devise_cas_authenticatable 1.0.0.alpha6 → 1.0.0.alpha7

data/Gemfile

@@ -10,15 +10,14 @@ group :development do
 end
 
 group :test do
-  gem "rails", ">= 3.0.0"
-  gem "rspec", ">= 2.0.0.beta.17"
-  gem "rspec-rails", ">= 2.0.0.beta.17"
+  gem "rails", ">= 3.0.7"
+  gem "rspec-rails", ">= 2.5.0"
   gem "mocha"
   gem "shoulda"
   gem "sqlite3-ruby"
   gem "sham_rack"
   gem "capybara"
-  gem 'rubycas-server', :git => 'https://github.com/gunark/rubycas-server.git', :branch => 'sinatra'
+  gem 'castronaut', :git => 'https://github.com/nbudin/castronaut.git', :branch => 'dam5s-merge'
   gem 'crypt-isaac'
   gem 'launchy'
 end

data/Gemfile.lock

@@ -1,18 +1,23 @@
 GIT
-  remote: https://github.com/gunark/rubycas-server.git
-  revision: c6ce0068bcaffe847f7b12804401c493b1179f47
-  branch: sinatra
+  remote: https://github.com/nbudin/castronaut.git
+  revision: 5bc38632aabaa8d98d1627787d2ad0525292ce43
+  branch: dam5s-merge
   specs:
-    rubycas-server (0.9.999999)
-      activerecord (~> 3.0.0)
-      activesupport (~> 3.0.0)
-      gettext (~> 2.1.0)
+    castronaut (0.7.5)
+      activerecord
+      activesupport
+      builder (>= 2.0.0)
+      crypt-isaac (~> 0.9)
+      json (~> 1.5.1)
+      mysql2
+      ruby-net-ldap
       sinatra (~> 1.0)
+      sqlite3 (~> 1.3.1)
 
