devise_cas_authenticatable 1.7.1 → 1.8.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/.rspec +1 -0
- data/.travis.yml +7 -1
- data/CHANGELOG.md +5 -0
- data/app/controllers/devise/cas_sessions_controller.rb +8 -0
- data/devise_cas_authenticatable.gemspec +2 -1
- data/lib/devise_cas_authenticatable.rb +15 -13
- data/lib/devise_cas_authenticatable/memcache_checker.rb +34 -0
- data/lib/devise_cas_authenticatable/session_store_identifier.rb +29 -0
- data/lib/devise_cas_authenticatable/single_sign_out.rb +12 -25
- data/spec/memcache_checker_spec.rb +49 -0
- data/spec/spec_helper.rb +2 -1
- metadata +21 -2
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA1:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 4e7a21d56c086e07750dfdf7e6ad8759233919ae
|
|
4
|
+
data.tar.gz: 3a9d7c28cf8889001a89e3f4eb5cdb46439b42e9
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: ba4cffad023fd9a1507c20f2a4145e4575f8173232e3aab9784f3c258082c6f1a82371f9f2ad300be5bbe3e491a7e97350bed01aff273a0ab0178673fd78ec61
|
|
7
|
+
data.tar.gz: 9512c05944ed91ae97221ba2f3ce22a89ee12384cd04c6a87e139cf203d9d1e132c8de754124e326dd11c327d8e62188543c092bf76372cedf95bf4be0c7ca2e
|
data/.rspec
ADDED
|
@@ -0,0 +1 @@
|
|
|
1
|
+
--color
|
data/.travis.yml
CHANGED
|
@@ -1,6 +1,11 @@
|
|
|
1
1
|
rvm:
|
|
2
2
|
- 1.9.3
|
|
3
3
|
- 2.0.0
|
|
4
|
+
- 2.1.2
|
|
5
|
+
- 2.2.4
|
|
6
|
+
- 2.3.0
|
|
7
|
+
before_install:
|
|
8
|
+
- gem update bundler
|
|
4
9
|
gemfile:
|
|
5
10
|
- Gemfile.devise12
|
|
6
11
|
- Gemfile.devise13
|
|
@@ -10,4 +15,5 @@ gemfile:
|
|
|
10
15
|
- Gemfile.devise21
|
|
11
16
|
- Gemfile.devise30
|
|
12
17
|
script: "bundle exec rake spec"
|
|
13
|
-
|
|
18
|
+
sudo: required
|
|
19
|
+
dist: trusty
|
data/CHANGELOG.md
CHANGED
|
@@ -1,5 +1,10 @@
|
|
|
1
1
|
# Changelog for devise\_cas\_authenticatable
|
|
2
2
|
|
|
3
|
+
## Version 1.8.0 - May 4, 2016
|
|
4
|
+
|
|
5
|
+
* May the 4th be with you!
|
|
6
|
+
* Prevent redirect loops when using memcached as a session store (thanks @fabioperrella!)
|
|
7
|
+
|
|
3
8
|
## Version 1.7.1 - February 2, 2016
|
|
4
9
|
|
|
5
10
|
* Work around weird `#try` behavior on older Rails versions
|
|
@@ -8,6 +8,10 @@ class Devise::CasSessionsController < Devise::SessionsController
|
|
|
8
8
|
skip_before_filter :verify_authenticity_token, :only => [:single_sign_out]
|
|
9
9
|
|
|
10
10
|
def new
|
|
11
|
+
if memcache_checker.session_store_memcache? && !memcache_checker.alive?
|
|
12
|
+
raise "memcache is down, can't get session data from it"
|
|
13
|
+
end
|
|
14
|
+
|
|
11
15
|
redirect_to(cas_login_url)
|
|
12
16
|
end
|
|
13
17
|
|
|
@@ -115,4 +119,8 @@ class Devise::CasSessionsController < Devise::SessionsController
|
|
|
115
119
|
::Devise.cas_client.logout_url(cas_destination_url, cas_follow_url)
|
|
116
120
|
end
|
|
117
121
|
end
|
|
122
|
+
|
|
123
|
+
def memcache_checker
|
|
124
|
+
@memcache_checker ||= DeviseCasAuthenticatable::MemcacheChecker.new(Rails.configuration)
|
|
125
|
+
end
|
|
118
126
|
end
|
|
@@ -2,7 +2,7 @@
|
|
|
2
2
|
|
|
3
3
|
Gem::Specification.new do |s|
|
|
4
4
|
s.name = %q{devise_cas_authenticatable}
|
|
5
|
-
s.version = "1.
