devise_cas_authenticatable 1.10.4 → 2.0.2

data/Gemfile.devise13

@@ -1,11 +0,0 @@
-source "http://rubygems.org"
-
-# Specify your gem's dependencies in devise_cas_authenticatable.gemspec
-gemspec
-
-gem 'rails', '~> 3.1.0'
-gem 'devise', '~> 1.3.0'
-
-group :test do
-  gem 'castronaut', :git => 'https://github.com/nbudin/castronaut.git', :branch => 'dam5s-merge'
-end

data/Gemfile.devise14

@@ -1,11 +0,0 @@
-source "http://rubygems.org"
-
-# Specify your gem's dependencies in devise_cas_authenticatable.gemspec
-gemspec
-
-gem 'rails', '~> 3.2.0'
-gem 'devise', '~> 1.4.0'
-
-group :test do
-  gem 'castronaut', :git => 'https://github.com/nbudin/castronaut.git', :branch => 'dam5s-merge'
-end

data/Gemfile.devise15

@@ -1,11 +0,0 @@
-source "http://rubygems.org"
-
-# Specify your gem's dependencies in devise_cas_authenticatable.gemspec
-gemspec
-
-gem 'rails', '~> 3.2.0'
-gem 'devise', '~> 1.5.0'
-
-group :test do
-  gem 'castronaut', :git => 'https://github.com/nbudin/castronaut.git', :branch => 'dam5s-merge'
-end

data/Gemfile.devise20

@@ -1,11 +0,0 @@
-source "http://rubygems.org"
-
-# Specify your gem's dependencies in devise_cas_authenticatable.gemspec
-gemspec
-
-gem 'rails', '~> 3.2.0'
-gem 'devise', '~> 2.0.0'
-
-group :test do
-  gem 'castronaut', :git => 'https://github.com/nbudin/castronaut.git', :branch => 'dam5s-merge'
-end

data/Gemfile.devise21

@@ -1,13 +0,0 @@
-source "http://rubygems.org"
-
-# Specify your gem's dependencies in devise_cas_authenticatable.gemspec
-gemspec
-
-gem 'rails', '~> 3.2.0'
-gem 'devise', '~> 2.1.0'
-
-group :test do
-  gem 'castronaut', :git => 'https://github.com/nbudin/castronaut.git', :branch => 'dam5s-merge'
-	gem 'minitest'
-  gem 'test-unit'
-end

data/Gemfile.devise30

@@ -1,12 +0,0 @@
-source "http://rubygems.org"
-
-# Specify your gem's dependencies in devise_cas_authenticatable.gemspec
-gemspec
-
-gem 'rails', '~> 4.0.0'
-gem 'devise', '~> 3.0.0'
-gem 'activerecord-session_store'
-
-group :test do
-  gem 'castronaut', :git => 'https://github.com/nbudin/castronaut.git', :branch => 'dam5s-merge'
-end

data/Gemfile.devise42

@@ -1,13 +0,0 @@
-source "http://rubygems.org"
-
-# Specify your gem's dependencies in devise_cas_authenticatable.gemspec
-gemspec
-
-gem 'rails', '~> 5.0.0'
-gem 'devise', '~> 4.2.0'
-gem 'activerecord-session_store'
-gem 'sinatra', '~> 2.0.0.beta2'
-
-group :test do
-  gem 'castronaut', :git => 'https://github.com/nbudin/castronaut.git', :branch => 'dam5s-merge'
-end

data/lib/devise_cas_authenticatable/exceptions.rb

@@ -1,10 +0,0 @@
-# Thrown when a user attempts to pass a CAS ticket that the server
-# says is invalid.
-class InvalidCasTicketException < Exception
-  attr_reader :ticket
-  
-  def initialize(ticket, msg=nil)
-    super(msg)
-    @ticket = ticket
-  end
-end

