devise_bushido_authenticatable 1.0.0 → 1.0.1

data/lib/devise_cas_authenticatable/single_sign_out/session_store/active_record.rb

@@ -0,0 +1,12 @@
+ActiveRecord::SessionStore.class_eval do
+
+  include DeviseCasAuthenticatable::SingleSignOut::SetSession
+  alias_method_chain :set_session, :storage
+
+  #def destroy_session(env, session_id, options)
+  #  if session = Session::find_by_session_id(sid)
+  #    session.destroy
+  #  end
+  #end
+
+end

data/lib/devise_cas_authenticatable/single_sign_out/session_store/redis.rb

@@ -0,0 +1,27 @@
+require "action_controller/session/redis_session_store"
+
+module DeviseCasAuthenticatable
+  module SingleSignOut
+    module RedisSessionStore
+
+      include DeviseCasAuthenticatable::SingleSignOut::SetSession
+
+      def destroy_session(sid)
+        @pool.del(sid)
+      end
+    end
+  end
+end
+
+
+if ::Redis::Store.rails3?
+  ActionDispatch::Session::RedisSessionStore.class_eval do
+    include DeviseCasAuthenticatable::SingleSignOut::RedisSessionStore
+    alias_method_chain :set_session, :storage
+  end
+else
+  ActionController::Session::RedisSessionStore.class_eval do
+    include DeviseCasAuthenticatable::SingleSignOut::RedisSessionStore
+    alias_method_chain :set_session, :storage
+  end
+end

data/lib/devise_cas_authenticatable/single_sign_out/strategies.rb

@@ -0,0 +1,58 @@
+module DeviseCasAuthenticatable
+  module SingleSignOut
+    module Strategies
+      class << self
+
+        # Add a strategy and store it in a hash.
+        def add(label, strategy, &block)
+          strategy ||= Class.new(DeviseCasAuthenticatable::SingleSignOut::Strategies::Base)
+          strategy.class_eval(&block) if block_given?
+
+          check_method(label, strategy, :store_session_id_for_index)
+          check_method(label, strategy, :find_session_id_by_index)
+          check_method(label, strategy, :delete_session_index)
+
+          unless strategy.ancestors.include?(DeviseCasAuthenticatable::SingleSignOut::Strategies::Base)
+            raise "#{label.inspect} is not a #{base}"
+          end
+
+          _strategies[label] = strategy.new()
+        end
+
+        # Update a previously given strategy.
+        def update(label, &block)
+          strategy = _strategies[label]
+          raise "Unknown strategy #{label.inspect}" unless strategy
+          add(label, strategy, &block)
+        end
+
+        # Provides access to strategies by label
+        def [](label)
+          _strategies[label]
+        end
+
+        def current_strategy
+          self[::Devise.cas_single_sign_out_mapping_strategy]
+        end
+
+        # Clears all declared.
+        def clear!
+          _strategies.clear
+        end
+
+        private
+
+        def _strategies
+          @strategies ||= {}
+        end
+
+        def check_method(label, strategy, method)
+          unless strategy.method_defined?(method)
+            raise NoMethodError, "#{method.to_s} is not declared in the #{label.inspect} strategy"
+          end
+        end
+
+      end
+    end
+  end
+end

data/lib/devise_cas_authenticatable/single_sign_out/strategies/base.rb

@@ -0,0 +1,11 @@
+module DeviseCasAuthenticatable
+  module SingleSignOut
+    module Strategies
+      class Base
+        def logger
+          @logger ||= Rails.logger
+        end
+      end
+    end
+  end
+end

data/lib/devise_cas_authenticatable/single_sign_out/strategies/rails_cache.rb

@@ -0,0 +1,31 @@
+module DeviseCasAuthenticatable
+  module SingleSignOut
+    module Strategies
+      class RailsCache < Base
+        def store_session_id_for_index(session_index, session_id)
+          logger.debug("Storing #{session_id} for index #{session_index}")
+          Rails.cache.write(cache_key(session_index), session_id)
+        end
+
+        def find_session_id_by_index(session_index)
+          sid = Rails.cache.read(cache_key(session_index))
+          logger.debug("Found session id #{sid.inspect} for index #{session_index.inspect}")
+          sid
+        end
+        
+        def delete_session_index(session_index)
+          logger.info("Deleting index #{session_index}")
+          Rails.cache.delete(cache_key(session_index))
+        end
+        
+        private
+        
+        def cache_key(session_index)
+          "devise_cas_authenticatable:#{session_index}"
+        end
+      end
+    end
+  end
+end
+
+::DeviseCasAuthenticatable::SingleSignOut::Strategies.add( :rails_cache, DeviseCasAuthenticatable::SingleSignOut::Strategies::RailsCache )

