concerto_cas_auth 0.0.8 → 0.0.9
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/README.md +23 -0
- data/app/controllers/concerto_cas_auth/application_controller.rb +9 -4
- data/app/views/concerto_cas_auth/omniauth_cas/_signin.html.erb +1 -1
- data/config/initializers/omniauth.rb +50 -36
- data/lib/concerto_cas_auth/engine.rb +4 -0
- data/lib/concerto_cas_auth/version.rb +1 -1
- metadata +3 -3
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA1:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 5e695601f3786266ae7914bcf7f82ed91595b508
|
|
4
|
+
data.tar.gz: 2ba282b068c16cf0354005e530db401c03f1a359
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 79af688d03ce93a0dd6c4ffee8f3f49356cbe8d83a580030c91da5ee59b83f7cfbf3e1c259805db90de1e2dd12a29798344b80d15e339d1ccf52109a2a1d3c98
|
|
7
|
+
data.tar.gz: 4a9cdabdaf9653e18150fdce2fe8d2942a7066b57b6766dbfcf0338c69aced148ec2319d100383d377f27856c13a387a334718dbcfafed859a55ece7181d60ae
|
data/README.md
CHANGED
|
@@ -2,3 +2,26 @@ Concerto CAS Auth
|
|
|
2
2
|
=====================
|
|
3
3
|
|
|
4
4
|
Authenticate Concerto users through your own [CAS](http://en.wikipedia.org/wiki/Central_Authentication_Service) deployment.
|
|
5
|
+
|
|
6
|
+
Installing the plugin
|
|
7
|
+
----------------------
|
|
8
|
+
1. Log in using a system admin account in your Concerto deployment
|
|
9
|
+
2. Click on the "plugins" button on the top navigation bar under the admin section.
|
|
10
|
+
3. On the right side of the page, click on the "new plugin" button.
|
|
11
|
+
4. With RubyGems selected as the source, add the gem concerto_cas_auth in the text field.
|
|
12
|
+
5. Click save, you will now stop your Concerto web server, run the ```bundle``` command, and start your web server again.
|
|
13
|
+
6. Since the CAS plugin is not configured yet, you can log back into your Concerto accounts by visiting the ```your.concerto.url/users/sign_in``` route.
|
|
14
|
+
7. If the plugin was installed successfully, you will see a new CAS User Authentication settings tab under the "settings" page. This page can be found by clicking the "settings" button on the top navigation bar under the admin section.
|
|
15
|
+
|
|
16
|
+
Configuring the plugin
|
|
17
|
+
----------------------
|
|
18
|
+
1. Log in using a system admin account in your Concerto deployment
|
|
19
|
+
2. Click on the "settings" button on the top navigation bar under the admin section.
|
|
20
|
+
3. Click on the "CAS User Authentication" tab.
|
|
21
|
+
4. Configure the CAS URL to point towards your CAS deployment. For example, https://cas-auth.rpi.edu/cas.
|
|
22
|
+
5. The CAS uid key will be used as a unique identifier for each account. This will be returned by your CAS server upon authentication.
|
|
23
|
+
6. The CAS email key is required and will be used to access the email address returned by your CAS server upon authentication.
|
|
24
|
+
7. After saving these settings, you will need to restart your Concerto web server.
|
|
25
|
+
8. Your log in links at the top of the page should now point to your CAS authentication.
|
|
26
|
+
|
|
27
|
+
note: This plugin is essentially a wrapper around [omniauth-cas](https://github.com/dlindahl/omniauth-cas) with added logic for creating Concerto user accounts with the returned CAS information. Feel free to follow the omniauth-cas link and see a more detailed description of the configuration items.
|
|
@@ -11,7 +11,7 @@ module ConcertoCasAuth
|
|
|
11
11
|
omniauth_keys = ConcertoCasAuth::Engine.config.omniauth_keys
|
|
12
12
|
|
|
13
13
|
# Check if an identity records exists for the user attempting to sign in
|
|
14
|
-
if identity = ConcertoIdentity::Identity.