data/lib/devise_cas_authenticatable/memcache_checker.rb

@@ -1,42 +0,0 @@
-require 'socket'
-require 'timeout'
-
-module DeviseCasAuthenticatable
-  class MemcacheChecker
-    attr_reader :rails_configuration
-
-    def initialize(rails_configuration)
-      @rails_configuration = rails_configuration
-    end
-
-    def session_store_memcache?
-      !!(session_store_class.name =~ /memcache/i)
-    end
-
-    def alive?
-      memcache_servers = rails_configuration.session_options[:memcache_server] || ["127.0.0.1:11211"]
-      memcache_servers.each do |server|
-        host, port = server.split(":")
-        begin
-          try_connect host, port
-
-          return true
-        rescue Errno::ECONNREFUSED, Timeout::Error
-          return false
-        end
-      end
-    end
-
-    def try_connect(host, port)
-      Timeout::timeout(1) do
-        TCPSocket.open(host, port)
-      end
-    end
-
-    private
-
-    def session_store_class
-      @session_store_class ||= DeviseCasAuthenticatable::SessionStoreIdentifier.new.session_store_class
-    end
-  end
-end

data/lib/devise_cas_authenticatable/railtie.rb

@@ -1,14 +0,0 @@
-require 'devise_cas_authenticatable'
-require 'rails'
-
-module DeviseCasAuthenticatable
-  class Railtie < ::Rails::Railtie
-    initializer "devise_cas_authenticatable.use_rack_middleware" do |app|
-      if Rails::VERSION::MAJOR < 5
-        app.config.middleware.use "DeviseCasAuthenticatable::SingleSignOut::StoreSessionId"
-      else
-        app.config.middleware.use DeviseCasAuthenticatable::SingleSignOut::StoreSessionId
-      end
-    end
-  end
-end

data/lib/devise_cas_authenticatable/schema.rb

@@ -1,20 +0,0 @@
-require 'devise/version'
-
-# Devise 2.1 removes schema stuff
-if Devise::VERSION < "2.1"
-  require 'devise/schema'
-
-  module Devise
-    module Schema
-      # Adds the required fields for cas_authenticatable to the schema.  Currently
-      # this is just username (String).
-      def cas_authenticatable
-        if respond_to? :apply_devise_schema
-          apply_devise_schema :username, String
-        else
-          apply_schema :username, String
-        end
-      end
-    end
-  end
-end

data/lib/devise_cas_authenticatable/session_store_identifier.rb

@@ -1,29 +0,0 @@
-module DeviseCasAuthenticatable
-  class SessionStoreIdentifier
-
-    def current_session_store
-      app = Rails.application.app
-      begin
-        app = (app.instance_variable_get(:@backend) || app.instance_variable_get(:@app) || app.instance_variable_get(:@target))
-      end until app.nil? or app.class == session_store_class
-      app
-    end
-
-    def session_store_class
-      @session_store_class ||=
-        begin
-          # Rails 3 & 4 session store
-          if ::DeviseCasAuthenticatable::SingleSignOut.rails3_or_greater?
-            Rails.configuration.session_store
-            ::Rails.application.config.session_store
-          else
-            # => Rails 2
-            ActionController::Base.session_store
-          end
-        rescue NameError => e
-          # for older versions of Rails (prior to 2.3)
-          ActionController::Base.session_options[:database_manager]
-        end
-    end
-  end
-end

data/lib/devise_cas_authenticatable/single_sign_out/rack.rb

@@ -1,39 +0,0 @@
-module DeviseCasAuthenticatable
-  module SingleSignOut
-
-    class StoreSessionId
-      CAS_TICKET_STORE = 'cas_last_valid_ticket_store'
-      CAS_LAST_TICKET  = 'cas_last_valid_ticket'
-
-      def initialize(app)
-        @app = app
-      end
-
-      def call(env)
-        store_session_id_for_cas_ticket(env)
-        @app.call(env)
-      end
-
-      private
-      def store_session_id_for_cas_ticket(env)
-        request = Rack::Request.new(env)
-        session = request.session
-
-        if session.respond_to?(:id)
-          # Rack > 1.5
-          session_id = session.id
-        else
-          # Compatible with old Rack requests
-          session_id = env['rack.session.options'][:id]
-        end
-        cas_ticket_store = session[CAS_TICKET_STORE]
-
-        if cas_ticket_store
-          Rails.logger.info "Storing Session ID #{session_id} for ticket #{session[CAS_LAST_TICKET]}"
-          ::DeviseCasAuthenticatable::SingleSignOut::Strategies.current_strategy.store_session_id_for_index(session[CAS_LAST_TICKET], session_id)
-          session[CAS_TICKET_STORE] = false
-        end
-      end
-    end
-  end
-end