data/lib/devise_cas_authenticatable/strategy.rb

@@ -1,4 +1,6 @@
 require 'devise/strategies/base'
+require 'net/http'
+require 'uri'
 
 module Devise
   module Strategies
@@ -15,18 +17,20 @@ module Devise
       # or attempt to redirect to the CAS server's login URL.
       def authenticate!
         ticket = read_ticket(params)
-        if ticket
-          if resource = mapping.to.authenticate_with_cas_ticket(ticket)
-            success!(resource)
-          elsif ticket.is_valid?
-              logger.debug "="*30
-              logger.debug ticket.response.user[:ido_id]
-              logger.debug "="*30
-            redirect!(::Devise.cas_unregistered_url(request.url, mapping), :ido_id => ticket.response.user)
-            #fail!("The user #{ticket.response.user} is not registered with this site.  Please use a different account.")
-          else
-            fail!(:invalid)
+        fail!(:invalid) if not ticket
+        
+        if resource = mapping.to.authenticate_with_cas_ticket(ticket)
+          # Store the ticket in the session for later usage
+          if ::Devise.cas_enable_single_sign_out
+            session['cas_last_valid_ticket'] = ticket.ticket
+            session['cas_last_valid_ticket_store'] = true
           end
+
+          success!(resource)
+        elsif ticket.is_valid?
+          ido_id = ticket.respond_to?(:user) ? ticket.user : ticket.response.user
+          redirect!(::Devise.cas_unregistered_url(request.url, mapping), :ido_id => ido_id)
+          #fail!("The user #{ticket.response.user} is not registered with this site.  Please use a different account.")
         else
           fail!(:invalid)
         end

data/spec/devise_cas_authenticatable/model_spec.rb

@@ -0,0 +1,39 @@
+require "spec_helper"
+
+describe Devise::Models::BushidoAuthenticatable do
+  
+  class ExampleAuth
+    include Devise::Models::BushidoAuthenticatable
+  end
+  
+  describe "authenticate_with_cas_ticket" do
+
+    before :each do
+      @ticket = Object.new
+      @user = Object.new
+
+      @ticket.should_receive(:user).and_return(@user)
+      @ticket.should_receive(:has_been_validated?).and_return(true)
+      @ticket.should_receive(:is_valid?).and_return(true)
+      ::Devise.cas_create_user = true
+
+      ExampleAuth.should_receive(:find_for_authentication).and_return(@user)
+      @user.should_receive(:save)
+    end
+    
+    it "should call the bushido_extra_attributes method if it's defined on the devise resource" do
+      @ticket.should_receive(:extra_attributes)
+      @user.should_receive(:bushido_extra_attributes)
+      ExampleAuth.authenticate_with_cas_ticket(@ticket)
+    end
+
+    it "should *not* call the bushido_extra_attributes method if it's *not* defined on the devise resource" do
+
+      @user.should_receive(:respond_to?).and_return(false)      
+      @user.should_not_receive(:bushido_extra_attributes)
+
+      ExampleAuth.authenticate_with_cas_ticket(@ticket)
+    end
+    
+  end
+end

data/spec/routes_spec.rb

@@ -1,13 +1,31 @@
 require 'spec_helper'
 
-describe Devise::CasSessionsController do
-  include RSpec::Rails::ControllerExampleGroup
+describe "routing" do
+  include RSpec::Rails::RoutingExampleGroup
+
+  it "routes to #service" do 
+    get("/users/service").should route_to("devise/cas_sessions#service")
+  end
+  
+  it "routes to #new" do
+    get("/users/sign_in").should route_to("devise/cas_sessions#new")
+  end
+  
+  it "routes to #create" do
+    post("/users/sign_in").should route_to("devise/cas_sessions#create")
+  end
+  
+  it "routes to #destroy" do
+    get("/users/sign_out").should route_to("devise/cas_sessions#destroy")
+  end
   
