devise_cas_authenticatable 1.0.0.alpha6 → 1.0.0.alpha7
Sign up to get free protection for your applications and to get access to all the features.
- data/Gemfile +3 -4
- data/Gemfile.lock +70 -67
- data/README.md +1 -1
- data/VERSION +1 -1
- data/app/controllers/devise/cas_sessions_controller.rb +21 -5
- data/app/views/devise/cas_sessions/new.html.erb +1 -0
- data/app/views/devise/cas_sessions/unregistered.html.erb +2 -0
- data/devise_cas_authenticatable.gemspec +13 -2
- data/lib/devise_cas_authenticatable/routes.rb +4 -2
- data/lib/devise_cas_authenticatable/strategy.rb +8 -24
- data/lib/devise_cas_authenticatable.rb +16 -1
- data/spec/routes_spec.rb +3 -1
- data/spec/scenario/config/application.rb +13 -11
- data/spec/scenario/config/castronaut.yml +32 -0
- data/spec/scenario/config/initializers/devise.rb +3 -0
- data/spec/scenario/config/routes.rb +3 -3
- data/spec/spec_helper.rb +7 -0
- data/spec/strategy_spec.rb +63 -10
- metadata +69 -8
data/Gemfile
CHANGED
@@ -10,15 +10,14 @@ group :development do
|
|
10
10
|
end
|
11
11
|
|
12
12
|
group :test do
|
13
|
-
gem "rails", ">= 3.0.
|
14
|
-
gem "rspec", ">= 2.
|
15
|
-
gem "rspec-rails", ">= 2.0.0.beta.17"
|
13
|
+
gem "rails", ">= 3.0.7"
|
14
|
+
gem "rspec-rails", ">= 2.5.0"
|
16
15
|
gem "mocha"
|
17
16
|
gem "shoulda"
|
18
17
|
gem "sqlite3-ruby"
|
19
18
|
gem "sham_rack"
|
20
19
|
gem "capybara"
|
21
|
-
gem '
|
20
|
+
gem 'castronaut', :git => 'https://github.com/nbudin/castronaut.git', :branch => 'dam5s-merge'
|
22
21
|
gem 'crypt-isaac'
|
23
22
|
gem 'launchy'
|
24
23
|
end
|
data/Gemfile.lock
CHANGED
@@ -1,18 +1,23 @@
|
|
1
1
|
GIT
|
2
|
-
remote: https://github.com/
|
3
|
-
revision:
|
4
|
-
branch:
|
2
|
+
remote: https://github.com/nbudin/castronaut.git
|
3
|
+
revision: 5bc38632aabaa8d98d1627787d2ad0525292ce43
|
4
|
+
branch: dam5s-merge
|
5
5
|
specs:
|
6
|
-
|
7
|
-
activerecord
|
8
|
-
activesupport
|
9
|
-
|
6
|
+
castronaut (0.7.5)
|
7
|
+
activerecord
|
8
|
+
activesupport
|
9
|
+
builder (>= 2.0.0)
|
10
|
+
crypt-isaac (~> 0.9)
|
11
|
+
json (~> 1.5.1)
|
12
|
+
mysql2
|
13
|
+
ruby-net-ldap
|
10
14
|
sinatra (~> 1.0)
|
15
|
+
sqlite3 (~> 1.3.1)
|
11
16
|
|
12
17
|
PATH
|
13
18
|
remote: .
|
14
19
|
specs:
|
15
|
-
devise_cas_authenticatable (1.0.0.
|
20
|
+
devise_cas_authenticatable (1.0.0.alpha7)
|
16
21
|
devise (>= 1.0.6)
|
17
22
|
devise
|
18
23
|
devise_cas_authenticatable
|
@@ -22,34 +27,33 @@ GEM
|
|
22
27
|
remote: http://rubygems.org/
|
23
28
|
specs:
|
24
29
|
abstract (1.0.0)
|
25
|
-
actionmailer (3.0.
|
26
|
-
actionpack (= 3.0.
|
27
|
-
mail (~> 2.2.
|
28
|
-
actionpack (3.0.
|
29
|
-
activemodel (= 3.0.
|
30
|
-
activesupport (= 3.0.
|
30
|
+
actionmailer (3.0.7)
|
31
|
+
actionpack (= 3.0.7)
|
32
|
+
mail (~> 2.2.15)
|
33
|
+
actionpack (3.0.7)
|
34
|
+
activemodel (= 3.0.7)
|
35
|
+
activesupport (= 3.0.7)
|
31
36
|
builder (~> 2.1.2)
|
32
37
|
erubis (~> 2.6.6)
|
33
|
-
i18n (~> 0.
|
38
|
+
i18n (~> 0.5.0)
|
34
39
|
rack (~> 1.2.1)
|
35
|
-
rack-mount (~> 0.6.
|
36
|
-
rack-test (~> 0.5.
|
40
|
+
rack-mount (~> 0.6.14)
|
41
|
+
rack-test (~> 0.5.7)
|
37
42
|
tzinfo (~> 0.3.23)
|
38
|
-
activemodel (3.0.
|
39
|
-
activesupport (= 3.0.
|
43
|
+
activemodel (3.0.7)
|
44
|
+
activesupport (= 3.0.7)
|
40
45
|
builder (~> 2.1.2)
|
41
|
-
i18n (~> 0.
|
42
|
-
activerecord (3.0.
|
43
|
-
activemodel (= 3.0.
|
44
|
-
activesupport (= 3.0.
