptors">2</Set>
+-            <Set name="statsOn">false</Set>
+-            <Set name="confidentialPort">8443</Set>
+-	    <Set name="lowResourcesConnections">20000</Set>
+-	    <Set name="lowResourcesMaxIdleTime">5000</Set>
+-          </New>
+-      </Arg>
+-    </Call>
+-
+-    <!-- =========================================================== -->
+     <!-- Set handler Collection Structure                            --> 
+     <!-- =========================================================== -->
+     <Set name="handler">

data/assets/test.crt

@@ -0,0 +1,19 @@
+-----BEGIN CERTIFICATE-----
+MIIDGDCCAoGgAwIBAgIJAKFL1LzPfLCMMA0GCSqGSIb3DQEBBQUAMGYxCzAJBgNV
+BAYTAlVTMREwDwYDVQQIEwhBbnlzdGF0ZTEQMA4GA1UEBxMHQW55Y2l0eTEeMBwG
+A1UEChMVQ2FzdGFuZXQgQ2xpY2tlcnMgTExDMRIwEAYDVQQDEwlsb2NhbGhvc3Qw
+IBcNMTEwMTI0MDYyNjQ0WhgPMjA2NzAyMTkwNjI2NDRaMGYxCzAJBgNVBAYTAlVT
+MREwDwYDVQQIEwhBbnlzdGF0ZTEQMA4GA1UEBxMHQW55Y2l0eTEeMBwGA1UEChMV
+Q2FzdGFuZXQgQ2xpY2tlcnMgTExDMRIwEAYDVQQDEwlsb2NhbGhvc3QwgZ8wDQYJ
+KoZIhvcNAQEBBQADgY0AMIGJAoGBALGnCOPNqDcUuLpJ6+IDOq9Vfr16pOOdVZfC
+8YeeaQtii/UfeJztFzlYgnH0/Tvrld8n6EwQ8UhzXi0agJ3fGqBfEyUGs4eNOU/A
+lIa3kltiPUhzxvZKAs8LqRuMamD3TY70ezPPdnkQSg2HGM2N++I8AHEBSCg6vKA0
+N7UCquJ/AgMBAAGjgcswgcgwHQYDVR0OBBYEFLXPKVU6xeWwyxYPwA8/oxuNcaMV
+MIGYBgNVHSMEgZAwgY2AFLXPKVU6xeWwyxYPwA8/oxuNcaMVoWqkaDBmMQswCQYD
+VQQGEwJVUzERMA8GA1UECBMIQW55c3RhdGUxEDAOBgNVBAcTB0FueWNpdHkxHjAc
+BgNVBAoTFUNhc3RhbmV0IENsaWNrZXJzIExMQzESMBAGA1UEAxMJbG9jYWxob3N0
+ggkAoUvUvM98sIwwDAYDVR0TBAUwAwEB/zANBgkqhkiG9w0BAQUFAAOBgQCIT5TQ
+ZGiMkUBlDSfMcRl9vDazZnoNjKIKHl4+3ta4YsmhkAGXiFmkuKrNXd7f8UDNf6Sw
+irJNGIg6x146DLe6ZXqoaBSiof0lR10A/H3dl5RvfS1y2ma2tMJJwR7prHvRHgBn
+kfg5FSOWxkzANC/hYU8/9Q7ceXNkmKklzinG9w==
+-----END CERTIFICATE-----