 PATH
   remote: .
   specs:
-    devise_cas_authenticatable (1.0.0.alpha6)
+    devise_cas_authenticatable (1.0.0.alpha7)
       devise (>= 1.0.6)
       devise
       devise_cas_authenticatable
@@ -22,34 +27,33 @@ GEM
   remote: http://rubygems.org/
   specs:
     abstract (1.0.0)
-    actionmailer (3.0.0)
-      actionpack (= 3.0.0)
-      mail (~> 2.2.5)
-    actionpack (3.0.0)
-      activemodel (= 3.0.0)
-      activesupport (= 3.0.0)
+    actionmailer (3.0.7)
+      actionpack (= 3.0.7)
+      mail (~> 2.2.15)
+    actionpack (3.0.7)
+      activemodel (= 3.0.7)
+      activesupport (= 3.0.7)
       builder (~> 2.1.2)
       erubis (~> 2.6.6)
-      i18n (~> 0.4.1)
+      i18n (~> 0.5.0)
       rack (~> 1.2.1)
-      rack-mount (~> 0.6.12)
-      rack-test (~> 0.5.4)
+      rack-mount (~> 0.6.14)
+      rack-test (~> 0.5.7)
       tzinfo (~> 0.3.23)
-    activemodel (3.0.0)
-      activesupport (= 3.0.0)
+    activemodel (3.0.7)
+      activesupport (= 3.0.7)
       builder (~> 2.1.2)
-      i18n (~> 0.4.1)
-    activerecord (3.0.0)
-      activemodel (= 3.0.0)
-      activesupport (= 3.0.0)
-      arel (~> 1.0.0)
+      i18n (~> 0.5.0)
+    activerecord (3.0.7)
+      activemodel (= 3.0.7)
+      activesupport (= 3.0.7)
+      arel (~> 2.0.2)
       tzinfo (~> 0.3.23)
-    activeresource (3.0.0)
-      activemodel (= 3.0.0)
-      activesupport (= 3.0.0)
-    activesupport (3.0.0)
-    arel (1.0.1)
-      activesupport (~> 3.0.0)
+    activeresource (3.0.7)
+      activemodel (= 3.0.7)
+      activesupport (= 3.0.7)
+    activesupport (3.0.7)
+    arel (2.0.9)
     bcrypt-ruby (2.1.4)
     builder (2.1.2)
     capybara (0.4.1.1)
@@ -77,21 +81,19 @@ GEM
       abstract (>= 1.0.0)
     ffi (0.6.3)
       rake (>= 0.8.7)
-    gettext (2.1.0)
-      locale (>= 2.0.5)
     git (1.2.5)
-    i18n (0.4.2)
+    i18n (0.5.0)
     jeweler (1.5.2)
       bundler (~> 1.0.0)
       git (>= 1.2.5)
       rake
+    json (1.5.1)
     json_pure (1.5.0)
     launchy (0.3.7)
       configuration (>= 0.0.5)
       rake (>= 0.8.1)
     linecache (0.43)
-    locale (2.0.5)
-    mail (2.2.14)
+    mail (2.2.19)
       activesupport (>= 2.3.6)
       i18n (>= 0.4.0)
       mime-types (~> 1.16)
@@ -99,46 +101,48 @@ GEM
     mime-types (1.16)
     mocha (0.9.10)
       rake
+    mysql2 (0.3.2)
     nokogiri (1.4.4)
     orm_adapter (0.0.4)
     polyglot (0.3.1)
-    rack (1.2.1)
-    rack-mount (0.6.13)
+    rack (1.2.2)
+    rack-mount (0.6.14)
       rack (>= 1.0.0)
     rack-test (0.5.7)
       rack (>= 1.0)
-    rails (3.0.0)
-      actionmailer (= 3.0.0)
-      actionpack (= 3.0.0)
-      activerecord (= 3.0.0)
-      activeresource (= 3.0.0)
-      activesupport (= 3.0.0)
-      bundler (~> 1.0.0)
-      railties (= 3.0.0)
-    railties (3.0.0)
-      actionpack (= 3.0.0)
-      activesupport (= 3.0.0)
-      rake (>= 0.8.4)
-      thor (~> 0.14.0)
+    rails (3.0.7)
+      actionmailer (= 3.0.7)
+      actionpack (= 3.0.7)
+      activerecord (= 3.0.7)
+      activeresource (= 3.0.7)
+      activesupport (= 3.0.7)
+      bundler (~> 1.0)
+      railties (= 3.0.7)
+    railties (3.0.7)
+      actionpack (= 3.0.7)
+      activesupport (= 3.0.7)
+      rake (>= 0.8.7)
+      thor (~> 0.14.4)
     rake (0.8.7)
-    rspec (2.4.0)
-      rspec-core (~> 2.4.0)
-      rspec-expectations (~> 2.4.0)
-      rspec-mocks (~> 2.4.0)
-    rspec-core (2.4.0)
-    rspec-expectations (2.4.0)
+    rspec (2.5.0)
+      rspec-core (~> 2.5.0)
+      rspec-expectations (~> 2.5.0)
+      rspec-mocks (~> 2.5.0)
+    rspec-core (2.5.2)
+    rspec-expectations (2.5.0)
       diff-lcs (~> 1.1.2)
-    rspec-mocks (2.4.0)
-    rspec-rails (2.4.1)
+    rspec-mocks (2.5.0)
+    rspec-rails (2.5.0)
       actionpack (~> 3.0)
       activesupport (~> 3.0)
       railties (~> 3.0)
-      rspec (~> 2.4.0)
+      rspec (~> 2.5.0)
     ruby-debug (0.10.4)
       columnize (>= 0.1)
       ruby-debug-base (~> 0.10.4.0)
     ruby-debug-base (0.10.4)
       linecache (>= 0.3)
+    ruby-net-ldap (0.0.4)
     rubycas-client (2.2.1)
       activesupport
     rubyzip (0.9.4)
@@ -150,17 +154,17 @@ GEM
     sham_rack (1.3.3)
       rack
     shoulda (2.11.3)
-    sinatra (1.1.2)
+    sinatra (1.2.6)
       rack (~> 1.1)
-      tilt (~> 1.2)
+      tilt (>= 1.2.2, < 2.0)
     sqlite3 (1.3.3)
     sqlite3-ruby (1.3.3)
       sqlite3 (>= 1.3.3)
     thor (0.14.6)
-    tilt (1.2.2)
+    tilt (1.3)
     treetop (1.4.9)
       polyglot (>= 0.3.1)
-    tzinfo (0.3.24)
+    tzinfo (0.3.27)
     warden (1.0.3)
       rack (>= 1.0.0)
     xpath (0.1.3)
@@ -171,17 +175,16 @@ PLATFORMS
 