|
|
14
|
+
if identity = ConcertoIdentity::Identity.find_by_external_id(
|
|
15
15
|
cas_hash[omniauth_keys[:uid_key]])
|
|
16
16
|
# Return the matching user record
|
|
17
17
|
return identity.user
|
|
@@ -22,14 +22,19 @@ module ConcertoCasAuth
|
|
|
22
22
|
# Set user attributes
|
|
23
23
|
|
|
24
24
|
# First name is required for user validation
|
|
25
|
-
if !cas_hash[omniauth_keys[
|
|
26
|
-
user.first_name = cas_hash[omniauth_keys[
|
|
25
|
+
if !cas_hash[omniauth_keys[:first_name_key]].nil?
|
|
26
|
+
user.first_name = cas_hash[omniauth_keys[:first_name_key]]
|
|
27
27
|
else
|
|
28
28
|
user.first_name = cas_hash[omniauth_keys[:uid_key]]
|
|
29
29
|
end
|
|
30
30
|
|
|
31
31
|
# Email is required for user validation
|
|
32
|
-
|
|
32
|
+
if !cas_hash[omniauth_keys[:email_key]].nil?
|
|
33
|
+
user.email = cas_hash[omniauth_keys[:email_key]]
|
|
34
|
+
else
|
|
35
|
+
user.email = cas_hash[omniauth_keys[:uid_key]] +
|
|
36
|
+
"@" + omniauth_keys[:email_suffix].tr("@", "")
|
|
37
|
+
end
|
|
33
38
|
|
|
34
39
|
# Set user admin flag to false
|
|
35
40
|
user.is_admin = false
|
|
@@ -1 +1 @@
|
|
|
1
|
-
<%= link_to '
|
|
1
|
+
<%= link_to t('.sign_in'), root_url + 'auth/cas/' %>
|
|
@@ -1,42 +1,56 @@
|
|
|
1
|
-
|
|
2
|
-
#
|
|
3
|
-
|
|
4
|
-
|
|
5
|
-
|
|
6
|
-
|
|
7
|
-
|
|
8
|
-
|
|
1
|
+
if ActiveRecord::Base.connection.table_exists? 'concerto_configs'
|
|
2
|
+
# Concerto Configs are created if they don't exist already
|
|
3
|
+
# these are used to initialize and configure omniauth-cas
|
|
4
|
+
ConcertoConfig.make_concerto_config("cas_url", "https://cas.example.org/cas",
|
|
5
|
+
:value_type => "string",
|
|
6
|
+
:value_default => "https://cas.example.org/cas",
|
|
7
|
+
:category => "CAS User Authentication",
|
|
8
|
+
:seq_no => 1,
|
|
9
|
+
:description =>"Defines the url of your CAS server")
|
|
9
10
|
|
|
10
|
-
ConcertoConfig.make_concerto_config("cas_uid_key", "
|
|
11
|
-
|
|
12
|
-
|
|
13
|
-
|
|
14
|
-
|
|
15
|
-
:description =>'The CAS field name containing user login names (uid, username,email,etc)')
|
|
11
|
+
ConcertoConfig.make_concerto_config("cas_uid_key", "uid",
|
|
12
|
+
:value_type => "string",
|
|
13
|
+
:category => "CAS User Authentication",
|
|
14
|
+
:seq_no => 2,
|
|
15
|
+
:description => "CAS field name containing user login names")
|
|
16
16
|
|
|
17
|
-
ConcertoConfig.make_concerto_config("cas_email_key", "email",
|
|
18
|
-
|
|
19
|
-
|
|
20
|
-
|
|
21
|
-
|
|
22
|
-
:description =>'The CAS field name containing user email addresses (email, uid,etc)')
|
|
17
|
+
ConcertoConfig.make_concerto_config("cas_email_key", "email",
|
|
18
|
+
:value_type => "string",
|
|
19
|
+
:category => "CAS User Authentication",
|
|
20
|
+
:seq_no => 3,
|
|
21
|
+
:description => "CAS field name containing user email addresses")
|
|
23
22
|
|
|
24
|
-
|
|
25
|
-
|
|
26
|
-
|
|
27
|
-
|
|
28
|
-
|
|
29
|
-
:email_key => ConcertoConfig[:cas_email_key],
|
|
30
|
-
:callback_url => "/auth/cas/callback"
|
|
31
|
-
}
|
|
23
|
+
ConcertoConfig.make_concerto_config("cas_email_suffix", "@",
