devise_cas_authenticatable 1.7.1 → 1.8.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/.rspec +1 -0
- data/.travis.yml +7 -1
- data/CHANGELOG.md +5 -0
- data/app/controllers/devise/cas_sessions_controller.rb +8 -0
- data/devise_cas_authenticatable.gemspec +2 -1
- data/lib/devise_cas_authenticatable.rb +15 -13
- data/lib/devise_cas_authenticatable/memcache_checker.rb +34 -0
- data/lib/devise_cas_authenticatable/session_store_identifier.rb +29 -0
- data/lib/devise_cas_authenticatable/single_sign_out.rb +12 -25
- data/spec/memcache_checker_spec.rb +49 -0
- data/spec/spec_helper.rb +2 -1
- metadata +21 -2
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA1:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 4e7a21d56c086e07750dfdf7e6ad8759233919ae
|
|
4
|
+
data.tar.gz: 3a9d7c28cf8889001a89e3f4eb5cdb46439b42e9
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: ba4cffad023fd9a1507c20f2a4145e4575f8173232e3aab9784f3c258082c6f1a82371f9f2ad300be5bbe3e491a7e97350bed01aff273a0ab0178673fd78ec61
|
|
7
|
+
data.tar.gz: 9512c05944ed91ae97221ba2f3ce22a89ee12384cd04c6a87e139cf203d9d1e132c8de754124e326dd11c327d8e62188543c092bf76372cedf95bf4be0c7ca2e
|
data/.rspec
ADDED
|
@@ -0,0 +1 @@
|
|
|
1
|
+
--color
|
data/.travis.yml
CHANGED
|
@@ -1,6 +1,11 @@
|
|
|
1
1
|
rvm:
|
|
2
2
|
- 1.9.3
|
|
3
3
|
- 2.0.0
|
|
4
|
+
- 2.1.2
|
|
5
|
+
- 2.2.4
|
|
6
|
+
- 2.3.0
|
|
7
|
+
before_install:
|
|
8
|
+
- gem update bundler
|
|
4
9
|
gemfile:
|
|
5
10
|
- Gemfile.devise12
|
|
6
11
|
- Gemfile.devise13
|
|
@@ -10,4 +15,5 @@ gemfile:
|
|
|
10
15
|
- Gemfile.devise21
|
|
11
16
|
- Gemfile.devise30
|
|
12
17
|
script: "bundle exec rake spec"
|
|
13
|
-
|
|
18
|
+
sudo: required
|
|
19
|
+
dist: trusty
|
data/CHANGELOG.md
CHANGED
|
@@ -1,5 +1,10 @@
|
|
|
1
1
|
# Changelog for devise\_cas\_authenticatable
|
|
2
2
|
|
|
3
|
+
## Version 1.8.0 - May 4, 2016
|
|
4
|
+
|
|
5
|
+
* May the 4th be with you!
|
|
6
|
+
* Prevent redirect loops when using memcached as a session store (thanks @fabioperrella!)
|
|
7
|
+
|
|
3
8
|
## Version 1.7.1 - February 2, 2016
|
|
4
9
|
|
|
5
10
|
* Work around weird `#try` behavior on older Rails versions
|
|
@@ -8,6 +8,10 @@ class Devise::CasSessionsController < Devise::SessionsController
|
|
|
8
8
|
skip_before_filter :verify_authenticity_token, :only => [:single_sign_out]
|
|
9
9
|
|
|
10
10
|
def new
|
|
11
|
+
if memcache_checker.session_store_memcache? && !memcache_checker.alive?