data/assets/test.key

@@ -0,0 +1,15 @@
+-----BEGIN RSA PRIVATE KEY-----
+MIICXAIBAAKBgQCxpwjjzag3FLi6SeviAzqvVX69eqTjnVWXwvGHnmkLYov1H3ic
+7Rc5WIJx9P0765XfJ+hMEPFIc14tGoCd3xqgXxMlBrOHjTlPwJSGt5JbYj1Ic8b2
+SgLPC6kbjGpg902O9Hszz3Z5EEoNhxjNjfviPABxAUgoOrygNDe1AqrifwIDAQAB
+AoGAXYcp9/zC7dS7+F+IjyHSGJLzOcBC5Q5lDJP2Ysb0WKkWNAPQlRWBX5CIhIRN
+eelqquSwuLNGxDTwxOAqDHNz6U/oNBpImap+IXJgPv+uGokCXclmbONQ57sJCC5u
+7Afznw9xMYMEI7pKwId+bfM9ehbJvaQC+PpxGTYrHhqf7AkCQQDaTC72cU7i8FFw
+dNjT4MnasnptZiaitVFaJDLh/cp0wJ8B0YygFb9F2A/3qwDkCixKPa5SxFshh6Od
+cHx9+56NAkEA0FXEWw7uAg25ye8waLCjsSFKodU+2KMwApw4Qp163YSY94kYk/Qm
+CGVPxojv7o7Rup6G9JTYGywwhkZD7Ji4OwJBALt07GcoiguLPwQI8yGPSQeKeGN1
+cvwKJB/6Mc+rNq3nsyPGpLHbuvLpRVzy9cLdkYb3TLk6cN9sMO5D6EPvTQkCQBwA
+u0DmE9XQ1H0xGleoDoibifWQvT7PSH/BUcqack5eKVV0ZwpUEdylCYENHPr61XP5
+JPixHQ8h9G/H+A9QQ8sCQCfMZZo6ozDUzMw59DQf4WfKuCSY4G3NGPblL2T+7Pt8
+0jzvfyJLtgShYx2SBYXa+oCwN9o3d0Y6W1Yzlm8n0dg=
+-----END RSA PRIVATE KEY-----

data/castanet-testing.gemspec

@@ -0,0 +1,26 @@
+# coding: utf-8
+lib = File.expand_path('../lib', __FILE__)
+$LOAD_PATH.unshift(lib) unless $LOAD_PATH.include?(lib)
+require 'castanet/testing/version'
+
+Gem::Specification.new do |spec|
+  spec.name          = "castanet-testing"
+  spec.version       = Castanet::Testing::VERSION
+  spec.authors       = ["David Yip"]
+  spec.email         = ["yipdw@northwestern.edu"]
+  spec.summary       = %q{Contains Rake tasks for managing CAS servers in test environments}
+  spec.homepage      = ""
+  spec.license       = "MIT"
+
+  spec.files         = `git ls-files`.split($/)
+  spec.executables   = spec.files.grep(%r{^bin/}) { |f| File.basename(f) }
+  spec.test_files    = spec.files.grep(%r{^(test|spec|features)/})
+  spec.require_paths = ["lib"]
+
+  spec.add_development_dependency "bundler", "~> 1.3"
+  spec.add_development_dependency "foreman", "0.63.0"
+  spec.add_development_dependency "yard"
+  spec.add_dependency "json"
+  spec.add_dependency "rack"
+  spec.add_dependency "rake", "~> 10.0"
+end

data/lib/castanet/testing.rb

@@ -0,0 +1,9 @@
+require 'castanet/testing/version'
+
+module Castanet
+  module Testing
+  end
+end
+
+require 'castanet/testing/callback_server_tasks'
+require 'castanet/testing/jasig_server_tasks'

data/lib/castanet/testing/asset_paths.rb

@@ -0,0 +1,17 @@
+require 'castanet/testing'
+
+module Castanet::Testing
+  module AssetPaths
+    def asset_path(p)
+      File.expand_path("../../../../assets/#{p}", __FILE__)
+    end
+
+    def ssl_key_path
+      asset_path('test.key')
+    end
+
+    def ssl_cert_path
+      asset_path('test.crt')
+    end
+  end
+end