|
45
|
-
arel (~>
|
46
|
+
i18n (~> 0.5.0)
|
47
|
+
activerecord (3.0.7)
|
48
|
+
activemodel (= 3.0.7)
|
49
|
+
activesupport (= 3.0.7)
|
50
|
+
arel (~> 2.0.2)
|
46
51
|
tzinfo (~> 0.3.23)
|
47
|
-
activeresource (3.0.
|
48
|
-
activemodel (= 3.0.
|
49
|
-
activesupport (= 3.0.
|
50
|
-
activesupport (3.0.
|
51
|
-
arel (
|
52
|
-
activesupport (~> 3.0.0)
|
52
|
+
activeresource (3.0.7)
|
53
|
+
activemodel (= 3.0.7)
|
54
|
+
activesupport (= 3.0.7)
|
55
|
+
activesupport (3.0.7)
|
56
|
+
arel (2.0.9)
|
53
57
|
bcrypt-ruby (2.1.4)
|
54
58
|
builder (2.1.2)
|
55
59
|
capybara (0.4.1.1)
|
@@ -77,21 +81,19 @@ GEM
|
|
77
81
|
abstract (>= 1.0.0)
|
78
82
|
ffi (0.6.3)
|
79
83
|
rake (>= 0.8.7)
|
80
|
-
gettext (2.1.0)
|
81
|
-
locale (>= 2.0.5)
|
82
84
|
git (1.2.5)
|
83
|
-
i18n (0.
|
85
|
+
i18n (0.5.0)
|
84
86
|
jeweler (1.5.2)
|
85
87
|
bundler (~> 1.0.0)
|
86
88
|
git (>= 1.2.5)
|
87
89
|
rake
|
90
|
+
json (1.5.1)
|
88
91
|
json_pure (1.5.0)
|
89
92
|
launchy (0.3.7)
|
90
93
|
configuration (>= 0.0.5)
|
91
94
|
rake (>= 0.8.1)
|
92
95
|
linecache (0.43)
|
93
|
-
|
94
|
-
mail (2.2.14)
|
96
|
+
mail (2.2.19)
|
95
97
|
activesupport (>= 2.3.6)
|
96
98
|
i18n (>= 0.4.0)
|
97
99
|
mime-types (~> 1.16)
|
@@ -99,46 +101,48 @@ GEM
|
|
99
101
|
mime-types (1.16)
|
100
102
|
mocha (0.9.10)
|
101
103
|
rake
|
104
|
+
mysql2 (0.3.2)
|
102
105
|
nokogiri (1.4.4)
|
103
106
|
orm_adapter (0.0.4)
|
104
107
|
polyglot (0.3.1)
|
105
|
-
rack (1.2.
|
106
|
-
rack-mount (0.6.
|
108
|
+
rack (1.2.2)
|
109
|
+
rack-mount (0.6.14)
|
107
110
|
rack (>= 1.0.0)
|
108
111
|
rack-test (0.5.7)
|
109
112
|
rack (>= 1.0)
|
110
|
-
rails (3.0.
|
111
|
-
actionmailer (= 3.0.
|
112
|
-
actionpack (= 3.0.
|
113
|
-
activerecord (= 3.0.
|
114
|
-
activeresource (= 3.0.
|
115
|
-
activesupport (= 3.0.
|
116
|
-
bundler (~> 1.0
|
117
|
-
railties (= 3.0.
|
118
|
-
railties (3.0.
|
119
|
-
actionpack (= 3.0.
|
120
|
-
activesupport (= 3.0.
|
121
|
-
rake (>= 0.8.
|
122
|
-
thor (~> 0.14.
|
113
|
+
rails (3.0.7)
|
114
|
+
actionmailer (= 3.0.7)
|
115
|
+
actionpack (= 3.0.7)
|
116
|
+
activerecord (= 3.0.7)
|
117
|
+
activeresource (= 3.0.7)
|
118
|
+
activesupport (= 3.0.7)
|
119
|
+
bundler (~> 1.0)
|
120
|
+
railties (= 3.0.7)
|
121
|
+
railties (3.0.7)
|
122
|
+
actionpack (= 3.0.7)
|
123
|
+
activesupport (= 3.0.7)
|
124
|
+
rake (>= 0.8.7)
|
125
|
+
thor (~> 0.14.4)
|
123
126
|
rake (0.8.7)
|
124
|
-
rspec (2.
|
125
|
-
rspec-core (~> 2.
|
126
|
-
rspec-expectations (~> 2.
|
127
|
-
rspec-mocks (~> 2.
|
128
|
-
rspec-core (2.
|
129
|
-
rspec-expectations (2.
|
127
|
+
rspec (2.5.0)
|
128
|
+
rspec-core (~> 2.5.0)
|
129
|
+
rspec-expectations (~> 2.5.0)
|
130
|
+
rspec-mocks (~> 2.5.0)
|
131
|
+
rspec-core (2.5.2)
|
132
|
+
rspec-expectations (2.5.0)
|
130
133
|
diff-lcs (~> 1.1.2)
|
131
|
-
rspec-mocks (2.
|
132
|
-
rspec-rails (2.
|
134
|
+
rspec-mocks (2.5.0)
|
135
|
+
rspec-rails (2.5.0)
|
133
136
|
actionpack (~> 3.0)
|
134
137
|
activesupport (~> 3.0)
|
135
138
|
railties (~> 3.0)
|
136
|
-
rspec (~> 2.