|
|
12
|
+
raise "memcache is down, can't get session data from it"
|
|
13
|
+
end
|
|
14
|
+
|
|
11
15
|
redirect_to(cas_login_url)
|
|
12
16
|
end
|
|
13
17
|
|
|
@@ -115,4 +119,8 @@ class Devise::CasSessionsController < Devise::SessionsController
|
|
|
115
119
|
::Devise.cas_client.logout_url(cas_destination_url, cas_follow_url)
|
|
116
120
|
end
|
|
117
121
|
end
|
|
122
|
+
|
|
123
|
+
def memcache_checker
|
|
124
|
+
@memcache_checker ||= DeviseCasAuthenticatable::MemcacheChecker.new(Rails.configuration)
|
|
125
|
+
end
|
|
118
126
|
end
|
|
@@ -2,7 +2,7 @@
|
|
|
2
2
|
|
|
3
3
|
Gem::Specification.new do |s|
|
|
4
4
|
s.name = %q{devise_cas_authenticatable}
|
|
5
|
-
s.version = "1.
|
|
5
|
+
s.version = "1.8.0"
|
|
6
6
|
|
|
7
7
|
s.required_rubygems_version = Gem::Requirement.new("> 1.3.1") if s.respond_to? :required_rubygems_version=
|
|
8
8
|
s.authors = ["Nat Budin", "Jeremy Haile"]
|
|
@@ -26,6 +26,7 @@ Gem::Specification.new do |s|
|
|
|
26
26
|
|
|
27
27
|
s.add_development_dependency("rails", ">= 3.0.7")
|
|
28
28
|
s.add_development_dependency("rspec-rails")
|
|
29
|
+
s.add_development_dependency("test-unit", "~> 3.0")
|
|
29
30
|
s.add_development_dependency("mocha")
|
|
30
31
|
s.add_development_dependency("shoulda")
|
|
31
32
|
s.add_development_dependency("sqlite3")
|
|
@@ -5,6 +5,7 @@ require 'devise_cas_authenticatable/routes'
|
|
|
5
5
|
require 'devise_cas_authenticatable/strategy'
|
|
6
6
|
require 'devise_cas_authenticatable/exceptions'
|
|
7
7
|
|
|
8
|
+
require 'devise_cas_authenticatable/session_store_identifier'
|
|
8
9
|
require 'devise_cas_authenticatable/single_sign_out'
|
|
9
10
|
|
|
10
11
|
require 'devise_cas_authenticatable/cas_action_url_factory_base'
|
|
@@ -12,6 +13,7 @@ require 'devise_cas_authenticatable/cas_action_url_factory_base'
|
|
|
12
13
|
require 'rubycas-client'
|
|
13
14
|
|
|
14
15
|
require 'devise_cas_authenticatable/railtie' if defined?(Rails::Railtie)
|
|
16
|
+
require 'devise_cas_authenticatable/memcache_checker'
|
|
15
17
|
|
|
16
18
|
# Register as a Rails engine if Rails::Engine exists
|
|
17
19
|
begin
|
|
@@ -22,7 +24,7 @@ else
|
|
|
22
24
|
class Engine < Rails::Engine
|
|
23
25
|
initializer "devise_cas_authenticatable.single_sign_on.warden_failure_app" do |app|
|
|
24
26
|
# requiring this here because the parent class calls Rails.application, which
|
|
25
|
-
# isn't set up until after bundler has required the modules in this engine
|
|
27
|
+
# isn't set up until after bundler has required the modules in this engine
|
|
26
28
|
require 'devise_cas_authenticatable/single_sign_out/warden_failure_app'