|
|
5
|
+
s.version = "1.8.0"
|
|
6
6
|
|
|
7
7
|
s.required_rubygems_version = Gem::Requirement.new("> 1.3.1") if s.respond_to? :required_rubygems_version=
|
|
8
8
|
s.authors = ["Nat Budin", "Jeremy Haile"]
|
|
@@ -26,6 +26,7 @@ Gem::Specification.new do |s|
|
|
|
26
26
|
|
|
27
27
|
s.add_development_dependency("rails", ">= 3.0.7")
|
|
28
28
|
s.add_development_dependency("rspec-rails")
|
|
29
|
+
s.add_development_dependency("test-unit", "~> 3.0")
|
|
29
30
|
s.add_development_dependency("mocha")
|
|
30
31
|
s.add_development_dependency("shoulda")
|
|
31
32
|
s.add_development_dependency("sqlite3")
|
|
@@ -5,6 +5,7 @@ require 'devise_cas_authenticatable/routes'
|
|
|
5
5
|
require 'devise_cas_authenticatable/strategy'
|
|
6
6
|
require 'devise_cas_authenticatable/exceptions'
|
|
7
7
|
|
|
8
|
+
require 'devise_cas_authenticatable/session_store_identifier'
|
|
8
9
|
require 'devise_cas_authenticatable/single_sign_out'
|
|
9
10
|
|
|
10
11
|
require 'devise_cas_authenticatable/cas_action_url_factory_base'
|
|
@@ -12,6 +13,7 @@ require 'devise_cas_authenticatable/cas_action_url_factory_base'
|
|
|
12
13
|
require 'rubycas-client'
|
|
13
14
|
|
|
14
15
|
require 'devise_cas_authenticatable/railtie' if defined?(Rails::Railtie)
|
|
16
|
+
require 'devise_cas_authenticatable/memcache_checker'
|
|
15
17
|
|
|
16
18
|
# Register as a Rails engine if Rails::Engine exists
|
|
17
19
|
begin
|
|
@@ -22,7 +24,7 @@ else
|
|
|
22
24
|
class Engine < Rails::Engine
|
|
23
25
|
initializer "devise_cas_authenticatable.single_sign_on.warden_failure_app" do |app|
|
|
24
26
|
# requiring this here because the parent class calls Rails.application, which
|
|
25
|
-
# isn't set up until after bundler has required the modules in this engine
|
|
27
|
+
# isn't set up until after bundler has required the modules in this engine
|
|
26
28
|
require 'devise_cas_authenticatable/single_sign_out/warden_failure_app'