data/lib/castanet/testing/callback_server_tasks.rb

@@ -0,0 +1,76 @@
+require 'castanet/testing'
+require 'castanet/testing/asset_paths'
+require 'castanet/testing/common_tasks'
+require 'castanet/testing/namespacing'
+require 'rake'
+
+module Castanet::Testing
+  class CallbackServerTasks
+    extend AssetPaths
+    include CommonTasks
+    include Namespacing
+    include Rake::DSL
+
+    DEFAULT_SCRATCH_DIR = '/tmp/castanet-testing/callback'
+    DEFAULT_HOST = 'localhost'
+    DEFAULT_SSL_KEY = ssl_key_path
+    DEFAULT_SSL_CERT = ssl_cert_path
+    DEFAULT_TIMEOUT = 120
+
+    CALLBACK_PATH = asset_path('callback/callback.rb')
+    RUNNER = asset_path('run.rb')
+
+    # @option opts [String] :root ('castanet:testing:callback') namespaces for
+    #   this task; an empty string means toplevel namespace
+    # @option opts [String] :scratch_dir ('/tmp/castanet-testing/callback')
+    #   sets a path for downloads, server scratch space, etc.
+    # @option opts [String] :host ('localhost') hostname to bind
+    # @option opts [String] :ssl_cert (DEFAULT_SSL_CERT) the SSL certificate
+    #   file to use
+    # @option opts [String] :ssl_key (DEFAULT_SSL_KEY) the SSL key file to use
+    # @option opts [String] :timeout (DEFAULT_TIMEOUT) timeout for waitall
+    def initialize(options = {})
+      root = options[:root] || 'castanet:testing:callback'
+      scratch_dir = options[:scratch_dir] || DEFAULT_SCRATCH_DIR
+      host = options[:host] || DEFAULT_HOST
+      ssl_cert = options[:ssl_cert] || DEFAULT_SSL_CERT
+      ssl_key = options[:ssl_key] || DEFAULT_SSL_KEY
+      timeout = options[:timeout] || DEFAULT_TIMEOUT
+
+      port = ENV['PORT']
+      instance_dir = "#{scratch_dir}/callback.#{$$}"
+
+      namespaces(root.split(':')) do
+        file instance_dir do
+          mkdir_p instance_dir
+        end
+
+        task :ensure_port do
+          raise "PORT is not set" unless port
+        end
+
+        task :prep => [:ensure_port, instance_dir]
+
+        desc 'Start a CAS proxy callback instance (requires PORT to be set)'
+        task :start => :prep do
+          ENV['HOST'] = host
+          ENV['SSL_CERT_PATH'] = ssl_cert
+          ENV['SSL_KEY_PATH'] = ssl_key
+
+          cd(instance_dir) { load(CALLBACK_PATH) }
+        end
+
+        desc "Wait for all CAS proxy callback instances in #{scratch_dir} to become ready"
+        task(:waitall) { wait_all(scratch_dir, timeout) }
+
+        desc "Clean up all CAS proxy callback instances under #{scratch_dir}"
+        task(:cleanall) { clean_all(scratch_dir, 'callback') }
+
+        desc "Delete #{scratch_dir}"
+        task :delete_scratch_dir do
+          rm_rf scratch_dir
+        end
+      end
+    end
+  end
+end

data/lib/castanet/testing/common_tasks.rb

@@ -0,0 +1,29 @@
+require 'castanet/testing'
+require 'castanet/testing/connection_testing'
+require 'json'
+require 'rake'
+require 'timeout'
+
+module Castanet::Testing
+  module CommonTasks
+    include Castanet::Testing::ConnectionTesting
+    include Rake::DSL
+
+    def wait_all(scratch_dir, timeout)
+      Timeout.timeout(timeout) do
+        loop do
+          urls = Dir["#{scratch_dir}/**/.urls"].map { |x| JSON.parse(File.read(x))['status'] }
+          urls.reject! { |u| responding?(u) }
+          break true if urls.empty?
+          sleep 1
+        end
+      end
+    end
+    
+    def clean_all(scratch_dir, prefix)
+      files = FileList["#{scratch_dir}/#{prefix}.*"]
+
+      rm_rf files unless files.empty?
+    end
+  end
+end

data/lib/castanet/testing/connection_testing.rb

@@ -0,0 +1,28 @@
+require 'castanet/testing'
+require 'logger'
+require 'net/http'
+require 'openssl'
+require 'uri'
+
+module Castanet::Testing
+  module ConnectionTesting
+    LOGGER = Logger.new($stderr)
+
+    def responding?(url, logger = LOGGER)
+      uri = URI(url)
+
+      begin
+        h = Net::HTTP.new(uri.host, uri.port)
+        h.use_ssl = (uri.scheme == 'https')
+        h.verify_mode = OpenSSL::SSL::VERIFY_NONE
+        resp = h.get(uri.request_uri)
+        code = resp.code.to_i
+
+        (200..399).include?(code)
+      rescue => e
+        logger.debug "#{url}: #{e.class} (#{e.message})"
+        false
+      end
+    end
+  end
+end