|
|
27
29
|
end
|
|
28
30
|
end
|
|
@@ -33,13 +35,13 @@ module Devise
|
|
|
33
35
|
# The base URL of the CAS server. For example, http://cas.example.com. Specifying this
|
|
34
36
|
# is mandatory.
|
|
35
37
|
@@cas_base_url = nil
|
|
36
|
-
|
|
38
|
+
|
|
37
39
|
# The login URL of the CAS server. If undefined, will default based on cas_base_url.
|
|
38
40
|
@@cas_login_url = nil
|
|
39
|
-
|
|
41
|
+
|
|
40
42
|
# The login URL of the CAS server. If undefined, will default based on cas_base_url.
|
|
41
43
|
@@cas_logout_url = nil
|
|
42
|
-
|
|
44
|
+
|
|
43
45
|
# The login URL of the CAS server. If undefined, will default based on cas_base_url.
|
|
44
46
|
@@cas_validate_url = nil
|
|
45
47
|
|
|
@@ -64,18 +66,18 @@ module Devise
|
|
|
64
66
|
# Should devise_cas_authenticatable attempt to create new user records for
|
|
65
67
|
# unknown usernames? True by default.
|
|
66
68
|
@@cas_create_user = true
|
|
67
|
-
|
|
69
|
+
|
|
68
70
|
# The model attribute used for query conditions. Should be the same as
|
|
69
71
|
# the rubycas-server username_column. :username by default
|
|
70
72
|
@@cas_username_column = :username
|
|
71
|
-
|
|
73
|
+
|
|
72
74
|
# The CAS reponse value used to find users in the local database
|
|
73
75
|
# it is required that this field be in cas_extra_attributes
|
|
74
76
|
@@cas_user_identifier = nil
|
|
75
77
|
|
|
76
|
-
# Name of the parameter passed in the logout query
|
|
78
|
+
# Name of the parameter passed in the logout query
|
|
77
79
|
@@cas_destination_logout_param_name = nil
|
|
78
|
-
|
|
80
|
+
|
|
79
81
|
# Additional options for CAS client object
|
|
80
82
|
@@cas_client_config_options = {}
|
|
81
83
|
|
|
@@ -96,21 +98,21 @@ module Devise
|
|
|
96
98
|
:validate_url => @@cas_validate_url,
|
|
97
99
|
:enable_single_sign_out => @@cas_enable_single_sign_out
|
|
98
100
|
}
|
|
99
|
-
|
|
101
|
+
|
|
100
102
|
cas_options.merge!(@@cas_client_config_options) if @@cas_client_config_options
|
|
101
|
-
|
|
103
|
+
|
|
102
104
|
CASClient::Client.new(cas_options)
|
|
103
105
|
end
|
|
104
106
|
end
|
|
105
|
-
|
|
107
|
+
|
|
106
108
|
def self.cas_service_url(base_url, mapping)
|
|
107
109
|
cas_action_url(base_url, mapping, "service")
|
|
108
110
|
end
|
|
109
|
-
|
|
111
|
+
|
|
110
112
|
def self.cas_unregistered_url(base_url, mapping)
|
|
111
113
|
cas_action_url(base_url, mapping, "unregistered")
|
|
112
114
|
end
|
|
113
|
-
|
|
115
|
+
|
|
114
116
|
private
|
|
115
117
|
def self.cas_action_url(base_url, mapping, action)
|
|
116
118
|
cas_action_url_factory_class.new(base_url, mapping, action).call
|
|
@@ -0,0 +1,34 @@
|
|
|
1
|
+
require 'net/telnet'
|
|
2
|
+
|
|
3
|
+
module DeviseCasAuthenticatable
|
|
4
|
+
class MemcacheChecker
|
|
5
|
+
attr_reader :rails_configuration
|
|
6
|
+
|
|
7
|
+
def initialize(rails_configuration)
|
|
8
|
+
@rails_configuration = rails_configuration
|
|
9
|
+
end
|
|
10
|
+
|
|
11
|
+
def session_store_memcache?
|
|
12
|
+
!!(session_store_class.name =~ /memcache/i)
|
|
13
|
+
end
|
|
14
|
+
|
|
15
|
+
def alive?