 DEPENDENCIES
   capybara
+  castronaut!
   crypt-isaac
   devise
   devise_cas_authenticatable!
   jeweler
   launchy
   mocha
-  rails (>= 3.0.0)
-  rspec (>= 2.0.0.beta.17)
-  rspec-rails (>= 2.0.0.beta.17)
+  rails (>= 3.0.7)
+  rspec-rails (>= 2.5.0)
   ruby-debug
-  rubycas-server!
   sham_rack
   shoulda
   sqlite3-ruby

data/README.md

@@ -56,7 +56,7 @@ You'll also need to set up the database schema for this:
 
 and, optionally, indexes:
 
-    add_index :username, :unique => true
+    add_index :users, :username, :unique => true
 
 Finally, you'll need to add some configuration to your config/initializers/devise.rb in order
 to tell your app how to talk to your CAS server:

data/VERSION

@@ -1 +1 @@
-1.0.0.alpha6
+1.0.0.alpha7

data/app/controllers/devise/cas_sessions_controller.rb

@@ -1,14 +1,20 @@
 class Devise::CasSessionsController < Devise::SessionsController  
   unloadable
   
-  def service
-    if signed_in?(resource_name)
-      redirect_to after_sign_in_path_for(resource_name)
-    else
-      redirect_to root_url
+  def new
+    unless returning_from_cas?
+      redirect_to(cas_login_url)
     end
   end
   
+  def service
+    warden.authenticate!(:scope => resource_name)
+    redirect_to after_sign_in_path_for(resource_name)
+  end
+  
+  def unregistered
+  end
+  
   def destroy
     # if :cas_create_user is false a CAS session might be open but not signed_in
     # in such case we destroy the session here
@@ -23,4 +29,14 @@ class Devise::CasSessionsController < Devise::SessionsController
     destination << after_sign_out_path_for(resource_name)
     redirect_to(::Devise.cas_client.logout_url(destination))
   end
+  
+  private  
+  def returning_from_cas?
+    params[:ticket] || request.referer =~ /^#{::Devise.cas_client.cas_base_url}/
+  end
+  
+  def cas_login_url
+    ::Devise.cas_client.add_service_to_login_url(::Devise.cas_service_url(request.url, devise_mapping))
+  end
+  helper_method :cas_login_url
 end

data/app/views/devise/cas_sessions/new.html.erb

@@ -0,0 +1 @@
+<p>Click <%= link_to "here", cas_login_url %> to sign in.</p>

data/app/views/devise/cas_sessions/unregistered.html.erb

@@ -0,0 +1,2 @@
+<p>The user <%=h params[:username] %> is not registered with this site.  
+  Please <%= link_to "sign in using a different account", Devise.cas_client.logout_url(new_session_url(resource_name)) %>.</p>

data/devise_cas_authenticatable.gemspec

@@ -5,11 +5,11 @@
 
 Gem::Specification.new do |s|
   s.name = %q{devise_cas_authenticatable}
-  s.version = "1.0.0.alpha6"
+  s.version = "1.0.0.alpha7"
 