data/lib/castanet/testing/jasig_server_tasks.rb

@@ -0,0 +1,190 @@
+require 'castanet/testing'
+require 'castanet/testing/asset_paths'
+require 'castanet/testing/common_tasks'
+require 'castanet/testing/namespacing'
+require 'erb'
+require 'json'
+require 'rake'
+require 'shellwords'
+require 'openssl'
+require 'uri'
+
+module Castanet::Testing
+  class JasigServerTasks
+    extend AssetPaths
+    include CommonTasks
+    include Rake::DSL
+    include Namespacing
+    include Shellwords
+
+    DEFAULT_SCRATCH_DIR = '/tmp/castanet-testing/jasig'
+    DEFAULT_JASIG_URL = 'http://downloads.jasig.org/cas/cas-server-3.5.2-release.tar.gz'
+    DEFAULT_JETTY_URL = 'http://archive.eclipse.org/jetty/8.1.7.v20120910/dist/jetty-distribution-8.1.7.v20120910.tar.gz'
+    DEFAULT_JASIG_CHECKSUM = 'e93e05acad4975c5caa1c20dff7c57ff8e846253bbf68ea8a5fc0199ce608cba'
+    DEFAULT_JETTY_CHECKSUM = 'a65d20367839bf3df7d32a05992678487ba8daeebb41d9833975aee46ffe86c2'
+    DEFAULT_MOUNT_POINT = '/cas'
+    DEFAULT_HOST = 'localhost'
+    DEFAULT_SSL_KEY = ssl_key_path
+    DEFAULT_SSL_CERT = ssl_cert_path
+    DEFAULT_TIMEOUT = 120
+
+    JETTY_SSL_CONFIG_TEMPLATE = asset_path('jasig/jetty.xml.erb')
+    JETTY_CONFIG_PATCHFILE = asset_path('jasig/jetty.xml.patch')
+    RUNNER = asset_path('jasig/run.sh')
+
+    ##
+    # This is a ridiculous amount of setup for a CAS server.
+    #
+    # @option opts [String] :root ('castanet:testing:jasig') namespaces for
+    #   this task; an empty string means toplevel namespace
+    # @option opts [String] :scratch_dir ('/tmp/castanet-testing/jasig') sets
+    #   a path for downloads, server scratch space, etc.
+    # @option opts [String] :jasig_url (DEFAULT_JASIG_URL) the Jasig CAS Server
+    #   package to download
+    # @option opts [String] :jasig_checksum (DEFAULT_JASIG_CHECKSUM) SHA256
+    #   checksum of the CAS package
+    # @option opts [String] :jetty_url (DEFAULT_JETTY_URL) the Jetty
+    #   distribution to download
+    # @option opts [String] :jetty_checksum (DEFAULT_JETTY_CHECKSUM) SHA256
+    #   checksum of the Jetty package
+    # @option opts [String] :mount_point ('/cas') where the CAS server will be
+    #   mounted
+    # @option opts [String] :host ('localhost') hostname to bind
+    # @option opts [String] :ssl_cert (DEFAULT_SSL_CERT) the SSL certificate
+    #   file to use
+    # @option opts [String] :ssl_key (DEFAULT_SSL_KEY) the SSL key file to use
+    # @option opts [String] :timeout (DEFAULT_TIMEOUT) timeout for waitall
+    def initialize(options = {})
+      root = options[:root] || 'castanet:testing:jasig'
+      scratch_dir = options[:scratch_dir] || DEFAULT_SCRATCH_DIR
+      jasig_url = options[:jasig_url] || DEFAULT_JASIG_URL
+      jasig_checksum = options[:jasig_checksum] || DEFAULT_JASIG_CHECKSUM
+      jetty_url = options[:jetty_url] || DEFAULT_JETTY_URL
+      jetty_checksum = options[:jetty_checksum] || DEFAULT_JETTY_CHECKSUM
+      mount_point = options[:mount_point] || DEFAULT_MOUNT_POINT
+      host = options[:host] || DEFAULT_HOST
+      ssl_cert = options[:ssl_cert] || DEFAULT_SSL_CERT
+      ssl_key = options[:ssl_key] || DEFAULT_SSL_KEY
+      timeout = options[:timeout] || DEFAULT_TIMEOUT
+
+      instance_dir = "#{scratch_dir}/jasig.#{$$}"
+      port = ENV['PORT']
+
+      jasig_fn = URI.parse(jasig_url).path.split('/').last
+      jasig_package_dest = "#{scratch_dir}/#{jasig_fn}"
+      jasig_extract_dest = "#{scratch_dir}/#{jasig_fn}-extract"
+      jasig_war_filename = mount_point.split('/').last + '.war'
+
+      # Older versions of the Jasig CAS server used the cas-server-webapp*.war
+      # pattern.  There's usually only one WAR in a Jasig CAS server
+      # distribution, though, so we just look for all of them and pick the first one.