|
139
|
+
rspec (~> 2.5.0)
|
137
140
|
ruby-debug (0.10.4)
|
138
141
|
columnize (>= 0.1)
|
139
142
|
ruby-debug-base (~> 0.10.4.0)
|
140
143
|
ruby-debug-base (0.10.4)
|
141
144
|
linecache (>= 0.3)
|
145
|
+
ruby-net-ldap (0.0.4)
|
142
146
|
rubycas-client (2.2.1)
|
143
147
|
activesupport
|
144
148
|
rubyzip (0.9.4)
|
@@ -150,17 +154,17 @@ GEM
|
|
150
154
|
sham_rack (1.3.3)
|
151
155
|
rack
|
152
156
|
shoulda (2.11.3)
|
153
|
-
sinatra (1.
|
157
|
+
sinatra (1.2.6)
|
154
158
|
rack (~> 1.1)
|
155
|
-
tilt (
|
159
|
+
tilt (>= 1.2.2, < 2.0)
|
156
160
|
sqlite3 (1.3.3)
|
157
161
|
sqlite3-ruby (1.3.3)
|
158
162
|
sqlite3 (>= 1.3.3)
|
159
163
|
thor (0.14.6)
|
160
|
-
tilt (1.
|
164
|
+
tilt (1.3)
|
161
165
|
treetop (1.4.9)
|
162
166
|
polyglot (>= 0.3.1)
|
163
|
-
tzinfo (0.3.
|
167
|
+
tzinfo (0.3.27)
|
164
168
|
warden (1.0.3)
|
165
169
|
rack (>= 1.0.0)
|
166
170
|
xpath (0.1.3)
|
@@ -171,17 +175,16 @@ PLATFORMS
|
|
171
175
|
|
172
176
|
DEPENDENCIES
|
173
177
|
capybara
|
178
|
+
castronaut!
|
174
179
|
crypt-isaac
|
175
180
|
devise
|
176
181
|
devise_cas_authenticatable!
|
177
182
|
jeweler
|
178
183
|
launchy
|
179
184
|
mocha
|
180
|
-
rails (>= 3.0.
|
181
|
-
rspec (>= 2.
|
182
|
-
rspec-rails (>= 2.0.0.beta.17)
|
185
|
+
rails (>= 3.0.7)
|
186
|
+
rspec-rails (>= 2.5.0)
|
183
187
|
ruby-debug
|
184
|
-
rubycas-server!
|
185
188
|
sham_rack
|
186
189
|
shoulda
|
187
190
|
sqlite3-ruby
|
data/README.md
CHANGED
@@ -56,7 +56,7 @@ You'll also need to set up the database schema for this:
|
|
56
56
|
|
57
57
|
and, optionally, indexes:
|
58
58
|
|
59
|
-
add_index :username, :unique => true
|
59
|
+
add_index :users, :username, :unique => true
|
60
60
|
|
61
61
|
Finally, you'll need to add some configuration to your config/initializers/devise.rb in order
|
62
62
|
to tell your app how to talk to your CAS server:
|
data/VERSION
CHANGED
@@ -1 +1 @@
|
|
1
|
-
1.0.0.
|
1
|
+
1.0.0.alpha7
|
@@ -1,14 +1,20 @@
|
|
1
1
|
class Devise::CasSessionsController < Devise::SessionsController
|
2
2
|
unloadable
|
3
3
|
|
4
|
-
def
|
5
|
-
|
6
|
-
redirect_to
|
7
|
-
else
|
8
|
-
redirect_to root_url
|
4
|
+
def new
|
5
|
+
unless returning_from_cas?
|
6
|
+
redirect_to(cas_login_url)
|
9
7
|
end
|
10
8
|
end
|
11
9
|
|
10
|
+
def service
|
11
|
+
warden.authenticate!(:scope => resource_name)
|
12
|
+
redirect_to after_sign_in_path_for(resource_name)
|
13
|
+
end
|
14
|
+
|
15
|
+
def unregistered
|
16
|
+
end
|
17
|
+
|
12
18
|
def destroy
|
13
19
|
# if :cas_create_user is false a CAS session might be open but not signed_in
|
14
20
|
# in such case we destroy the session here
|
@@ -23,4 +29,14 @@ class Devise::CasSessionsController < Devise::SessionsController
|
|
23
29
|
destination << after_sign_out_path_for(resource_name)
|
24
30
|
redirect_to(::Devise.cas_client.logout_url(destination))
|
25
31
|
end
|
32
|
+
|
33
|
+
private
|
34
|
+
def returning_from_cas?
|
35
|
+
params[:ticket] || request.referer =~ /^#{::Devise.cas_client.cas_base_url}/
|
36
|
+
end
|
37
|
+
|
38
|
+
def cas_login_url
|
39
|
+
::Devise.cas_client.add_service_to_login_url(::Devise.cas_service_url(request.url, devise_mapping))
|
40
|
+
end
|
41
|
+
helper_method :cas_login_url
|
26
42
|
end
|
@@ -0,0 +1 @@
|
|
1
|
+
<p>Click <%= link_to "here", cas_login_url %> to sign in.</p>
|
@@ -5,11 +5,11 @@
|
|
5
5
|
|
6
6
|
Gem::Specification.new do |s|
|
7
7
|
s.name = %q{devise_cas_authenticatable}
|
8
|
-
s.version = "1.0.0.