   s.required_rubygems_version = Gem::Requirement.new("> 1.3.1") if s.respond_to? :required_rubygems_version=
   s.authors = ["Nat Budin"]
-  s.date = %q{2011-04-11}
+  s.date = %q{2011-05-10}
   s.description = %q{CAS authentication module for Devise}
   s.email = %q{natbudin@gmail.com}
   s.extra_rdoc_files = [
@@ -23,6 +23,8 @@ Gem::Specification.new do |s|
     "Rakefile",
     "VERSION",
     "app/controllers/devise/cas_sessions_controller.rb",
+    "app/views/devise/cas_sessions/new.html.erb",
+    "app/views/devise/cas_sessions/unregistered.html.erb",
     "devise_cas_authenticatable.gemspec",
     "lib/devise_cas_authenticatable.rb",
     "lib/devise_cas_authenticatable/exceptions.rb",
@@ -40,12 +42,14 @@ Gem::Specification.new do |s|
     "spec/scenario/config.ru",
     "spec/scenario/config/application.rb",
     "spec/scenario/config/boot.rb",
+    "spec/scenario/config/castronaut.yml",
     "spec/scenario/config/database.yml",
     "spec/scenario/config/environment.rb",
     "spec/scenario/config/environments/development.rb",
     "spec/scenario/config/environments/production.rb",
     "spec/scenario/config/environments/test.rb",
     "spec/scenario/config/initializers/backtrace_silencers.rb",
+    "spec/scenario/config/initializers/devise.rb",
     "spec/scenario/config/initializers/inflections.rb",
     "spec/scenario/config/initializers/mime_types.rb",
     "spec/scenario/config/initializers/secret_token.rb",
@@ -75,6 +79,7 @@ Gem::Specification.new do |s|
     "spec/scenario/config/environments/production.rb",
     "spec/scenario/config/environments/test.rb",
     "spec/scenario/config/initializers/backtrace_silencers.rb",
+    "spec/scenario/config/initializers/devise.rb",
     "spec/scenario/config/initializers/inflections.rb",
     "spec/scenario/config/initializers/mime_types.rb",
     "spec/scenario/config/initializers/secret_token.rb",
@@ -96,6 +101,8 @@ Gem::Specification.new do |s|
       s.add_development_dependency(%q<jeweler>, [">= 0"])
       s.add_development_dependency(%q<ruby-debug>, [">= 0"])
       s.add_development_dependency(%q<jeweler>, [">= 0"])
+      s.add_development_dependency(%q<ruby-debug>, [">= 0"])
+      s.add_development_dependency(%q<jeweler>, [">= 0"])
       s.add_runtime_dependency(%q<devise>, [">= 1.0.6"])
       s.add_runtime_dependency(%q<rubycas-client>, [">= 2.2.1"])
     else
@@ -105,6 +112,8 @@ Gem::Specification.new do |s|
       s.add_dependency(%q<jeweler>, [">= 0"])
       s.add_dependency(%q<ruby-debug>, [">= 0"])
       s.add_dependency(%q<jeweler>, [">= 0"])
+      s.add_dependency(%q<ruby-debug>, [">= 0"])
+      s.add_dependency(%q<jeweler>, [">= 0"])
       s.add_dependency(%q<devise>, [">= 1.0.6"])
       s.add_dependency(%q<rubycas-client>, [">= 2.2.1"])
     end
@@ -115,6 +124,8 @@ Gem::Specification.new do |s|
     s.add_dependency(%q<jeweler>, [">= 0"])
     s.add_dependency(%q<ruby-debug>, [">= 0"])
     s.add_dependency(%q<jeweler>, [">= 0"])
+    s.add_dependency(%q<ruby-debug>, [">= 0"])
+    s.add_dependency(%q<jeweler>, [">= 0"])
     s.add_dependency(%q<devise>, [">= 1.0.6"])
     s.add_dependency(%q<rubycas-client>, [">= 2.2.1"])
   end

data/lib/devise_cas_authenticatable/routes.rb

@@ -9,7 +9,8 @@ if ActionController::Routing.name =~ /ActionDispatch/
       get "/", :to => "#{controllers[:cas_sessions]}#service", :as => ""
       
       resource :session, :only => [], :controller => controllers[:cas_sessions], :path => "" do
-        get :new, :path => mapping.path_names[:sign_in], :to => "#{controllers[:cas_sessions]}#create", :as => "new"
+        get :new, :path => mapping.path_names[:sign_in], :as => "new"
+        get :unregistered
         post :create, :path => mapping.path_names[:sign_in]
         match :destroy, :path => mapping.path_names[:sign_out], :as => "destroy"
       end      
@@ -24,7 +25,8 @@ else
     def cas_authenticatable(routes, mapping)
       routes.with_options(:controller => 'devise/cas_sessions', :name_prefix => nil) do |session|
         session.send(:"#{mapping.name}", '/', :action => 'service', :conditions => {:method => :get})
-        session.send(:"new_#{mapping.name}_session", mapping.path_names[:sign_in], :action => 'create', :conditions => {:method => :get})
+        session.send(:"unregistered_#{mapping_name}_session", '/unregistered', :action => "unregistered", :conditions => {:method => :get})
+        session.send(:"new_#{mapping.name}_session", mapping.path_names[:sign_in], :action => 'new', :conditions => {:method => :get})
         session.send(:"#{mapping.name}_session", mapping.path_names[:sign_in], :action => 'create', :conditions => {:method => :post})
         session.send(:"destroy_#{mapping.name}_session", mapping.path_names[:sign_out], :action => 'destroy', :conditions => { :method => :get })
       end