|
|
24
|
+
:value_type => "string",
|
|
25
|
+
:category => "CAS User Authentication",
|
|
26
|
+
:seq_no => 4,
|
|
27
|
+
:description => "Appends this suffix to a CAS returned user id. Leave blank if using email_key above")
|
|
32
28
|
|
|
33
|
-
|
|
34
|
-
|
|
35
|
-
|
|
36
|
-
|
|
29
|
+
ConcertoConfig.make_concerto_config("cas_first_name_key", "first_name",
|
|
30
|
+
:value_type => "string",
|
|
31
|
+
:category => "CAS User Authentication",
|
|
32
|
+
:seq_no => 5,
|
|
33
|
+
:description => "CAS field name containing first name")
|
|
34
|
+
|
|
35
|
+
# Store omniauth config values from main application's ConcertoConfig
|
|
36
|
+
omniauth_config = {
|
|
37
|
+
:host => URI.parse(ConcertoConfig[:cas_url]).host,
|
|
38
|
+
:url => ConcertoConfig[:cas_url],
|
|
39
|
+
:uid_key => ConcertoConfig[:cas_uid_key],
|
|
40
|
+
:first_name_key => ConcertoConfig[:cas_first_name_key],
|
|
41
|
+
:email_key => ConcertoConfig[:cas_email_key],
|
|
42
|
+
:email_suffix => ConcertoConfig[:cas_email_suffix],
|
|
43
|
+
:callback_url => "/auth/cas/callback"
|
|
44
|
+
}
|
|
45
|
+
|
|
46
|
+
# configure omniauth-cas gem based on specified yml configs
|
|
47
|
+
Rails.application.config.middleware.use OmniAuth::Builder do
|
|
48
|
+
provider :cas, omniauth_config
|
|
49
|
+
end
|
|
37
50
|
|
|
38
|
-
# save omniauth configuration for later use in application
|
|
39
|
-
# to reference any unique identifiers for extra CAS options
|
|
40
|
-
ConcertoCasAuth::Engine.configure do
|
|
41
|
-
|
|
51
|
+
# save omniauth configuration for later use in application
|
|
52
|
+
# to reference any unique identifiers for extra CAS options
|
|
53
|
+
ConcertoCasAuth::Engine.configure do
|
|
54
|
+
config.omniauth_keys = omniauth_config
|
|
55
|
+
end
|
|
42
56
|
end
|
|
@@ -20,6 +20,10 @@ module ConcertoCasAuth
|
|
|
20
20
|
add_view_hook "ApplicationController", :signin_hook,
|
|
21
21
|
:partial => "concerto_cas_auth/omniauth_cas/signin"
|
|
22
22
|
|
|
23
|
+
# Controller hook to supply a redirect route (example: non public Concerto instances)
|
|
24
|
+
add_controller_hook "ApplicationController", :auth_plugin, :before do
|
|
25
|
+
@auth_url = "/auth/cas"
|
|
26
|
+
end
|
|
23
27
|
end
|
|
24
28
|
end
|
|
25
29
|
|
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: concerto_cas_auth
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 0.0.
|
|
4
|
+
version: 0.0.9
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Gabe Perez
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: bin
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date:
|
|
11
|
+
date: 2015-09-13 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: rails
|
|
@@ -131,7 +131,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
|
|
|
131
131
|
version: '0'
|
|
132
132
|
requirements: []
|
|
133
133
|
rubyforge_project:
|
|
134
|
-
rubygems_version: 2.2.
|
|
134
|
+
rubygems_version: 2.2.3
|
|
135
135
|
signing_key:
|
|
136
136
|
specification_version: 4
|
|
137
137
|
summary: Provides user authentication using CAS
|