|
8
|
+
s.version = "1.0.0.alpha7"
|
9
9
|
|
10
10
|
s.required_rubygems_version = Gem::Requirement.new("> 1.3.1") if s.respond_to? :required_rubygems_version=
|
11
11
|
s.authors = ["Nat Budin"]
|
12
|
-
s.date = %q{2011-
|
12
|
+
s.date = %q{2011-05-10}
|
13
13
|
s.description = %q{CAS authentication module for Devise}
|
14
14
|
s.email = %q{natbudin@gmail.com}
|
15
15
|
s.extra_rdoc_files = [
|
@@ -23,6 +23,8 @@ Gem::Specification.new do |s|
|
|
23
23
|
"Rakefile",
|
24
24
|
"VERSION",
|
25
25
|
"app/controllers/devise/cas_sessions_controller.rb",
|
26
|
+
"app/views/devise/cas_sessions/new.html.erb",
|
27
|
+
"app/views/devise/cas_sessions/unregistered.html.erb",
|
26
28
|
"devise_cas_authenticatable.gemspec",
|
27
29
|
"lib/devise_cas_authenticatable.rb",
|
28
30
|
"lib/devise_cas_authenticatable/exceptions.rb",
|
@@ -40,12 +42,14 @@ Gem::Specification.new do |s|
|
|
40
42
|
"spec/scenario/config.ru",
|
41
43
|
"spec/scenario/config/application.rb",
|
42
44
|
"spec/scenario/config/boot.rb",
|
45
|
+
"spec/scenario/config/castronaut.yml",
|
43
46
|
"spec/scenario/config/database.yml",
|
44
47
|
"spec/scenario/config/environment.rb",
|
45
48
|
"spec/scenario/config/environments/development.rb",
|
46
49
|
"spec/scenario/config/environments/production.rb",
|
47
50
|
"spec/scenario/config/environments/test.rb",
|
48
51
|
"spec/scenario/config/initializers/backtrace_silencers.rb",
|
52
|
+
"spec/scenario/config/initializers/devise.rb",
|
49
53
|
"spec/scenario/config/initializers/inflections.rb",
|
50
54
|
"spec/scenario/config/initializers/mime_types.rb",
|
51
55
|
"spec/scenario/config/initializers/secret_token.rb",
|
@@ -75,6 +79,7 @@ Gem::Specification.new do |s|
|
|
75
79
|
"spec/scenario/config/environments/production.rb",
|
76
80
|
"spec/scenario/config/environments/test.rb",
|
77
81
|
"spec/scenario/config/initializers/backtrace_silencers.rb",
|
82
|
+
"spec/scenario/config/initializers/devise.rb",
|
78
83
|
"spec/scenario/config/initializers/inflections.rb",
|
79
84
|
"spec/scenario/config/initializers/mime_types.rb",
|
80
85
|
"spec/scenario/config/initializers/secret_token.rb",
|
@@ -96,6 +101,8 @@ Gem::Specification.new do |s|
|
|
96
101
|
s.add_development_dependency(%q<jeweler>, [">= 0"])
|
97
102
|
s.add_development_dependency(%q<ruby-debug>, [">= 0"])
|
98
103
|
s.add_development_dependency(%q<jeweler>, [">= 0"])
|
104
|
+
s.add_development_dependency(%q<ruby-debug>, [">= 0"])
|
105
|
+
s.add_development_dependency(%q<jeweler>, [">= 0"])
|
99
106
|
s.add_runtime_dependency(%q<devise>, [">= 1.0.6"])
|
100
107
|
s.add_runtime_dependency(%q<rubycas-client>, [">= 2.2.1"])
|
101
108
|
else
|
@@ -105,6 +112,8 @@ Gem::Specification.new do |s|
|
|
105
112
|
s.add_dependency(%q<jeweler>, [">= 0"])
|
106
113
|
s.add_dependency(%q<ruby-debug>, [">= 0"])
|
107
114
|
s.add_dependency(%q<jeweler>, [">= 0"])
|
115
|
+
s.add_dependency(%q<ruby-debug>, [">= 0"])
|
116
|
+
s.add_dependency(%q<jeweler>, [">= 0"])
|
108
117
|
s.add_dependency(%q<devise>, [">= 1.0.6"])
|
109
118
|
s.add_dependency(%q<rubycas-client>, [">= 2.2.1"])
|
110
119
|
end
|
@@ -115,6 +124,8 @@ Gem::Specification.new do |s|
|
|
115
124
|
s.add_dependency(%q<jeweler>, [">= 0"])
|
116
125
|
s.add_dependency(%q<ruby-debug>, [">= 0"])
|
117
126
|
s.add_dependency(%q<jeweler>, [">= 0"])
|
127
|
+
s.add_dependency(%q<ruby-debug>, [">= 0"])
|
128
|
+
s.add_dependency(%q<jeweler>, [">= 0"])
|
118
129
|
s.add_dependency(%q<devise>, [">= 1.0.6"])
|
119
130
|
s.add_dependency(%q<rubycas-client>, [">= 2.2.1"])
|
120
131
|
end
|
@@ -9,7 +9,8 @@ if ActionController::Routing.name =~ /ActionDispatch/
|
|
9
9
|
get "/", :to => "#{controllers[:cas_sessions]}#service", :as => ""
|
10
10
|
|
11
11
|
resource :session, :only => [], :controller => controllers[:cas_sessions], :path => "" do
|
12
|
-
get :new, :path => mapping.path_names[:sign_in], :
|
12
|
+
get :new, :path => mapping.path_names[:sign_in], :as => "new"
|
13
|
+
get :unregistered
|
13
14
|
post :create, :path => mapping.path_names[:sign_in]
|
14
15
|
match :destroy, :path => mapping.path_names[:sign_out], :as => "destroy"
|
15
16
|
end
|
@@ -24,7 +25,8 @@ else
|
|
24
25
|
def cas_authenticatable(routes, mapping)
|
25
26
|
routes.with_options(:controller => 'devise/cas_sessions', :name_prefix => nil) do |session|
|
26
27
|
session.send(:"#{mapping.name}", '/', :action => 'service', :conditions => {:method => :get})
|
27
|
-
session.send(:"
|
28
|
+
session.send(:"unregistered_#{mapping_name}_session", '/unregistered', :action => "unregistered", :conditions => {:method => :get})
|
29
|
+
session.send(:"new_#{mapping.name}_session", mapping.path_names[:sign_in], :action => 'new', :conditions => {:method => :get})
|
28
30
|
session.send(:"#{mapping.name}_session", mapping.path_names[:sign_in], :action => 'create', :conditions => {:method => :post})
|
29
31
|
session.send(:"destroy_#{mapping.name}_session", mapping.path_names[:sign_out], :action => 'destroy', :conditions => { :method => :get })
|
30
32
|
end
|
@@ -5,7 +5,7 @@ module Devise
|
|
5
5
|
class CasAuthenticatable < Base
|
6
6
|
# True if the mapping supports authenticate_with_cas_ticket.
|
7
7
|
def valid?