|
|
16
|
+
memcache_servers = rails_configuration.session_options[:memcache_server] || ["127.0.0.1:11211"]
|
|
17
|
+
memcache_servers.each do |server|
|
|
18
|
+
host, port = server.split(":")
|
|
19
|
+
begin
|
|
20
|
+
Net::Telnet.new("Host" => host, "Port" => port, "Timeout" => 1)
|
|
21
|
+
return true
|
|
22
|
+
rescue Errno::ECONNREFUSED
|
|
23
|
+
return false
|
|
24
|
+
end
|
|
25
|
+
end
|
|
26
|
+
end
|
|
27
|
+
|
|
28
|
+
private
|
|
29
|
+
|
|
30
|
+
def session_store_class
|
|
31
|
+
@session_store_class ||= DeviseCasAuthenticatable::SessionStoreIdentifier.new.session_store_class
|
|
32
|
+
end
|
|
33
|
+
end
|
|
34
|
+
end
|
|
@@ -0,0 +1,29 @@
|
|
|
1
|
+
module DeviseCasAuthenticatable
|
|
2
|
+
class SessionStoreIdentifier
|
|
3
|
+
|
|
4
|
+
def current_session_store
|
|
5
|
+
app = Rails.application.app
|
|
6
|
+
begin
|
|
7
|
+
app = (app.instance_variable_get(:@backend) || app.instance_variable_get(:@app) || app.instance_variable_get(:@target))
|
|
8
|
+
end until app.nil? or app.class == session_store_class
|
|
9
|
+
app
|
|
10
|
+
end
|
|
11
|
+
|
|
12
|
+
def session_store_class
|
|
13
|
+
@session_store_class ||=
|
|
14
|
+
begin
|
|
15
|
+
# Rails 3 & 4 session store
|
|
16
|
+
if ::DeviseCasAuthenticatable::SingleSignOut.rails3_or_greater?
|
|
17
|
+
Rails.configuration.session_store
|
|
18
|
+
::Rails.application.config.session_store
|
|
19
|
+
else
|
|
20
|
+
# => Rails 2
|
|
21
|
+
ActionController::Base.session_store
|
|
22
|
+
end
|
|
23
|
+
rescue NameError => e
|
|
24
|
+
# for older versions of Rails (prior to 2.3)
|
|
25
|
+
ActionController::Base.session_options[:database_manager]
|
|
26
|
+
end
|
|
27
|
+
end
|
|
28
|
+
end
|
|
29
|
+
end
|
|
@@ -7,31 +7,6 @@ module DeviseCasAuthenticatable
|
|
|
7
7
|
|
|
8
8
|
# Supports destroying sessions by ID for ActiveRecord and Redis session stores
|
|
9
9
|
module DestroySession
|
|
10
|
-
def session_store_class
|
|
11
|
-
@session_store_class ||=
|
|
12
|
-
begin
|
|
13
|
-
# Rails 3 & 4 session store
|
|
14
|
-
if ::DeviseCasAuthenticatable::SingleSignOut.rails3_or_greater?
|
|
15
|
-
Rails.configuration.session_store
|
|
16
|
-
::Rails.application.config.session_store
|
|
17
|
-
else
|
|
18
|
-
# => Rails 2
|
|
19
|
-
ActionController::Base.session_store
|
|
20
|
-
end
|
|
21
|
-
rescue NameError => e
|
|
22
|
-
# for older versions of Rails (prior to 2.3)
|
|
23
|
-
ActionController::Base.session_options[:database_manager]
|
|
24
|
-
end
|
|
25
|
-
end
|
|
26
|
-
|
|
27
|
-
def current_session_store
|
|
28
|
-
app = Rails.application.app
|
|
29
|
-
begin
|
|
30
|
-
app = (app.instance_variable_get(:@backend) || app.instance_variable_get(:@app) || app.instance_variable_get(:@target))
|
|
31
|
-
end until app.nil? or app.class == session_store_class
|
|
32
|
-
app
|
|
33
|
-
end
|
|
34
|
-
|
|
35
10
|
def destroy_session_by_id(sid)
|
|
36
11
|
logger.debug "Single Sign Out from session store: #{current_session_store.class}"
|
|
37
12
|
|
|
@@ -61,6 +36,18 @@ module DeviseCasAuthenticatable