data/lib/devise_cas_authenticatable/single_sign_out/strategies/base.rb

@@ -1,11 +0,0 @@
-module DeviseCasAuthenticatable
-  module SingleSignOut
-    module Strategies
-      class Base
-        def logger
-          @logger ||= Rails.logger
-        end
-      end
-    end
-  end
-end

data/lib/devise_cas_authenticatable/single_sign_out/strategies/rails_cache.rb

@@ -1,31 +0,0 @@
-module DeviseCasAuthenticatable
-  module SingleSignOut
-    module Strategies
-      class RailsCache < Base
-          def store_session_id_for_index(session_index, session_id)
-            logger.debug("Storing #{session_id} for index #{session_index}")
-            Rails.cache.write(cache_key(session_index), session_id)
-          end
-
-          def find_session_id_by_index(session_index)
-            sid = Rails.cache.read(cache_key(session_index))
-            logger.debug("Found session id #{sid} for index #{session_index}")
-            sid
-          end
-
-          def delete_session_index(session_index)
-            logger.debug("Deleting index #{session_index}")
-            Rails.cache.delete(cache_key(session_index))
-          end
-
-          private
-
-          def cache_key(session_index)
-            "devise_cas_authenticatable:#{session_index}"
-          end
-      end
-    end
-  end
-end
-
-::DeviseCasAuthenticatable::SingleSignOut::Strategies.add( :rails_cache, DeviseCasAuthenticatable::SingleSignOut::Strategies::RailsCache )

data/lib/devise_cas_authenticatable/single_sign_out/strategies/redis_cache.rb

@@ -1,38 +0,0 @@
-require 'devise_cas_authenticatable/single_sign_out/with_conn'
-
-module DeviseCasAuthenticatable
-  module SingleSignOut
-    module Strategies
-      class RedisCache < Base
-        include ::DeviseCasAuthenticatable::SingleSignOut::DestroySession
-        include ::DeviseCasAuthenticatable::SingleSignOut::WithConn
-
-        def store_session_id_for_index(session_index, session_id)
-          logger.debug("Storing #{session_id} for index #{session_index}")
-          with_conn do |conn|
-            conn.set(
-              cache_key(session_index),
-              session_id
-            )
-          end
-        end
-        def find_session_id_by_index(session_index)
-          sid = with_conn { |conn| conn.get(cache_key(session_index)) }
-          logger.debug("Found session id #{sid} for index #{session_index}") if sid
-          sid
-        end
-        def delete_session_index(session_index)
-          logger.debug("Deleting index #{session_index}")
-          destroy_session_by_id(session_index)
-        end
-
-        private
-        def cache_key(session_index)
-          "devise_cas_authenticatable:#{session_index}"
-        end
-      end
-    end
-  end
-end
-
-::DeviseCasAuthenticatable::SingleSignOut::Strategies.add(:redis_cache, DeviseCasAuthenticatable::SingleSignOut::Strategies::RedisCache )

data/lib/devise_cas_authenticatable/single_sign_out/strategies.rb

@@ -1,58 +0,0 @@
-module DeviseCasAuthenticatable
-  module SingleSignOut
-    module Strategies
-      class << self
-
-        # Add a strategy and store it in a hash.
-        def add(label, strategy, &block)
-          strategy ||= Class.new(DeviseCasAuthenticatable::SingleSignOut::Strategies::Base)
-          strategy.class_eval(&block) if block_given?
-
-          check_method(label, strategy, :store_session_id_for_index)
-          check_method(label, strategy, :find_session_id_by_index)
-          check_method(label, strategy, :delete_session_index)
-
-          unless strategy.ancestors.include?(DeviseCasAuthenticatable::SingleSignOut::Strategies::Base)
-            raise "#{label.inspect} is not a #{base}"
-          end
-
-          _strategies[label] = strategy.new()
-        end
-
-        # Update a previously given strategy.
-        def update(label, &block)
-          strategy = _strategies[label]
-          raise "Unknown strategy #{label.inspect}" unless strategy
-          add(label, strategy, &block)
-        end
-
-        # Provides access to strategies by label
-        def [](label)
-          _strategies[label]
-        end
-
-        def current_strategy
-          self[::Devise.cas_single_sign_out_mapping_strategy]
-        end
-
-        # Clears all declared.
-        def clear!
-          _strategies.clear
-        end
-
-        private
-
-        def _strategies
-          @strategies ||= {}
-        end
-
-        def check_method(label, strategy, method)
-          unless strategy.method_defined?(method)
-            raise NoMethodError, "#{method.to_s} is not declared in the #{label.inspect} strategy"
-          end
-        end
-
-      end
-    end
-  end
-end