data/lib/devise_cas_authenticatable/strategy.rb

@@ -5,7 +5,7 @@ module Devise
     class CasAuthenticatable < Base
       # True if the mapping supports authenticate_with_cas_ticket.
       def valid?
-        mapping.to.respond_to?(:authenticate_with_cas_ticket)
+        mapping.to.respond_to?(:authenticate_with_cas_ticket) && params[:ticket]
       end
       
       # Try to authenticate a user using the CAS ticket passed in params.
@@ -18,40 +18,24 @@ module Devise
         if ticket
           if resource = mapping.to.authenticate_with_cas_ticket(ticket)
             success!(resource)
+          elsif ticket.is_valid?
+            redirect!(::Devise.cas_service_url(request.url, mapping) + "/unregistered", :username => ticket.response.user)
+            #fail!("The user #{ticket.response.user} is not registered with this site.  Please use a different account.")
           else
-            fail(:invalid)
+            fail!(:invalid)
           end
-        elsif returning_from_cas?
-          fail(:invalid)
         else
-          redirect!(login_url)
+          fail!(:invalid)
         end
       end
       
       protected
-      def returning_from_cas?
-        request.referer =~ /^#{::Devise.cas_client.cas_base_url}/
-      end
-     
-      def login_url
-        ::Devise.cas_client.add_service_to_login_url(service_url)
-      end
       
-      def service_url
-        u = URI.parse(request.url)
-        u.query = nil
-        u.path = if mapping.respond_to?(:fullpath)
-          mapping.fullpath
-        else
-          mapping.raw_path
-        end
-        u.to_s
-      end
-  
       def read_ticket(params)
         ticket = params[:ticket]
         return nil unless ticket
-              
+        
+        service_url = ::Devise.cas_service_url(request.url, mapping)
         if ticket =~ /^PT-/
           ::CASClient::ProxyTicket.new(ticket, service_url, params[:renew])
         else

data/lib/devise_cas_authenticatable.rb

@@ -35,8 +35,11 @@ module Devise
   # Should devise_cas_authenticatable attempt to create new user records for
   # unknown usernames?  True by default.
   @@cas_create_user = true
+
+  # Name of the parameter passed in the logout query 
+  @@cas_destination_logout_param_name = nil
   
-  mattr_accessor :cas_base_url, :cas_login_url, :cas_logout_url, :cas_validate_url, :cas_create_user
+  mattr_accessor :cas_base_url, :cas_login_url, :cas_logout_url, :cas_validate_url, :cas_create_user, :cas_destination_logout_param_name
 
   def self.cas_create_user?
     cas_create_user
@@ -45,12 +48,24 @@ module Devise
   # Return a CASClient::Client instance based on configuration parameters.
   def self.cas_client
     @@cas_client ||= CASClient::Client.new(
+        :cas_destination_logout_param_name => @@cas_destination_logout_param_name,
         :cas_base_url => @@cas_base_url,
         :login_url => @@cas_login_url,
         :logout_url => @@cas_logout_url,
         :validate_url => @@cas_validate_url
       )
   end
+  
+  def self.cas_service_url(base_url, mapping)
+    u = URI.parse(base_url)
+    u.query = nil
+    u.path = if mapping.respond_to?(:fullpath)
+      mapping.fullpath
+    else
+      mapping.raw_path
+    end
+    u.to_s
+  end
 end
 