|
|
|
61
36
|
false
|
|
62
37
|
end
|
|
63
38
|
end
|
|
39
|
+
|
|
40
|
+
def session_store_identifier
|
|
41
|
+
@session_store_identifier ||= DeviseCasAuthenticatable::SessionStoreIdentifier.new
|
|
42
|
+
end
|
|
43
|
+
|
|
44
|
+
def current_session_store
|
|
45
|
+
session_store_identifier.current_session_store
|
|
46
|
+
end
|
|
47
|
+
|
|
48
|
+
def session_store_class
|
|
49
|
+
session_store_identifier.session_store_class
|
|
50
|
+
end
|
|
64
51
|
end
|
|
65
52
|
|
|
66
53
|
end
|
|
@@ -0,0 +1,49 @@
|
|
|
1
|
+
require "spec_helper"
|
|
2
|
+
|
|
3
|
+
describe DeviseCasAuthenticatable::MemcacheChecker do
|
|
4
|
+
let(:conf_double) { stub(session_options: {}) }
|
|
5
|
+
|
|
6
|
+
describe '#session_store_memcache?' do
|
|
7
|
+
subject(:session_store_memcache?) { described_class.new(conf_double).session_store_memcache? }
|
|
8
|
+
|
|
9
|
+
before do
|
|
10
|
+
DeviseCasAuthenticatable::SessionStoreIdentifier.any_instance
|
|
11
|
+
.stubs(:session_store_class).returns(session_store_class)
|
|
12
|
+
end
|
|
13
|
+
|
|
14
|
+
context "when session store is memcache" do
|
|
15
|
+
let(:session_store_class) { FakeMemcacheStore }
|
|
16
|
+
|
|
17
|
+
it { expect(session_store_memcache?).to eq true }
|
|
18
|
+
end
|
|
19
|
+
|
|
20
|
+
context "when session store is NOT memcache" do
|
|
21
|
+
let(:session_store_class) { String }
|
|
22
|
+
|
|
23
|
+
it { expect(session_store_memcache?).to eq false }
|
|
24
|
+
end
|
|
25
|
+
end
|
|
26
|
+
|
|
27
|
+
describe 'alive?' do
|
|
28
|
+
context "when memcache is down" do
|
|
29
|
+
let(:conf_double) { stub(session_options: {memcache_server: ['127.0.0.1:11223']}) }
|
|
30
|
+
subject(:alive?) { described_class.new(conf_double).alive? }
|
|
31
|
+
|
|
32
|
+
it { expect(alive?).to eq false }
|
|
33
|
+
end
|
|
34
|
+
|
|
35
|
+
context "when memcache is running" do
|
|
36
|
+
let(:conf_double) { stub(session_options: {memcache_server: ['127.0.0.1:11214']}) }
|
|
37
|
+
subject(:alive?) { described_class.new(conf_double).alive? }
|
|
38
|
+
|
|
39
|
+
before do
|
|
40
|
+
Net::Telnet.stubs(:new)
|
|
41
|
+
end
|
|
42
|
+
|
|
43
|
+
it { expect(alive?).to eq true }
|
|
44
|
+
end
|
|
45
|
+
end
|
|
46
|
+
end
|
|
47
|
+
|
|
48
|
+
class FakeMemcacheStore
|
|
49
|
+
end
|
data/spec/spec_helper.rb
CHANGED
|
@@ -7,6 +7,7 @@ require 'rspec/rails'
|
|
|
7
7
|
require 'sham_rack'
|
|
8
8
|
require 'capybara/rspec'
|
|
9
9
|
require 'timecop'
|
|
10
|
+
require 'pry'
|
|
10
11
|
|
|
11
12
|
RSpec.configure do |config|
|
|
12
13
|
config.mock_with :mocha
|
|
@@ -15,7 +16,7 @@ end
|
|
|
15
16
|
ShamRack.at('www.example.com') do |env|
|
|
16
17
|
request = Rack::Request.new(env)
|
|
17
18
|
request.path_info = request.path_info.sub(/^\/cas_server/, '')
|
|
18
|
-
|
|
19
|
+
|
|
19
20
|
Castronaut::Application.call(request.env)
|
|
20
21
|
end
|
|
21
22
|
|
metadata
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: devise_cas_authenticatable
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 1.