data/lib/devise_cas_authenticatable/single_sign_out/warden_failure_app.rb

@@ -1,46 +0,0 @@
-# Redirect to the logout url when :warden is thrown,
-# so that a single_sign_out request can be initiated
-class DeviseCasAuthenticatable::SingleSignOut::WardenFailureApp < Devise::FailureApp
-
-  # You need to override respond to eliminate recall
-  def respond
-    if http_auth?
-      http_auth
-    else
-      redirect
-    end
-  end
-
-  def redirect
-    store_location!
-    if flash[:timedout] && flash[:alert]
-      flash.keep(:timedout)
-      flash.keep(:alert)
-    else
-      flash[:alert] = i18n_message
-    end
-    redirect_to redirect_url
-  end
-
-  protected
-
-  def redirect_url
-    if [:timeout, :inactive].include? warden_message
-      flash[:timedout] = true if warden_message == :timeout
-      Devise.cas_client.logout_url
-    else
-      if respond_to?(:scope_path)
-        scope_path
-      else
-        super
-      end
-    end
-  end
-  
-  # Devise < 2.0 doesn't have this method, which we want to use
-  unless instance_methods.include?(:warden_message)
-    define_method :warden_message do
-      @message ||= warden.message || warden_options[:message]
-    end
-  end
-end

data/lib/devise_cas_authenticatable/single_sign_out/with_conn.rb

@@ -1,14 +0,0 @@
-module DeviseCasAuthenticatable
-  module SingleSignOut
-    module WithConn
-      def with_conn(&block)
-        if old_style_conn = current_session_store.instance_variable_get(:@pool)
-          yield old_style_conn
-        else
-          current_session_store.instance_variable_get(:@conn)
-            .instance_variable_get(:@pool).with &block
-        end
-      end
-    end
-  end
-end

data/lib/devise_cas_authenticatable/single_sign_out.rb

@@ -1,69 +0,0 @@
-require 'devise_cas_authenticatable/single_sign_out/with_conn'
-
-module DeviseCasAuthenticatable
-  module SingleSignOut
-
-    def self.rails3_or_greater?
-      defined?(::Rails) && ::Rails::VERSION::MAJOR >= 3
-    end
-
-    # Supports destroying sessions by ID for ActiveRecord and Redis session stores
-    module DestroySession
-      include ::DeviseCasAuthenticatable::SingleSignOut::WithConn
-
-      def destroy_session_by_id(sid)
-        logger.debug "Single Sign Out from session store: #{current_session_store.class}"
-
-        if session_store_class.name =~ /ActiveRecord::SessionStore/
-          session = session_store_class::Session.find_by_session_id(sid)
-          session.destroy if session
-          true
-        elsif session_store_class.name =~ /ActionDispatch::Session::ActiveRecordStore/
-          session = current_session_store.session_class.find_by_session_id(sid)
-          session.destroy if session
-          true
-        elsif session_store_class.name =~ /ActionDispatch::Session::DalliStore/
-          current_session_store.send(:destroy_session, env, sid, drop: true)
-          true
-        elsif session_store_class.name =~ /RedisSessionStore/
-          current_session_store.send(:destroy_session, env, sid, drop: true)
-          true
-        elsif session_store_class.name =~ /Redis/
-          with_conn { |conn| conn.del(sid) }
-          true
-        elsif session_store_class.name =~ /CacheStore/
-          if current_session_store.respond_to?(:delete_session)  # Rails 5 and up
-            current_session_store.delete_session({}, sid, {})
-          else
-            current_session_store.destroy_session({}, sid, {})
-          end
-
-          true
-        else
-          logger.error "Cannot process logout request because this Rails application's session store is "+
-                " #{session_store_class.name} and is not a support session store type for Single Sign-Out."
-          false
-        end
-      end
-
-      def session_store_identifier
-        @session_store_identifier ||= DeviseCasAuthenticatable::SessionStoreIdentifier.new
-      end
-
-      def current_session_store
-        session_store_identifier.current_session_store
-      end
-
-      def session_store_class
-        session_store_identifier.session_store_class
-      end
-    end
-
-  end
-end
-
-require 'devise_cas_authenticatable/single_sign_out/strategies'
-require 'devise_cas_authenticatable/single_sign_out/strategies/base'
-require 'devise_cas_authenticatable/single_sign_out/strategies/rails_cache'
-require 'devise_cas_authenticatable/single_sign_out/strategies/redis_cache'
-require 'devise_cas_authenticatable/single_sign_out/rack'