|
8
|
-
mapping.to.respond_to?(:authenticate_with_cas_ticket)
|
8
|
+
mapping.to.respond_to?(:authenticate_with_cas_ticket) && params[:ticket]
|
9
9
|
end
|
10
10
|
|
11
11
|
# Try to authenticate a user using the CAS ticket passed in params.
|
@@ -18,40 +18,24 @@ module Devise
|
|
18
18
|
if ticket
|
19
19
|
if resource = mapping.to.authenticate_with_cas_ticket(ticket)
|
20
20
|
success!(resource)
|
21
|
+
elsif ticket.is_valid?
|
22
|
+
redirect!(::Devise.cas_service_url(request.url, mapping) + "/unregistered", :username => ticket.response.user)
|
23
|
+
#fail!("The user #{ticket.response.user} is not registered with this site. Please use a different account.")
|
21
24
|
else
|
22
|
-
fail(:invalid)
|
25
|
+
fail!(:invalid)
|
23
26
|
end
|
24
|
-
elsif returning_from_cas?
|
25
|
-
fail(:invalid)
|
26
27
|
else
|
27
|
-
|
28
|
+
fail!(:invalid)
|
28
29
|
end
|
29
30
|
end
|
30
31
|
|
31
32
|
protected
|
32
|
-
def returning_from_cas?
|
33
|
-
request.referer =~ /^#{::Devise.cas_client.cas_base_url}/
|
34
|
-
end
|
35
|
-
|
36
|
-
def login_url
|
37
|
-
::Devise.cas_client.add_service_to_login_url(service_url)
|
38
|
-
end
|
39
33
|
|
40
|
-
def service_url
|
41
|
-
u = URI.parse(request.url)
|
42
|
-
u.query = nil
|
43
|
-
u.path = if mapping.respond_to?(:fullpath)
|
44
|
-
mapping.fullpath
|
45
|
-
else
|
46
|
-
mapping.raw_path
|
47
|
-
end
|
48
|
-
u.to_s
|
49
|
-
end
|
50
|
-
|
51
34
|
def read_ticket(params)
|
52
35
|
ticket = params[:ticket]
|
53
36
|
return nil unless ticket
|
54
|
-
|
37
|
+
|
38
|
+
service_url = ::Devise.cas_service_url(request.url, mapping)
|
55
39
|
if ticket =~ /^PT-/
|
56
40
|
::CASClient::ProxyTicket.new(ticket, service_url, params[:renew])
|
57
41
|
else
|
@@ -35,8 +35,11 @@ module Devise
|
|
35
35
|
# Should devise_cas_authenticatable attempt to create new user records for
|
36
36
|
# unknown usernames? True by default.
|
37
37
|
@@cas_create_user = true
|
38
|
+
|
39
|
+
# Name of the parameter passed in the logout query
|
40
|
+
@@cas_destination_logout_param_name = nil
|
38
41
|
|
39
|
-
mattr_accessor :cas_base_url, :cas_login_url, :cas_logout_url, :cas_validate_url, :cas_create_user
|
42
|
+
mattr_accessor :cas_base_url, :cas_login_url, :cas_logout_url, :cas_validate_url, :cas_create_user, :cas_destination_logout_param_name
|
40
43
|
|
41
44
|
def self.cas_create_user?