|
|
4
|
+
version: 1.8.0
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Nat Budin
|
|
@@ -9,7 +9,7 @@ authors:
|
|
|
9
9
|
autorequire:
|
|
10
10
|
bindir: bin
|
|
11
11
|
cert_chain: []
|
|
12
|
-
date: 2016-
|
|
12
|
+
date: 2016-05-04 00:00:00.000000000 Z
|
|
13
13
|
dependencies:
|
|
14
14
|
- !ruby/object:Gem::Dependency
|
|
15
15
|
name: devise
|
|
@@ -67,6 +67,20 @@ dependencies:
|
|
|
67
67
|
- - ">="
|
|
68
68
|
- !ruby/object:Gem::Version
|
|
69
69
|
version: '0'
|
|
70
|
+
- !ruby/object:Gem::Dependency
|
|
71
|
+
name: test-unit
|
|
72
|
+
requirement: !ruby/object:Gem::Requirement
|
|
73
|
+
requirements:
|
|
74
|
+
- - "~>"
|
|
75
|
+
- !ruby/object:Gem::Version
|
|
76
|
+
version: '3.0'
|
|
77
|
+
type: :development
|
|
78
|
+
prerelease: false
|
|
79
|
+
version_requirements: !ruby/object:Gem::Requirement
|
|
80
|
+
requirements:
|
|
81
|
+
- - "~>"
|
|
82
|
+
- !ruby/object:Gem::Version
|
|
83
|
+
version: '3.0'
|
|
70
84
|
- !ruby/object:Gem::Dependency
|
|
71
85
|
name: mocha
|
|
72
86
|
requirement: !ruby/object:Gem::Requirement
|
|
@@ -202,6 +216,7 @@ extra_rdoc_files:
|
|
|
202
216
|
files:
|
|
203
217
|
- ".gitignore"
|
|
204
218
|
- ".project"
|
|
219
|
+
- ".rspec"
|
|
205
220
|
- ".travis.yml"
|
|
206
221
|
- CHANGELOG.md
|
|
207
222
|
- Gemfile
|
|
@@ -222,10 +237,12 @@ files:
|
|
|
222
237
|
- lib/devise_cas_authenticatable.rb
|
|
223
238
|
- lib/devise_cas_authenticatable/cas_action_url_factory_base.rb
|
|
224
239
|
- lib/devise_cas_authenticatable/exceptions.rb
|
|
240
|
+
- lib/devise_cas_authenticatable/memcache_checker.rb
|
|
225
241
|
- lib/devise_cas_authenticatable/model.rb
|
|
226
242
|
- lib/devise_cas_authenticatable/railtie.rb
|
|
227
243
|
- lib/devise_cas_authenticatable/routes.rb
|
|
228
244
|
- lib/devise_cas_authenticatable/schema.rb
|
|
245
|
+
- lib/devise_cas_authenticatable/session_store_identifier.rb
|
|
229
246
|
- lib/devise_cas_authenticatable/single_sign_out.rb
|
|
230
247
|
- lib/devise_cas_authenticatable/single_sign_out/rack.rb
|
|
231
248
|
- lib/devise_cas_authenticatable/single_sign_out/strategies.rb
|
|
@@ -235,6 +252,7 @@ files:
|
|
|
235
252
|
- lib/devise_cas_authenticatable/strategy.rb
|
|
236
253
|
- rails/init.rb
|
|
237
254
|
- spec/config_spec.rb
|
|
255
|
+
- spec/memcache_checker_spec.rb
|
|
238
256
|
- spec/model_spec.rb
|
|
239
257
|
- spec/routes_spec.rb
|
|
240
258
|
- spec/scenario/.gitignore
|
|
@@ -298,6 +316,7 @@ specification_version: 4
|
|
|
298
316
|
summary: CAS authentication module for Devise
|
|
299
317
|
test_files:
|
|
300
318
|
- spec/config_spec.rb
|
|
319
|
+
- spec/memcache_checker_spec.rb
|
|
301
320
|
- spec/model_spec.rb
|
|
302
321
|
- spec/routes_spec.rb
|
|
303
322
|
- spec/scenario/.gitignore
|