data/spec/config_spec.rb

@@ -1,27 +0,0 @@
-require 'spec_helper'
-
-module Devise
-  def self.reset_cas_client!
-    @@cas_client = nil
-  end
-end
-
-describe Devise do
-  before do
-    Devise.cas_base_url = "http://www.example.com/cas_server"
-  end
-  
-  after { Devise.reset_cas_client! }
-  
-  it "should figure out the base URL correctly" do
-    Devise.cas_client.cas_base_url.should == "http://www.example.com/cas_server"
-  end
-  
-  it 'should accept extra options for the CAS client object' do
-    Devise.cas_client_config_options = { :encode_extra_attributes_as => :json }
-
-    conf_options = Devise.cas_client.instance_variable_get(:@conf_options)
-    conf_options.should_not be_nil
-    conf_options[:encode_extra_attributes_as].should == :json
-  end
-end

data/spec/memcache_checker_spec.rb

@@ -1,49 +0,0 @@
-require "spec_helper"
-
-describe DeviseCasAuthenticatable::MemcacheChecker do
-  let(:conf_double) { stub(session_options: {}) }
-
-  describe '#session_store_memcache?' do
-    subject(:session_store_memcache?) { described_class.new(conf_double).session_store_memcache? }
-
-    before do
-      DeviseCasAuthenticatable::SessionStoreIdentifier.any_instance
-        .stubs(:session_store_class).returns(session_store_class)
-    end
-
-    context "when session store is memcache" do
-      let(:session_store_class) { FakeMemcacheStore }
-
-      it { expect(session_store_memcache?).to eq true  }
-    end
-
-    context "when session store is NOT memcache" do
-      let(:session_store_class) { String }
-
-      it { expect(session_store_memcache?).to eq false  }
-    end
-  end
-
-  describe 'alive?' do
-    context "when memcache is down" do
-      let(:conf_double) { stub(session_options: {memcache_server: ['127.0.0.1:11223']}) }
-      subject(:alive?) { described_class.new(conf_double).alive? }
-
-      it { expect(alive?).to eq false }
-    end
-
-    context "when memcache is running" do
-      let(:conf_double) { stub(session_options: {memcache_server: ['127.0.0.1:11214']}) }
-      subject(:alive?) { described_class.new(conf_double).alive? }
-
-      before do
-        DeviseCasAuthenticatable::MemcacheChecker.any_instance.stubs(:try_connect)
-      end
-
-      it { expect(alive?).to eq true }
-    end
-  end
-end
-
-class FakeMemcacheStore
-end

data/spec/scenario/config/castronaut.yml

@@ -1,32 +0,0 @@
-organization_name: Foo Bar Baz Industries, LLC Inc. A division of Holdings Co.
-
-environment: development
-# The port the CAS webserver will start on
-server_port: 4567
-
-log_directory: log
-
-log_level: Logger::DEBUG
-
-ssl_enabled: false
-
-cas_database:
-  adapter: sqlite3
-  database: db/cas.sqlite3
-  timeout: 5000
-
-cas_adapter:
-  adapter: test_adapter
-
-# Use this example if you are using LDAP as your authentication source
-# cas_adapter:
-#   adapter: ldap
-#   host: localhost
-#   port: 389
-#   prefix: cn=
-#   base: dc=example, dc=com
-
-# Uncomment these to enable authentication callbacks
-# callbacks:
-#  on_authentication_success: http://example.com/authentication/success
-#  on_authentication_failed: http://example.com/authentication/failed

data/spec/scenario/config/initializers/castronaut.rb

@@ -1 +0,0 @@
-Castronaut.config.connect_activerecord

data/spec/scenario/config/initializers/session_store.rb

@@ -1,8 +0,0 @@
-# Be sure to restart your server when you modify this file.
-
-# Scenario::Application.config.session_store :cookie_store, :key => '_scenario_session'
-
-# Use the database for sessions instead of the cookie-based default,
-# which shouldn't be used to store highly confidential information
-# (create the session table with "rake db:sessions:create")
-Scenario::Application.config.session_store :active_record_store