+      jasig_package_name = FileList["#{jasig_extract_dest}/modules/*.war"]
+
+      jetty_fn = URI.parse(jetty_url).path.split('/').last
+      jetty_package_dest = "#{scratch_dir}/#{jetty_fn}"
+      jetty_war_filename = mount_point.split('/').last + '.war'
+
+      jetty_keystore = "#{instance_dir}/jetty.ks"
+      jetty_storepass = "secret"
+      jetty_ssl_config = "#{jetty_package_dest}/etc/jetty-cas-ssl.xml"
+
+      namespaces(root.split(':')) do
+        file jasig_package_dest do
+          mkdir_p scratch_dir
+          sh "curl -s #{e jasig_url} > #{e jasig_package_dest}"
+          verify_checksum(jasig_package_dest, jasig_checksum)
+        end
+
+        file jetty_package_dest do
+          mkdir_p scratch_dir
+          sh "curl -s #{e jetty_url} > #{e jetty_package_dest}"
+          verify_checksum(jetty_package_dest, jetty_checksum)
+        end
+
+        file jasig_extract_dest do
+          mkdir_p jasig_extract_dest
+          sh "tar xf #{e jasig_package_dest} -C #{e jasig_extract_dest} --strip-components 1"
+        end
+
+        file instance_dir do
+          mkdir_p instance_dir
+          sh "tar xf #{e jetty_package_dest} -C #{e instance_dir} --strip-components 1"
+        end
+
+        task :ensure_port do
+          raise "PORT is not set" unless port
+        end
+
+        desc 'Download the CAS server'
+        task :download => [jasig_package_dest, jasig_extract_dest, jetty_package_dest]
+
+        task :prep => [:download, :ensure_port, instance_dir] do
+          mkdir_p instance_dir
+          cp jasig_package_name.compact.first, "#{instance_dir}/webapps/#{jasig_war_filename}"
+
+          sh %Q{openssl pkcs12 -inkey #{e ssl_key} -in #{e ssl_cert} -export \
+                -out #{e "#{instance_dir}/jetty.pkcs12"} \
+                -password #{e "pass:#{jetty_storepass}"}}
+
+          sh %Q{keytool -destkeystore #{e jetty_keystore} -importkeystore \
+                -srckeystore #{e "#{instance_dir}/jetty.pkcs12"} \
+                -srcstoretype PKCS12 -srcstorepass #{e jetty_storepass} \
+                -storepass #{e jetty_storepass} -noprompt}
+
+          ssl_config = ERB.new(File.read(JETTY_SSL_CONFIG_TEMPLATE)).result(binding)
+          ssl_file = "#{instance_dir}/etc/jetty-cas-ssl.xml"
+
+          File.open(ssl_file, 'w') { |f| f.write(ssl_config) }
+
+          ini = File.read("#{instance_dir}/start.ini")
+
+          unless ini.include?(ssl_file)
+            File.open("#{instance_dir}/start.ini", 'a+') do |f|
+              f.write(ssl_file)
+            end
+          end
+
+          # Delete the default connector.
+          patchfile = File.expand_path('../jetty.xml.patch', __FILE__)
+
+          cd "#{instance_dir}/etc" do
+            sh "patch -p1 < #{e JETTY_CONFIG_PATCHFILE}"
+          end
+        end
+
+        desc 'Start a Jasig CAS Server instance (requires PORT to be set)'
+        task :start => :prep do
+          exec "cd #{e instance_dir} && exec java -jar start.jar"
+        end
+
+        desc "Wait for all Jasig CAS Server instances in #{scratch_dir} to become ready"
+        task(:waitall) { wait_all(scratch_dir, timeout) }
+
+        desc "Clean up all Jasig CAS Server instances under #{scratch_dir}"
+        task(:cleanall) { clean_all(scratch_dir, 'jasig') }
+
+        desc "Delete #{scratch_dir}"
+        task :delete_scratch_dir do
+          rm_rf scratch_dir
+        end
+      end
+    end
+
+    private
+
+    alias_method :e, :shellescape
+
+    def verify_checksum(fn, expected)
+      sha = OpenSSL::Digest::SHA256.new
+
+      File.open(fn, 'r') do |f|
+        until f.eof?
+          sha << f.read(65536)
+        end
+      end
+
+      actual = sha.to_s
+      raise "checksum mismatch: #{actual} != #{expected}" if actual != expected
+    end
+  end
+end