|
42
45
|
cas_create_user
|
@@ -45,12 +48,24 @@ module Devise
|
|
45
48
|
# Return a CASClient::Client instance based on configuration parameters.
|
46
49
|
def self.cas_client
|
47
50
|
@@cas_client ||= CASClient::Client.new(
|
51
|
+
:cas_destination_logout_param_name => @@cas_destination_logout_param_name,
|
48
52
|
:cas_base_url => @@cas_base_url,
|
49
53
|
:login_url => @@cas_login_url,
|
50
54
|
:logout_url => @@cas_logout_url,
|
51
55
|
:validate_url => @@cas_validate_url
|
52
56
|
)
|
53
57
|
end
|
58
|
+
|
59
|
+
def self.cas_service_url(base_url, mapping)
|
60
|
+
u = URI.parse(base_url)
|
61
|
+
u.query = nil
|
62
|
+
u.path = if mapping.respond_to?(:fullpath)
|
63
|
+
mapping.fullpath
|
64
|
+
else
|
65
|
+
mapping.raw_path
|
66
|
+
end
|
67
|
+
u.to_s
|
68
|
+
end
|
54
69
|
end
|
55
70
|
|
56
71
|
Devise.add_module(:cas_authenticatable,
|
data/spec/routes_spec.rb
CHANGED
@@ -4,9 +4,10 @@ describe Devise::CasSessionsController do
|
|
4
4
|
include RSpec::Rails::ControllerExampleGroup
|
5
5
|
|
6
6
|
it { should route(:get, "/users").to(:action => "service") }
|
7
|
-
it { should route(:get, "/users/sign_in").to(:action => "
|
7
|
+
it { should route(:get, "/users/sign_in").to(:action => "new") }
|
8
8
|
it { should route(:post, "/users/sign_in").to(:action => "create") }
|
9
9
|
it { should route(:get, "/users/sign_out").to(:action => "destroy") }
|
10
|
+
it { should route(:get, "/users/unregistered").to(:action => "unregistered") }
|
10
11
|
|
11
12
|
it "should have the right route names" do
|
12
13
|
controller.should respond_to("user_path", "new_user_session_path", "user_session_path", "destroy_user_session_path")
|
@@ -14,5 +15,6 @@ describe Devise::CasSessionsController do
|
|
14
15
|
controller.new_user_session_path.should == "/users/sign_in"
|
15
16
|
controller.user_session_path.should == "/users/sign_in"
|
16
17
|
controller.destroy_user_session_path.should == "/users/sign_out"
|
18
|
+
controller.unregistered_user_session_path.should == "/users/unregistered"
|
17
19
|
end
|
18
20
|
end
|
@@ -4,15 +4,8 @@ require 'rails/all'
|
|
4
4
|
|
5
5
|
Bundler.require(:default, Rails.env) if defined?(Bundler)
|
6
6
|
|
7
|
-
require
|
8
|
-
|
9
|
-
|
10
|
-
Devise.setup do |config|
|
11
|
-
require "devise/orm/active_record"
|
12
|
-
end
|
13
|
-
|
14
|
-
require 'casserver/authenticators/base'
|
15
|
-
class TestAuthenticator < CASServer::Authenticators::Base
|
7
|
+
require 'castronaut'
|
8
|
+
class TestAdapter
|
16
9
|
def self.reset_valid_users!
|
17
10
|
@@valid_users = {
|
18
11
|
"joeuser" => "joepassword"
|
@@ -24,11 +17,20 @@ class TestAuthenticator < CASServer::Authenticators::Base
|
|
24
17
|
@@valid_users[username] = password
|
25
18
|
end
|
26
19
|
|
27
|
-
def
|
28
|
-
@@valid_users[
|
20
|
+
def self.authenticate(username, password)
|
21
|
+
error_message = if @@valid_users[username] == password
|
22
|
+
nil
|
23
|
+
else
|
24
|
+
"Invalid password"
|
25
|
+
end
|
26
|
+
|
27
|
+
Castronaut::AuthenticationResult.new(username, error_message)
|
29
28
|
end
|
30
29
|
end
|
31
30
|
|
31
|
+
Castronaut::Adapters.register("test_adapter", TestAdapter)
|
32
|
+
Castronaut.config = Castronaut::Configuration.load(File.expand_path(File.join(File.dirname(__FILE__), "castronaut.yml")))
|
33
|
+
|
32
34
|
module Scenario
|
33
35
|
class Application < Rails::Application
|
34
36
|
config.active_support.deprecation = :stderr
|
@@ -0,0 +1,32 @@
|
|
1
|
+
organization_name: Foo Bar Baz Industries, LLC Inc. A division of Holdings Co.
|
2
|
+
|
3
|
+
environment: development
|
4
|
+
# The port the CAS webserver will start on
|
5
|
+
server_port: 4567
|
6
|
+
|
7
|
+
log_directory: log
|
8
|
+
|
9
|
+
log_level: Logger::DEBUG
|
10
|
+
|
11
|
+
ssl_enabled: false
|
12
|
+
|
13
|
+
cas_database:
|
14
|
+
adapter: sqlite3
|
15
|
+
database: db/cas.sqlite3
|
16
|
+
timeout: 5000
|
17
|
+
|
18
|
+
cas_adapter:
|
19
|
+
adapter: test_adapter
|
20
|
+
|
21
|
+
# Use this example if you are using LDAP as your authentication source
|
22
|
+
# cas_adapter:
|
23
|
+
# adapter: ldap
|
24
|
+
# host: localhost
|
25
|
+
# port: 389
|
26
|
+
# prefix: cn=
|
27
|
+
# base: dc=example, dc=com
|
28
|
+
|
29
|
+
# Uncomment these to enable authentication callbacks
|
30
|
+
# callbacks:
|
31
|
+
# on_authentication_success: http://example.com/authentication/success
|
32
|
+
# on_authentication_failed: http://example.com/authentication/failed
|
@@ -1,8 +1,8 @@
|
|
1
|
-
|
2
|
-
|
1
|
+
require 'castronaut/application'
|
2
|
+
Castronaut::Application.set(:path, "/cas_server")
|
3
3
|
|
4
4
|
Scenario::Application.routes.draw do
|
5
5
|
devise_for :users
|
6
|
-
|
6
|
+
mount Castronaut::Application, :at => "/cas_server"
|
7
7
|
root :to => "home#index"
|
8
8
|
end
|
data/spec/spec_helper.rb
CHANGED
@@ -12,4 +12,11 @@ RSpec.configure do |config|
|
|
12
12
|
config.mock_with :mocha
|
13
13
|
end
|
14
14
|
|
15
|
+
ShamRack.at('www.example.com') do |env|
|
16
|
+
request = Rack::Request.new(env)
|
17
|
+
request.path_info = request.path_info.sub(/^\/cas_server/, '')
|
18
|
+
|
19
|
+
Castronaut::Application.call(request.env)
|
20
|
+
end
|
21
|
+
|
15
22
|
Dir["#{File.dirname(__FILE__)}/support/**/*.rb"].each { |f| require f }
|
data/spec/strategy_spec.rb
CHANGED
@@ -1,18 +1,20 @@
|
|
1
1
|
require 'spec_helper'
|
2
2
|
|
3
3
|
describe Devise::Strategies::CasAuthenticatable, :type => "acceptance" do
|
4
|
-
include
|
4
|
+
include RSpec::Rails::RequestExampleGroup
|
5
5
|
|
6
6
|
before do
|
7
7
|
Devise.cas_base_url = "http://www.example.com/cas_server"
|
8
|
-
|
8
|
+
TestAdapter.reset_valid_users!