-  it { should route(:get, "/users/service").to(:action => "service") }
-  it { should route(:get, "/users/sign_in").to(:action => "new") }
-  it { should route(:post, "/users/sign_in").to(:action => "create") }
-  it { should route(:get, "/users/sign_out").to(:action => "destroy") }
-  it { should route(:get, "/users/unregistered").to(:action => "unregistered") }
+  it "routes to #unregistered" do
+    get("/users/unregistered").should route_to("devise/cas_sessions#unregistered")
+  end
+end
+  
+describe Devise::CasSessionsController do
+  include RSpec::Rails::ControllerExampleGroup  
   
   it "should have the right route names" do
     controller.should respond_to("user_service_path", "new_user_session_path", "user_session_path", "destroy_user_session_path")

data/spec/scenario/app/models/user.rb

@@ -1,3 +1,3 @@
 class User < ActiveRecord::Base
-  devise :cas_authenticatable, :rememberable
-end
+  devise :bushido_authenticatable, :rememberable
+end

data/spec/scenario/config/environments/development.rb

@@ -11,7 +11,6 @@ Scenario::Application.configure do
 
   # Show full error reports and disable caching
   config.consider_all_requests_local       = true
-  config.action_view.debug_rjs             = true
   config.action_controller.perform_caching = false
 
   # Don't care if the mailer can't send

data/spec/scenario/config/initializers/castronaut.rb

@@ -0,0 +1 @@
+Castronaut.config.connect_activerecord

data/spec/scenario/config/initializers/session_store.rb

@@ -1,8 +1,8 @@
 # Be sure to restart your server when you modify this file.
 
-Scenario::Application.config.session_store :cookie_store, :key => '_scenario_session'
+# Scenario::Application.config.session_store :cookie_store, :key => '_scenario_session'
 
 # Use the database for sessions instead of the cookie-based default,
 # which shouldn't be used to store highly confidential information
 # (create the session table with "rake db:sessions:create")
-# Scenario::Application.config.session_store :active_record_store
+Scenario::Application.config.session_store :active_record_store

data/spec/scenario/db/migrate/20100401102949_create_tables.rb

@@ -1,7 +1,8 @@
 class CreateTables < ActiveRecord::Migration
   def self.up
     create_table :users do |t|
-      t.cas_authenticatable
+      t.bushido_authenticatable
+      t.string :username
       t.rememberable
       t.string :email
       t.timestamps
@@ -11,4 +12,4 @@ class CreateTables < ActiveRecord::Migration
   def self.down
     drop_table :users
   end
-end
+end

data/spec/scenario/db/migrate/20111002012903_add_sessions_table.rb

@@ -0,0 +1,16 @@
+class AddSessionsTable < ActiveRecord::Migration
+  def self.up
+    create_table :sessions do |t|
+      t.string :session_id, :null => false
+      t.text :data
+      t.timestamps
+    end
+
+    add_index :sessions, :session_id
+    add_index :sessions, :updated_at
+  end
+
+  def self.down
+    drop_table :sessions
+  end
+end

data/spec/scenario/db/schema.rb

@@ -0,0 +1,25 @@
+# This file is auto-generated from the current state of the database. Instead
+# of editing this file, please use the migrations feature of Active Record to
+# incrementally modify your database, and then regenerate this schema definition.
+#
+# Note that this schema.rb definition is the authoritative source for your
+# database schema. If you need to create the application database on another
+# system, you should be using db:schema:load, not running all the migrations
+# from scratch. The latter is a flawed and unsustainable approach (the more migrations
+# you'll amass, the slower it'll run and the greater likelihood for issues).
+#
+# It's strongly recommended to check this file into your version control system.
+
+ActiveRecord::Schema.define(:version => 20111002012903) do
+
+  create_table "sessions", :force => true do |t|
+    t.string   "session_id", :null => false
+    t.text     "data"
+    t.datetime "created_at"
+    t.datetime "updated_at"
+  end
+
+  add_index "sessions", ["session_id"], :name => "index_sessions_on_session_id"
+  add_index "sessions", ["updated_at"], :name => "index_sessions_on_updated_at"
+
+end

data/spec/spec_helper.rb

@@ -2,6 +2,7 @@ ENV["RAILS_ENV"] = "test"
 $:.unshift File.dirname(__FILE__)
 $:.unshift File.expand_path('../../lib', __FILE__)
 