 Devise.add_module(:cas_authenticatable,

data/spec/routes_spec.rb

@@ -4,9 +4,10 @@ describe Devise::CasSessionsController do
   include RSpec::Rails::ControllerExampleGroup
   
   it { should route(:get, "/users").to(:action => "service") }
-  it { should route(:get, "/users/sign_in").to(:action => "create") }
+  it { should route(:get, "/users/sign_in").to(:action => "new") }
   it { should route(:post, "/users/sign_in").to(:action => "create") }
   it { should route(:get, "/users/sign_out").to(:action => "destroy") }
+  it { should route(:get, "/users/unregistered").to(:action => "unregistered") }
   
   it "should have the right route names" do
     controller.should respond_to("user_path", "new_user_session_path", "user_session_path", "destroy_user_session_path")
@@ -14,5 +15,6 @@ describe Devise::CasSessionsController do
     controller.new_user_session_path.should == "/users/sign_in"
     controller.user_session_path.should == "/users/sign_in"
     controller.destroy_user_session_path.should == "/users/sign_out"
+    controller.unregistered_user_session_path.should == "/users/unregistered"
   end
 end

data/spec/scenario/config/application.rb

@@ -4,15 +4,8 @@ require 'rails/all'
 
 Bundler.require(:default, Rails.env) if defined?(Bundler)
 
-require "devise"
-require "devise_cas_authenticatable"
-
-Devise.setup do |config|
-  require "devise/orm/active_record"
-end
-
-require 'casserver/authenticators/base'
-class TestAuthenticator < CASServer::Authenticators::Base
+require 'castronaut'
+class TestAdapter
   def self.reset_valid_users!
     @@valid_users = {
       "joeuser" => "joepassword"
@@ -24,11 +17,20 @@ class TestAuthenticator < CASServer::Authenticators::Base
     @@valid_users[username] = password
   end
   
-  def validate(credentials)
-    @@valid_users[credentials[:username]] == credentials[:password]
+  def self.authenticate(username, password)
+    error_message = if @@valid_users[username] == password
+      nil
+    else
+      "Invalid password"
+    end
+    
+    Castronaut::AuthenticationResult.new(username, error_message)
   end  
 end
 
+Castronaut::Adapters.register("test_adapter", TestAdapter)
+Castronaut.config = Castronaut::Configuration.load(File.expand_path(File.join(File.dirname(__FILE__), "castronaut.yml")))
+
 module Scenario
   class Application < Rails::Application
     config.active_support.deprecation = :stderr

data/spec/scenario/config/castronaut.yml

@@ -0,0 +1,32 @@
+organization_name: Foo Bar Baz Industries, LLC Inc. A division of Holdings Co.
+
+environment: development
+# The port the CAS webserver will start on
+server_port: 4567
+
+log_directory: log
+
+log_level: Logger::DEBUG
+
+ssl_enabled: false
+
+cas_database:
+  adapter: sqlite3
+  database: db/cas.sqlite3
+  timeout: 5000
+
+cas_adapter:
+  adapter: test_adapter
+
+# Use this example if you are using LDAP as your authentication source
+# cas_adapter:
+#   adapter: ldap
+#   host: localhost
+#   port: 389
+#   prefix: cn=
+#   base: dc=example, dc=com
+
+# Uncomment these to enable authentication callbacks
+# callbacks:
+#  on_authentication_success: http://example.com/authentication/success
+#  on_authentication_failed: http://example.com/authentication/failed

data/spec/scenario/config/initializers/devise.rb

@@ -0,0 +1,3 @@
+Devise.setup do |config|
+  require "devise/orm/active_record"
+end

data/spec/scenario/config/routes.rb

@@ -1,8 +1,8 @@
-ENV['CONFIG_FILE'] = File.expand_path('../rubycas-server.yml', __FILE__)
-require 'casserver'
+require 'castronaut/application'
+Castronaut::Application.set(:path, "/cas_server")
 