|
9
|
+
|
10
|
+
User.delete_all
|
9
11
|
User.create! do |u|
|
10
12
|
u.username = "joeuser"
|
11
13
|
end
|
12
14
|
end
|
13
15
|
|
14
16
|
after do
|
15
|
-
|
17
|
+
visit destroy_user_session_url
|
16
18
|
end
|
17
19
|
|
18
20
|
def cas_login_url
|
@@ -23,21 +25,72 @@ describe Devise::Strategies::CasAuthenticatable, :type => "acceptance" do
|
|
23
25
|
end
|
24
26
|
end
|
25
27
|
|
28
|
+
def cas_logout_url
|
29
|
+
@cas_logout_url ||= Devise.cas_base_url + "/logout"
|
30
|
+
end
|
31
|
+
|
32
|
+
def sign_into_cas(username, password)
|
33
|
+
visit root_url
|
34
|
+
current_url.should == cas_login_url
|
35
|
+
fill_in "Username", :with => username
|
36
|
+
fill_in "Password", :with => password
|
37
|
+
click_on "Login"
|
38
|
+
end
|
39
|
+
|
26
40
|
describe "GET /protected/resource" do
|
27
41
|
before { get '/' }
|
28
42
|
|
29
43
|
it 'should redirect to sign-in' do
|
30
44
|
response.should be_redirect
|
31
|
-
response.should redirect_to(
|
45
|
+
response.should redirect_to(new_user_session_url)
|
32
46
|
end
|
33
47
|
end
|
34
48
|
|
35
|
-
describe "
|
36
|
-
|
37
|
-
|
38
|
-
|
39
|
-
|
40
|
-
|
49
|
+
describe "GET /users/sign_in" do
|
50
|
+
before { get new_user_session_url }
|
51
|
+
|
52
|
+
it 'should redirect to CAS server' do
|
53
|
+
response.should be_redirect
|
54
|
+
response.should redirect_to(cas_login_url)
|
41
55
|
end
|
42
56
|
end
|
57
|
+
|
58
|
+
it "should sign in with valid user" do
|
59
|
+
sign_into_cas "joeuser", "joepassword"
|
60
|
+
current_url.should == root_url
|
61
|
+
end
|
62
|
+
|
63
|
+
it "should fail to sign in with an invalid user" do
|
64
|
+
sign_into_cas "invaliduser", "invalidpassword"
|
65
|
+
current_url.should_not == root_url
|
66
|
+
end
|
67
|
+
|
68
|
+
it "should register new CAS users if set up to do so" do
|
69
|
+
User.count.should == 1
|
70
|
+
TestAdapter.register_valid_user("newuser", "newpassword")
|
71
|
+
Devise.cas_create_user = true
|
72
|
+
sign_into_cas "newuser", "newpassword"
|
73
|
+
|
74
|
+
current_url.should == root_url
|
75
|
+
User.count.should == 2
|
76
|
+
User.find_by_username("newuser").should_not be_nil
|
77
|
+
end
|
78
|
+
|
79
|
+
it "should fail CAS login if user is unregistered and cas_create_user is false" do
|
80
|
+
User.count.should == 1
|
81
|
+
TestAdapter.register_valid_user("newuser", "newpassword")
|
82
|
+
Devise.cas_create_user = false
|
83
|
+
sign_into_cas "newuser", "newpassword"
|
84
|
+
|
85
|
+
current_url.should_not == root_url
|
86
|
+
User.count.should == 1
|
87
|
+
User.find_by_username("newuser").should be_nil
|
88
|
+
|
89
|
+
click_on "sign in using a different account"
|
90
|
+
current_url.should == cas_login_url
|
91
|
+
fill_in "Username", :with => "joeuser"
|
92
|
+
fill_in "Password", :with => "joepassword"
|
93
|
+
click_on "Login"
|
94
|
+
current_url.should == root_url
|
95
|
+
end
|
43
96
|
end
|
metadata
CHANGED
@@ -1,15 +1,15 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: devise_cas_authenticatable
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
hash: -
|
4
|
+
hash: -3702664334
|
5
5
|
prerelease: 6
|
6
6
|
segments:
|
7
7
|
- 1
|
8
8
|
- 0
|
9
9
|
- 0
|
10
10
|
- alpha
|
11
|
-
-
|
12
|
-
version: 1.0.0.
|
11
|
+
- 7
|
12
|
+
version: 1.0.0.alpha7
|
13
13
|
platform: ruby
|
14
14
|
authors:
|
15
15
|
- Nat Budin
|
@@ -17,7 +17,7 @@ autorequire:
|
|
17
17
|
bindir: bin
|
18
18
|
cert_chain: []
|
19
19
|
|
20
|
-
date: 2011-
|
20
|
+
date: 2011-05-10 00:00:00 -04:00
|
21
21
|
default_executable:
|
22
22
|
dependencies:
|
23
23
|
- !ruby/object:Gem::Dependency
|
@@ -105,8 +105,64 @@ dependencies:
|
|
105
105
|
version_requirements: *id006
|
106
106
|
prerelease: false
|
107
107
|
- !ruby/object:Gem::Dependency
|
108
|
-
type: :
|
108
|
+
type: :development
|
109
109
|
requirement: &id007 !ruby/object:Gem::Requirement
|
110
|
+
none: false
|
111
|
+
requirements:
|
112
|
+
- - ">="
|
113
|
+
- !ruby/object:Gem::Version
|
114
|
+
hash: 3
|
115
|
+
segments:
|
116
|
+
- 0
|
117
|
+
version: "0"
|
118
|
+
name: ruby-debug
|
119
|
+
version_requirements: *id007
|
120
|
+
prerelease: false
|
121
|
+
- !ruby/object:Gem::Dependency
|
122
|
+
type: :development
|
123
|
+
requirement: &id008 !ruby/object:Gem::Requirement
|
124
|
+
none: false
|
125
|
+
requirements:
|
126
|
+
- - ">="
|
127
|
+
- !ruby/object:Gem::Version
|
128
|
+
hash: 3
|
129
|
+
segments:
|
130
|
+
- 0
|
131
|
+
version: "0"
|
132
|
+
name: jeweler
|
133
|
+
version_requirements: *id008
|
134
|
+
prerelease: false
|
135
|
+
- !ruby/object:Gem::Dependency
|
136
|
+
type: :development
|
137
|
+
requirement: &id009 !ruby/object:Gem::Requirement
|
138
|
+
none: false
|
139
|
+
requirements:
|
140
|
+
- - ">="
|
141
|
+
- !ruby/object:Gem::Version
|
142
|
+
hash: 3
|
143
|
+
segments:
|
144
|
+
- 0
|
145
|
+
version: "0"
|
146
|
+
name: ruby-debug
|
147
|
+
version_requirements: *id009
|
148
|
+
prerelease: false
|
149
|
+
- !ruby/object:Gem::Dependency
|
150
|
+
type: :development
|
151
|
+
requirement: &id010 !ruby/object:Gem::Requirement
|
152
|
+
none: false
|
153
|
+
requirements:
|
154
|
+
- - ">="
|
155
|
+
- !ruby/object:Gem::Version
|
156
|
+
hash: 3
|
157
|
+
segments:
|
158
|
+
- 0
|
159
|
+
version: "0"
|
160
|
+
name: jeweler
|
161
|
+
version_requirements: *id010
|
162
|
+
prerelease: false
|
163
|
+
- !ruby/object:Gem::Dependency
|
164
|
+
type: :runtime
|
165
|
+
requirement: &id011 !ruby/object:Gem::Requirement
|
110
166
|
none: false
|
111
167
|
requirements:
|
112
168
|
- - ">="
|
@@ -118,11 +174,11 @@ dependencies:
|
|
118
174
|
- 6
|
119
175
|
version: 1.0.6
|
120
176
|
name: devise
|
121
|
-
version_requirements: *
|
177
|
+
version_requirements: *id011
|
122
178
|
prerelease: false
|
123
179
|
- !ruby/object:Gem::Dependency
|
124
180
|
type: :runtime
|
125
|
-
requirement: &
|
181
|
+
requirement: &id012 !ruby/object:Gem::Requirement
|
126
182
|
none: false
|
127
183
|
requirements:
|
128
184
|
- - ">="
|
@@ -134,7 +190,7 @@ dependencies:
|
|
134
190
|
- 1
|
135
191
|
version: 2.2.1
|
136
192
|
name: rubycas-client
|
137
|
-
version_requirements: *
|
193
|
+
version_requirements: *id012
|
138
194
|
prerelease: false
|
139
195
|
description: CAS authentication module for Devise
|
140
196
|
email: natbudin@gmail.com
|
@@ -152,6 +208,8 @@ files:
|
|
152
208
|
- Rakefile
|
153
209
|
- VERSION
|
154
210
|
- app/controllers/devise/cas_sessions_controller.rb
|
211
|
+
- app/views/devise/cas_sessions/new.html.erb
|
212
|
+
- app/views/devise/cas_sessions/unregistered.html.erb
|
155
213
|
- devise_cas_authenticatable.gemspec
|
156
214
|
- lib/devise_cas_authenticatable.rb
|
157
215
|
- lib/devise_cas_authenticatable/exceptions.rb
|
@@ -169,12 +227,14 @@ files:
|
|
169
227
|
- spec/scenario/config.ru
|
170
228
|
- spec/scenario/config/application.rb
|
171
229
|
- spec/scenario/config/boot.rb
|
230
|
+
- spec/scenario/config/castronaut.yml
|
172
231
|
- spec/scenario/config/database.yml
|
173
232
|
- spec/scenario/config/environment.rb
|
174
233
|
- spec/scenario/config/environments/development.rb
|
175
234
|
- spec/scenario/config/environments/production.rb
|
176
235
|
- spec/scenario/config/environments/test.rb
|
177
236
|
- spec/scenario/config/initializers/backtrace_silencers.rb
|
237
|
+
- spec/scenario/config/initializers/devise.rb
|
178
238
|
- spec/scenario/config/initializers/inflections.rb
|
179
239
|
- spec/scenario/config/initializers/mime_types.rb
|
180
240
|
- spec/scenario/config/initializers/secret_token.rb
|
@@ -235,6 +295,7 @@ test_files:
|
|
235
295
|
- spec/scenario/config/environments/production.rb
|
236
296
|
- spec/scenario/config/environments/test.rb
|
237
297
|
- spec/scenario/config/initializers/backtrace_silencers.rb
|
298
|
+
- spec/scenario/config/initializers/devise.rb
|
238
299
|
- spec/scenario/config/initializers/inflections.rb
|
239
300
|
- spec/scenario/config/initializers/mime_types.rb
|
240
301
|
- spec/scenario/config/initializers/secret_token.rb
|