data/lib/castanet/testing/namespacing.rb

@@ -0,0 +1,15 @@
+require 'castanet/testing'
+
+module Castanet::Testing
+  module Namespacing
+    def namespaces(chain, &block)
+      if chain.empty?
+        block.call
+      else
+        namespace chain.shift do
+          namespaces(chain, &block)
+        end
+      end
+    end
+  end
+end

data/lib/castanet/testing/version.rb

@@ -0,0 +1,5 @@
+module Castanet
+  module Testing
+    VERSION = "0.0.1"
+  end
+end

data/test.sh

@@ -0,0 +1,29 @@
+#!/usr/bin/env bash
+
+set -xe
+
+JASIG_PORT=$1
+CALLBACK_PORT=$2
+
+if [ -z $CALLBACK_PORT ]; then
+	echo "Usage: $0 [CAS port] [callback port]"
+	exit 1
+fi
+
+bundle exec rake castanet:testing:jasig:delete_scratch_dir castanet:testing:callback:delete_scratch_dir
+bundle exec rake castanet:testing:jasig:download
+
+PORT=$JASIG_PORT bundle exec rake castanet:testing:jasig:start &
+JASIG_PID=$!
+
+PORT=$CALLBACK_PORT bundle exec rake castanet:testing:callback:start &
+CALLBACK_PID=$!
+
+sleep 10
+
+# CAS and the callback should start.
+RETVAL=bundle exec rake castanet:testing:jasig:waitall castanet:testing:callback:waitall
+
+# Shut things down.
+kill -TERM $JASIG_PID $CALLBACK_PID && wait $JASIG_PID $CALLBACK_PID
+exit $RETVAL

metadata

@@ -0,0 +1,152 @@
+--- !ruby/object:Gem::Specification
+name: castanet-testing
+version: !ruby/object:Gem::Version
+  version: 0.0.1
+platform: ruby
+authors:
+- David Yip
+autorequire: 
+bindir: bin
+cert_chain: []
+date: 2013-09-10 00:00:00.000000000 Z
+dependencies:
+- !ruby/object:Gem::Dependency
+  name: bundler
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ~>
+      - !ruby/object:Gem::Version
+        version: '1.3'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ~>
+      - !ruby/object:Gem::Version
+        version: '1.3'
+- !ruby/object:Gem::Dependency
+  name: foreman
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - '='
+      - !ruby/object:Gem::Version
+        version: 0.63.0
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - '='
+      - !ruby/object:Gem::Version
+        version: 0.63.0
+- !ruby/object:Gem::Dependency
+  name: yard
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - '>='
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - '>='
+      - !ruby/object:Gem::Version
+        version: '0'
+- !ruby/object:Gem::Dependency
+  name: json
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - '>='
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - '>='
+      - !ruby/object:Gem::Version
+        version: '0'
+- !ruby/object:Gem::Dependency
+  name: rack
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - '>='
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - '>='
+      - !ruby/object:Gem::Version
+        version: '0'
+- !ruby/object:Gem::Dependency
+  name: rake
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ~>
+      - !ruby/object:Gem::Version
+        version: '10.0'
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ~>
+      - !ruby/object:Gem::Version
+        version: '10.0'
+description: 
+email:
+- yipdw@northwestern.edu
+executables: []
+extensions: []
+extra_rdoc_files: []
+files:
+- .gitignore
+- .travis.yml
+- CHANGELOG
+- Gemfile
+- LICENSE
+- Procfile
+- README
+- Rakefile
+- assets/callback/callback.rb
+- assets/jasig/jetty.xml.erb
+- assets/jasig/jetty.xml.patch
+- assets/test.crt
+- assets/test.key
+- castanet-testing.gemspec
+- lib/castanet/testing.rb
+- lib/castanet/testing/asset_paths.rb
+- lib/castanet/testing/callback_server_tasks.rb
+- lib/castanet/testing/common_tasks.rb
+- lib/castanet/testing/connection_testing.rb
+- lib/castanet/testing/jasig_server_tasks.rb
+- lib/castanet/testing/namespacing.rb
+- lib/castanet/testing/version.rb
+- test.sh
+homepage: ''
+licenses:
+- MIT
+metadata: {}
+post_install_message: 
+rdoc_options: []
+require_paths:
+- lib
+required_ruby_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - '>='
+    - !ruby/object:Gem::Version
+      version: '0'
+required_rubygems_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - '>='
+    - !ruby/object:Gem::Version
+      version: '0'
+requirements: []
+rubyforge_project: 
+rubygems_version: 2.0.6
+signing_key: 
+specification_version: 4
+summary: Contains Rake tasks for managing CAS servers in test environments
+test_files: []
+has_rdoc: