devise_cas_authenticatable 1.2.1 → 1.3.0

data/.travis.yml

@@ -1,10 +1,8 @@
 rvm:
-  - 1.8.7 # (current default)
+  - 1.8.7
   - 1.9.3
   - 2.0.0
 gemfile:
-  - Gemfile.devise10
-  - Gemfile.devise11
   - Gemfile.devise12
   - Gemfile.devise13
   - Gemfile.devise14

data/CHANGELOG.md

@@ -1,5 +1,10 @@
 # Changelog for devise\_cas\_authenticatable
 
+## Version 1.3.0 - May 12, 2013
+
+* Drop support for Rails 2.3, Devise 1.0 and 1.1
+* Custom failure class for optional redirecting to logout url upon timeout (thanks to @geoffroh and @kylejginavan)
+
 ## Version 1.2.1 - April 16, 2013
 
 * Bug fix: use Devise.sign_out_via to configure the HTTP verb sign_out will accept.

data/README.md

@@ -81,7 +81,16 @@ to tell your app how to talk to your CAS server:
       # By default, devise_cas_authenticatable will create users.  If you would rather
       # require user records to already exist locally before they can authenticate via
       # CAS, uncomment the following line.
-      # config.cas_create_user = false  
+      # config.cas_create_user = false
+
+      # If you want to use the Devise Timeoutable module with single sign out, 
+      # uncommenting this will redirect timeouts to the logout url, so that the CAS can
+      # take care of signing out the other serviced applocations. Note that each
+      # application manages timeouts independently, so one application timing out will 
+      # kill the session on all applications serviced by the CAS.
+      # config.warden do |manager|
+      #   manager.failure_app = DeviseCasAuthenticatable::SingleSignOut::WardenFailureApp
+      # end
     end
 
 Extra attributes

data/Rakefile

@@ -3,27 +3,11 @@ require 'bundler/gem_tasks'
 
 Bundler.setup
 
-require 'rake'
-begin
-  require 'rdoc/task'
-rescue LoadError
-  require 'rake/rdoctask'
-end
-
 require 'rspec/mocks/version'
 require 'rspec/core/rake_task'
 
 RSpec::Core::RakeTask.new(:spec)
 
-desc 'Generate documentation for the devise_cas_authenticatable plugin.'
-Rake::RDocTask.new(:rdoc) do |rdoc|
-  rdoc.rdoc_dir = 'rdoc'
-  rdoc.title    = 'devise_cas_authenticatable'
-  rdoc.options << '--line-numbers' << '--inline-source'
-  rdoc.rdoc_files.include('README')
-  rdoc.rdoc_files.include('lib/**/*.rb')
-end
-
 require File.expand_path('../spec/scenario/config/application', __FILE__)
 
 Scenario::Application.load_tasks

data/devise_cas_authenticatable.gemspec

@@ -2,7 +2,7 @@
 
 Gem::Specification.new do |s|
   s.name = %q{devise_cas_authenticatable}
-  s.version = "1.2.1"
+  s.version = "1.3.0"
 
   s.required_rubygems_version = Gem::Requirement.new("> 1.3.1") if s.respond_to? :required_rubygems_version=
   s.authors = ["Nat Budin", "Jeremy Haile"]
@@ -21,18 +21,19 @@ Gem::Specification.new do |s|
   s.rubygems_version = %q{1.5.0}
   s.summary = %q{CAS authentication module for Devise}
 
-  s.add_runtime_dependency(%q<devise>, [">= 1.0.6"])
+  s.add_runtime_dependency(%q<devise>, [">= 1.2.0"])
   s.add_runtime_dependency(%q<rubycas-client>, [">= 2.2.1"])
     
   s.add_development_dependency("rails", ">= 3.0.7")
   s.add_development_dependency("rspec-rails")
   s.add_development_dependency("mocha")
-  s.add_development_dependency("shoulda")
+  s.add_development_dependency("shoulda", "~> 3.4.0")
   s.add_development_dependency("sqlite3-ruby")
   s.add_development_dependency("sham_rack")
-  s.add_development_dependency("capybara")
+  s.add_development_dependency("capybara", "~> 1.1.4")
   s.add_development_dependency('crypt-isaac')
   s.add_development_dependency('launchy')
+  s.add_development_dependency('timecop')
   s.add_development_dependency('pry')
 end
 

data/lib/devise_cas_authenticatable.rb

@@ -18,6 +18,11 @@ rescue
 else
   module DeviseCasAuthenticatable
     class Engine < Rails::Engine
+      initializer "devise_cas_authenticatable.single_sign_on.warden_failure_app" do |app|
+        # requiring this here because the parent class calls Rails.application, which
+        # isn't set up until after bundler has required the modules in this engine 
+        require 'devise_cas_authenticatable/single_sign_out/warden_failure_app'
+      end
     end
   end
 end

data/lib/devise_cas_authenticatable/single_sign_out/warden_failure_app.rb

@@ -0,0 +1,46 @@
+# Redirect to the logout url when :warden is thrown,
+# so that a single_sign_out request can be initiated
+class DeviseCasAuthenticatable::SingleSignOut::WardenFailureApp < Devise::FailureApp
+
+  # You need to override respond to eliminate recall
+  def respond
+    if http_auth?
+      http_auth
+    else
+      redirect
+    end
+  end
+
+  def redirect
+    store_location!
+    if flash[:timedout] && flash[:alert]
+      flash.keep(:timedout)
+      flash.keep(:alert)
+    else
+      flash[:alert] = i18n_message
+    end
+    redirect_to redirect_url
+  end
+
+  protected
+
+  def redirect_url
+    if warden_message == :timeout
+      flash[:timedout] = true
+      Devise.cas_client.logout_url
+    else
+      if respond_to?(:scope_path)
+        scope_path
+      else
+        super
+      end
+    end
+  end
+  
+  # Devise < 2.0 doesn't have this method, which we want to use
+  unless instance_methods.include?(:warden_message)
+    define_method :warden_message do
+      @message ||= warden.message || warden_options[:message]
+    end
+  end
+end

data/spec/scenario/app/models/user.rb

@@ -1,5 +1,5 @@
 class User < ActiveRecord::Base
-  devise :cas_authenticatable, :rememberable
+  devise :cas_authenticatable, :rememberable, :timeoutable
 
   def active_for_authentication?
     super && !deactivated

data/spec/scenario/config/initializers/devise.rb

@@ -1,3 +1,4 @@
 Devise.setup do |config|
   require "devise/orm/active_record"
+  config.timeout_in = 7200
 end

data/spec/single_sign_out_spec.rb

@@ -0,0 +1,51 @@
+require 'spec_helper'
+
+describe DeviseCasAuthenticatable::SingleSignOut::WardenFailureApp do
+  include RSpec::Rails::RequestExampleGroup
+  include Capybara::DSL
+
+  describe "A logged in user with a timed out session" do
+
+    before do      
+      Devise.cas_base_url = "http://www.example.com/cas_server"
+      User.delete_all
+      @user = User.create!(:username => "joeuser")
+    end
+
+    describe "using the default warden failure app" do
+
+      before do
+        sign_into_cas "joeuser", "joepassword"
+      end
+
+      it "redirects to cas_login_url when warden is thrown" do
+        Devise::FailureApp.any_instance.expects(:redirect_url).returns(cas_login_url)
+        Timecop.travel(Devise.timeout_in) do
+          visit root_url
+        end
+        current_url.should == root_url
+      end
+
+    end
+
+    describe "using the custom WardenFailureApp" do
+
+      before do
+
+        Devise.warden_config[:failure_app] = DeviseCasAuthenticatable::SingleSignOut::WardenFailureApp
+        sign_into_cas "joeuser", "joepassword"
+      end
+
+      it "uses the redirect_url from the custom failure class" do
+        DeviseCasAuthenticatable::SingleSignOut::WardenFailureApp.any_instance.expects(:redirect_url).returns(destroy_user_session_url)
+        Timecop.travel(Devise.timeout_in) do
+          visit root_url
+        end
+        current_url.should match(/#{cas_logout_url}/)
+      end
+
+    end
+
+  end
+
+end

data/spec/spec_helper.rb

@@ -3,13 +3,13 @@ $:.unshift File.dirname(__FILE__)
 $:.unshift File.expand_path('../../lib', __FILE__)
 
 require "scenario/config/environment"
-require "rails/test_help"
 require 'rspec/rails'
 require 'sham_rack'
 require 'capybara/rspec'
+require 'timecop'
 
-RSpec.configure do |config| 
-  config.mock_with :mocha 
+RSpec.configure do |config|
+  config.mock_with :mocha
 end
 
 ShamRack.at('www.example.com') do |env|

data/spec/strategy_spec.rb

@@ -124,6 +124,7 @@ describe Devise::Strategies::CasAuthenticatable, :type => "acceptance" do
     User.find_by_username("newuser").should be_nil
 
     click_on "sign in using a different account"
+    click_on "here"
     current_url.should == cas_login_url
     fill_in "Username", :with => "joeuser"
     fill_in "Password", :with => "joepassword"

data/spec/support/urls.rb

@@ -0,0 +1,19 @@
+def cas_login_url
+  @cas_login_url ||= begin
+    uri = URI.parse(Devise.cas_base_url + "/login")
+    uri.query = Rack::Utils.build_nested_query(:service => user_service_url)
+    uri.to_s
+  end
+end
+
+def cas_logout_url
+  @cas_logout_url ||= Devise.cas_base_url + "/logout"
+end
+
+def sign_into_cas(username, password)
+  visit cas_login_url
+  fill_in "Username", :with => username
+  fill_in "Password", :with => password
+  click_on "Login"
+  current_url.should == root_url
+end

data/spec/warden_failure_app_spec.rb

@@ -0,0 +1,41 @@
+require 'spec_helper'
+
+describe DeviseCasAuthenticatable::SingleSignOut::WardenFailureApp do
+
+  describe "#redirect_url" do
+
+      before do
+        Devise.cas_base_url = "http://www.example.com/cas_server"
+        @failure_app = DeviseCasAuthenticatable::SingleSignOut::WardenFailureApp.new
+        @failure_app.stubs(:flash).returns({})
+      end
+
+      describe "resulting from a timeout" do
+
+        before do
+          @failure_app.stubs(:warden_message).returns(:timeout)
+        end
+
+        it "returns the logout url" do
+          @failure_app.send(:redirect_url).should match(/#{cas_logout_url}/)
+        end
+
+      end
+
+      describe "resulting from a generic warden :throw error" do
+
+        before do
+          @failure_app.stubs(:warden_message).returns(nil)
+          @failure_app.stubs(:flash).returns({})
+        end
+
+        it "calls the scope_path method to retrieve the standard redirect_url" do
+          @failure_app.expects(:scope_path)
+          @failure_app.send(:redirect_url)
+        end
+
+      end
+
+  end
+
+end

metadata

@@ -2,7 +2,7 @@
 name: devise_cas_authenticatable
 version: !ruby/object:Gem::Version
   prerelease: 
-  version: 1.2.1
+  version: 1.3.0
 platform: ruby
 authors:
 - Nat Budin
@@ -10,7 +10,7 @@ authors:
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2013-04-16 00:00:00.000000000 Z
+date: 2013-05-13 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   prerelease: false
@@ -20,13 +20,13 @@ dependencies:
     requirements:
     - - ! '>='
       - !ruby/object:Gem::Version
-        version: 1.0.6
+        version: 1.2.0
     none: false
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - ! '>='
       - !ruby/object:Gem::Version
-        version: 1.0.6
+        version: 1.2.0
     none: false
 - !ruby/object:Gem::Dependency
   prerelease: false
@@ -98,15 +98,15 @@ dependencies:
   type: :development
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
-    - - ! '>='
+    - - ~>
       - !ruby/object:Gem::Version
-        version: '0'
+        version: 3.4.0
     none: false
   requirement: !ruby/object:Gem::Requirement
     requirements:
-    - - ! '>='
+    - - ~>
       - !ruby/object:Gem::Version
-        version: '0'
+        version: 3.4.0
     none: false
 - !ruby/object:Gem::Dependency
   prerelease: false
@@ -144,6 +144,22 @@ dependencies:
   prerelease: false
   name: capybara
   type: :development
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ~>
+      - !ruby/object:Gem::Version
+        version: 1.1.4
+    none: false
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ~>
+      - !ruby/object:Gem::Version
+        version: 1.1.4
+    none: false
+- !ruby/object:Gem::Dependency
+  prerelease: false
+  name: crypt-isaac
+  type: :development
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - ! '>='
@@ -158,7 +174,7 @@ dependencies:
     none: false
 - !ruby/object:Gem::Dependency
   prerelease: false
-  name: crypt-isaac
+  name: launchy
   type: :development
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
@@ -174,7 +190,7 @@ dependencies:
     none: false
 - !ruby/object:Gem::Dependency
   prerelease: false
-  name: launchy
+  name: timecop
   type: :development
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
@@ -216,8 +232,6 @@ files:
 - .travis.yml
 - CHANGELOG.md
 - Gemfile
-- Gemfile.devise10
-- Gemfile.devise11
 - Gemfile.devise12
 - Gemfile.devise13
 - Gemfile.devise14
@@ -242,6 +256,7 @@ files:
 - lib/devise_cas_authenticatable/single_sign_out/strategies.rb
 - lib/devise_cas_authenticatable/single_sign_out/strategies/base.rb
 - lib/devise_cas_authenticatable/single_sign_out/strategies/rails_cache.rb
+- lib/devise_cas_authenticatable/single_sign_out/warden_failure_app.rb
 - lib/devise_cas_authenticatable/strategy.rb
 - rails/init.rb
 - spec/config_spec.rb
@@ -275,9 +290,12 @@ files:
 - spec/scenario/db/migrate/20121009092400_add_deactivated_flag_to_users.rb
 - spec/scenario/db/schema.rb
 - spec/scenario/public/.gitkeep
+- spec/single_sign_out_spec.rb
 - spec/spec_helper.rb
 - spec/strategy_spec.rb
 - spec/support/migrations.rb
+- spec/support/urls.rb
+- spec/warden_failure_app_spec.rb
 homepage: http://github.com/nbudin/devise_cas_authenticatable
 licenses:
 - MIT
@@ -291,7 +309,7 @@ required_ruby_version: !ruby/object:Gem::Requirement
     - !ruby/object:Gem::Version
       segments:
       - 0
-      hash: -2394567349096225548
+      hash: 2546603475843590117
       version: '0'
   none: false
 required_rubygems_version: !ruby/object:Gem::Requirement
@@ -338,6 +356,9 @@ test_files:
 - spec/scenario/db/migrate/20121009092400_add_deactivated_flag_to_users.rb
 - spec/scenario/db/schema.rb
 - spec/scenario/public/.gitkeep
+- spec/single_sign_out_spec.rb
 - spec/spec_helper.rb
 - spec/strategy_spec.rb
 - spec/support/migrations.rb
+- spec/support/urls.rb
+- spec/warden_failure_app_spec.rb

data/Gemfile.devise10

@@ -1,12 +0,0 @@
-source "http://rubygems.org"
-
-# Specify your gem's dependencies in devise_cas_authenticatable.gemspec
-gemspec
-
-gem 'rails', '~> 2.3.14'
-gem 'devise', '~> 1.0.0'
-gem 'rspec-rails', '~> 1.2.0'
-
-group :test do
-  gem 'castronaut', :git => 'https://github.com/nbudin/castronaut.git', :branch => 'dam5s-merge'
-end

data/Gemfile.devise11

@@ -1,11 +0,0 @@
-source "http://rubygems.org"
-
-# Specify your gem's dependencies in devise_cas_authenticatable.gemspec
-gemspec
-
-gem 'rails', '~> 3.0.0'
-gem 'devise', '~> 1.1.0'
-
-group :test do
-  gem 'castronaut', :git => 'https://github.com/nbudin/castronaut.git', :branch => 'dam5s-merge'
-end