 Scenario::Application.routes.draw do
   devise_for :users
-  match "/cas_server/*args" => CASServer::Server, :as => "cas_server"
+  mount Castronaut::Application, :at => "/cas_server"
   root :to => "home#index"
 end

data/spec/spec_helper.rb

@@ -12,4 +12,11 @@ RSpec.configure do |config|
   config.mock_with :mocha 
 end
 
+ShamRack.at('www.example.com') do |env|
+  request = Rack::Request.new(env)
+  request.path_info = request.path_info.sub(/^\/cas_server/, '')
+  
+  Castronaut::Application.call(request.env)
+end
+
 Dir["#{File.dirname(__FILE__)}/support/**/*.rb"].each { |f| require f }

data/spec/strategy_spec.rb

@@ -1,18 +1,20 @@
 require 'spec_helper'
 
 describe Devise::Strategies::CasAuthenticatable, :type => "acceptance" do
-  include Rspec::Rails::RequestExampleGroup
+  include RSpec::Rails::RequestExampleGroup
   
   before do    
     Devise.cas_base_url = "http://www.example.com/cas_server"
-    TestAuthenticator.reset_valid_users!
+    TestAdapter.reset_valid_users!
+
+    User.delete_all
     User.create! do |u|
       u.username = "joeuser"
     end
   end
   
   after do
-    User.delete_all
+    visit destroy_user_session_url
   end
   
   def cas_login_url
@@ -23,21 +25,72 @@ describe Devise::Strategies::CasAuthenticatable, :type => "acceptance" do
     end
   end
   
+  def cas_logout_url
+    @cas_logout_url ||= Devise.cas_base_url + "/logout"
+  end
+  
+  def sign_into_cas(username, password)
+    visit root_url
+    current_url.should == cas_login_url
+    fill_in "Username", :with => username
+    fill_in "Password", :with => password
+    click_on "Login"
+  end
+  
   describe "GET /protected/resource" do
     before { get '/' }
 
     it 'should redirect to sign-in' do
       response.should be_redirect
-      response.should redirect_to(cas_login_url)
+      response.should redirect_to(new_user_session_url)
     end
   end
   
-  describe "Sign in with valid user" do
-    it 'should log in ok' do
-      puts cas_login_url
-      visit cas_login_url
-      puts Capybara.current_session.current_url
-      save_and_open_page
+  describe "GET /users/sign_in" do
+    before { get new_user_session_url }
+    
+    it 'should redirect to CAS server' do
+      response.should be_redirect
+      response.should redirect_to(cas_login_url)
     end
   end
+  
+  it "should sign in with valid user" do
+    sign_into_cas "joeuser", "joepassword"
+    current_url.should == root_url
+  end
+  
+  it "should fail to sign in with an invalid user" do
+    sign_into_cas "invaliduser", "invalidpassword"
+    current_url.should_not == root_url
+  end
+  
+  it "should register new CAS users if set up to do so" do
+    User.count.should == 1
+    TestAdapter.register_valid_user("newuser", "newpassword")
+    Devise.cas_create_user = true
+    sign_into_cas "newuser", "newpassword"
+    
+    current_url.should == root_url
+    User.count.should == 2
+    User.find_by_username("newuser").should_not be_nil
+  end
+  
+  it "should fail CAS login if user is unregistered and cas_create_user is false" do
+    User.count.should == 1
+    TestAdapter.register_valid_user("newuser", "newpassword")
+    Devise.cas_create_user = false
+    sign_into_cas "newuser", "newpassword"
+    
+    current_url.should_not == root_url
+    User.count.should == 1
+    User.find_by_username("newuser").should be_nil
+
+    click_on "sign in using a different account"
+    current_url.should == cas_login_url
+    fill_in "Username", :with => "joeuser"
+    fill_in "Password", :with => "joepassword"
+    click_on "Login"
+    current_url.should == root_url
+  end
 end

metadata

@@ -1,15 +1,15 @@
 --- !ruby/object:Gem::Specification 
 name: devise_cas_authenticatable
 version: !ruby/object:Gem::Version 
-  hash: -3702664336
+  hash: -3702664334
   prerelease: 6
   segments: 
   - 1
   - 0
   - 0
   - alpha
-  - 6
-  version: 1.0.0.alpha6
+  - 7
+  version: 1.0.0.alpha7
 platform: ruby
 authors: 
 - Nat Budin
@@ -17,7 +17,7 @@ autorequire:
 bindir: bin
 cert_chain: []
 
-date: 2011-04-11 00:00:00 -04:00
+date: 2011-05-10 00:00:00 -04:00
 default_executable: 
 dependencies: 
 - !ruby/object:Gem::Dependency 
@@ -105,8 +105,64 @@ dependencies:
   version_requirements: *id006
   prerelease: false
 - !ruby/object:Gem::Dependency 
-  type: :runtime
+  type: :development
   requirement: &id007 !ruby/object:Gem::Requirement 
+    none: false
+    requirements: 
+    - - ">="
+      - !ruby/object:Gem::Version 
+        hash: 3
+        segments: 
+        - 0
+        version: "0"
+  name: ruby-debug
+  version_requirements: *id007
+  prerelease: false
+- !ruby/object:Gem::Dependency 
+  type: :development
+  requirement: &id008 !ruby/object:Gem::Requirement 
+    none: false
+    requirements: 
+    - - ">="
+      - !ruby/object:Gem::Version 
+        hash: 3
+        segments: 
+        - 0
+        version: "0"
+  name: jeweler
+  version_requirements: *id008
+  prerelease: false
+- !ruby/object:Gem::Dependency 
+  type: :development
+  requirement: &id009 !ruby/object:Gem::Requirement 
+    none: false
+    requirements: 
+    - - ">="
+      - !ruby/object:Gem::Version 
+        hash: 3
+        segments: 
+        - 0
+        version: "0"
+  name: ruby-debug
+  version_requirements: *id009
+  prerelease: false
+- !ruby/object:Gem::Dependency 
+  type: :development
+  requirement: &id010 !ruby/object:Gem::Requirement 
+    none: false
+    requirements: 
+    - - ">="
+      - !ruby/object:Gem::Version 
+        hash: 3
+        segments: 
+        - 0
+        version: "0"
+  name: jeweler
+  version_requirements: *id010
+  prerelease: false
+- !ruby/object:Gem::Dependency 
+  type: :runtime
+  requirement: &id011 !ruby/object:Gem::Requirement 
     none: false
     requirements: 
     - - ">="
@@ -118,11 +174,11 @@ dependencies:
         - 6
         version: 1.0.6
   name: devise
-  version_requirements: *id007
+  version_requirements: *id011
   prerelease: false
 - !ruby/object:Gem::Dependency 
   type: :runtime
-  requirement: &id008 !ruby/object:Gem::Requirement 
+  requirement: &id012 !ruby/object:Gem::Requirement 
     none: false
     requirements: 
     - - ">="
@@ -134,7 +190,7 @@ dependencies:
         - 1
         version: 2.2.1
   name: rubycas-client
-  version_requirements: *id008
+  version_requirements: *id012
   prerelease: false
 description: CAS authentication module for Devise
 email: natbudin@gmail.com
@@ -152,6 +208,8 @@ files:
 - Rakefile
 - VERSION
 - app/controllers/devise/cas_sessions_controller.rb
+- app/views/devise/cas_sessions/new.html.erb
+- app/views/devise/cas_sessions/unregistered.html.erb
 - devise_cas_authenticatable.gemspec
 - lib/devise_cas_authenticatable.rb
 - lib/devise_cas_authenticatable/exceptions.rb
@@ -169,12 +227,14 @@ files:
 - spec/scenario/config.ru
 - spec/scenario/config/application.rb
 - spec/scenario/config/boot.rb
+- spec/scenario/config/castronaut.yml
 - spec/scenario/config/database.yml
 - spec/scenario/config/environment.rb
 - spec/scenario/config/environments/development.rb
 - spec/scenario/config/environments/production.rb
 - spec/scenario/config/environments/test.rb
 - spec/scenario/config/initializers/backtrace_silencers.rb
+- spec/scenario/config/initializers/devise.rb
 - spec/scenario/config/initializers/inflections.rb
 - spec/scenario/config/initializers/mime_types.rb
 - spec/scenario/config/initializers/secret_token.rb
@@ -235,6 +295,7 @@ test_files:
 - spec/scenario/config/environments/production.rb
 - spec/scenario/config/environments/test.rb
 - spec/scenario/config/initializers/backtrace_silencers.rb
+- spec/scenario/config/initializers/devise.rb
 - spec/scenario/config/initializers/inflections.rb
 - spec/scenario/config/initializers/mime_types.rb
 - spec/scenario/config/initializers/secret_token.rb