+require "devise_bushido_authenticatable"
 require "scenario/config/environment"
 require "rails/test_help"
 require 'rspec/rails'
@@ -9,7 +10,7 @@ require 'sham_rack'
 require 'capybara/rspec'
 
 RSpec.configure do |config| 
-  config.mock_with :mocha 
+  config.mock_with :rspec 
 end
 
 ShamRack.at('www.example.com') do |env|
@@ -19,4 +20,4 @@ ShamRack.at('www.example.com') do |env|
   Castronaut::Application.call(request.env)
 end
 
-Dir["#{File.dirname(__FILE__)}/support/**/*.rb"].each { |f| require f }
+Dir["#{File.dirname(__FILE__)}/support/**/*.rb"].each { |f| require f }

data/spec/strategy_spec.rb

@@ -17,12 +17,14 @@ describe Devise::Strategies::CasAuthenticatable, :type => "acceptance" do
     visit destroy_user_session_url
   end
   
-  def cas_login_url
+  def cas_login_url(redirect_path=nil)
     @cas_login_url ||= begin
-      uri = URI.parse(Devise.cas_base_url + "/login")
-      uri.query = Rack::Utils.build_nested_query(:service => user_service_url)
-      uri.to_s
-    end
+                         redirect_path = "/" if not redirect_path
+                         uri = URI.parse(Devise.cas_base_url + "/login")
+                         uri.query = "service=#{CGI.escape(user_service_url)}&redirect=#{redirect_path}"
+                         puts "URI CHECK #{uri.to_s}"
+                         uri.to_s
+                       end
   end
   
   def cas_logout_url
@@ -31,7 +33,6 @@ describe Devise::Strategies::CasAuthenticatable, :type => "acceptance" do
   
   def sign_into_cas(username, password)
     visit root_url
-    current_url.should == cas_login_url
     fill_in "Username", :with => username
     fill_in "Password", :with => password
     click_on "Login"
@@ -51,7 +52,7 @@ describe Devise::Strategies::CasAuthenticatable, :type => "acceptance" do
     
     it 'should redirect to CAS server' do
       response.should be_redirect
-      response.should redirect_to(cas_login_url)
+      response.should redirect_to(cas_login_url("/"))
     end
   end
   
@@ -66,31 +67,21 @@ describe Devise::Strategies::CasAuthenticatable, :type => "acceptance" do
   end
   
   it "should register new CAS users if set up to do so" do
-    User.count.should == 1
-    TestAdapter.register_valid_user("newuser", "newpassword")
-    Devise.cas_create_user = true
-    sign_into_cas "newuser", "newpassword"
+    expect {
+      TestAdapter.register_valid_user("newuser", "newpassword")
+      Devise.cas_create_user = true
+      sign_into_cas "newuser", "newpassword"
     
-    current_url.should == root_url
-    User.count.should == 2
-    User.find_by_username("newuser").should_not be_nil
+    }.to change(User, :count).by(1)
   end
   
   it "should fail CAS login if user is unregistered and cas_create_user is false" do
-    User.count.should == 1
-    TestAdapter.register_valid_user("newuser", "newpassword")
-    Devise.cas_create_user = false
-    sign_into_cas "newuser", "newpassword"
-    
-    current_url.should_not == root_url
-    User.count.should == 1
-    User.find_by_username("newuser").should be_nil
+    expect {
+      TestAdapter.register_valid_user("newuser", "newpassword")
+      Devise.cas_create_user = false
+      sign_into_cas "newuser", "newpassword"
 
-    click_on "sign in using a different account"
-    current_url.should == cas_login_url
-    fill_in "Username", :with => "joeuser"
-    fill_in "Password", :with => "joepassword"
-    click_on "Login"
-    current_url.should == root_url
+      current_url.should_not == root_url
+    }.to change(User, :count).by(0)
   end
-end
+end