|
|
27
29
|
end
|
|
28
30
|
end
|
|
@@ -33,13 +35,13 @@ module Devise
|
|
|
33
35
|
# The base URL of the CAS server. For example, http://cas.example.com. Specifying this
|
|
34
36
|
# is mandatory.
|
|
35
37
|
@@cas_base_url = nil
|
|
36
|
-
|
|
38
|
+
|
|
37
39
|
# The login URL of the CAS server. If undefined, will default based on cas_base_url.
|
|
38
40
|
@@cas_login_url = nil
|
|
39
|
-
|
|
41
|
+
|
|
40
42
|
# The login URL of the CAS server. If undefined, will default based on cas_base_url.
|
|
41
43
|
@@cas_logout_url = nil
|
|
42
|
-
|
|
44
|
+
|
|
43
45
|
# The login URL of the CAS server. If undefined, will default based on cas_base_url.
|
|
44
46
|
@@cas_validate_url = nil
|
|
45
47
|
|
|
@@ -64,18 +66,18 @@ module Devise
|
|
|
64
66
|
# Should devise_cas_authenticatable attempt to create new user records for
|
|
65
67
|
# unknown usernames? True by default.
|
|
66
68
|
@@cas_create_user = true
|
|
67
|
-
|
|
69
|
+
|
|
68
70
|
# The model attribute used for query conditions. Should be the same as
|
|
69
71
|
# the rubycas-server username_column. :username by default
|
|
70
72
|
@@cas_username_column = :username
|
|
71
|
-
|
|
73
|
+
|
|
72
74
|
# The CAS reponse value used to find users in the local database
|
|
73
75
|
# it is required that this field be in cas_extra_attributes
|
|
74
76
|
@@cas_user_identifier = nil
|
|
75
77
|
|
|
76
|
-
# Name of the parameter passed in the logout query
|
|
78
|
+
# Name of the parameter passed in the logout query
|
|
77
79
|
@@cas_destination_logout_param_name = nil
|
|
78
|
-
|
|
80
|
+
|
|
79
81
|
# Additional options for CAS client object
|
|
80
82
|
@@cas_client_config_options = {}
|
|
81
83
|
|
|
@@ -96,21 +98,21 @@ module Devise
|
|
|
96
98
|
:validate_url => @@cas_validate_url,
|
|
97
99
|
:enable_single_sign_out => @@cas_enable_single_sign_out
|
|
98
100
|
}
|
|
99
|
-
|
|
101
|
+
|
|
100
102
|
cas_options.merge!(@@cas_client_config_options) if @@cas_client_config_options
|
|
101
|
-
|
|
103
|
+
|
|
102
104
|
CASClient::Client.new(cas_options)
|
|
103
105
|
end
|
|
104
106
|
end
|
|
105
|
-
|
|
107
|
+
|
|
106
108
|
def self.cas_service_url(base_url, mapping)
|
|
107
109
|
cas_action_url(base_url, mapping, "service")
|
|
108
110
|
end
|
|
109
|
-
|
|
111
|
+
|
|
110
112
|
def self.cas_unregistered_url(base_url, mapping)
|
|
111
113
|
cas_action_url(base_url, mapping, "unregistered")
|
|
112
114
|
end
|
|
113
|
-
|
|
115
|
+
|
|
114
116
|
private
|
|
115
117
|
def self.cas_action_url(base_url, mapping, action)
|
|
116
118
|
cas_action_url_factory_class.new(base_url, mapping, action).call
|
|
@@ -0,0 +1,34 @@
|
|
|
1
|
+
require 'net/telnet'
|
|
2
|
+
|
|
3
|
+
module DeviseCasAuthenticatable
|
|
4
|
+
class MemcacheChecker
|
|
5
|
+
attr_reader :rails_configuration
|
|
6
|
+
|
|
7
|
+
def initialize(rails_configuration)
|
|
8
|
+
@rails_configuration = rails_configuration
|
|
9
|
+
end
|
|
10
|
+
|
|
11
|
+
def session_store_memcache?
|
|
12
|
+
!!(session_store_class.name =~ /memcache/i)
|
|
13
|
+
end
|
|
14
|
+
|
|
15
|
+
def alive?
|
|
16
|
+
memcache_servers = rails_configuration.session_options[:memcache_server] || ["127.0.0.1:11211"]
|
|
17
|
+
memcache_servers.each do |server|
|
|
18
|
+
host, port = server.split(":")
|
|
19
|
+
begin
|
|
20
|
+
Net::Telnet.new("Host" => host, "Port" => port, "Timeout" => 1)
|
|
21
|
+
return true
|
|
22
|
+
rescue Errno::ECONNREFUSED
|
|
23
|
+
return false
|
|
24
|
+
end
|
|
25
|
+
end
|
|
26
|
+
end
|
|
27
|
+
|
|
28
|
+
private
|
|
29
|
+
|
|
30
|
+
def session_store_class
|
|
31
|
+
@session_store_class ||= DeviseCasAuthenticatable::SessionStoreIdentifier.new.session_store_class
|
|
32
|
+
end
|
|
33
|
+
end
|
|
34
|
+
end
|
|
@@ -0,0 +1,29 @@
|
|
|
1
|
+
module DeviseCasAuthenticatable
|
|
2
|
+
class SessionStoreIdentifier
|
|
3
|
+
|
|
4
|
+
def current_session_store
|
|
5
|
+
app = Rails.application.app
|
|
6
|
+
begin
|
|
7
|
+
app = (app.instance_variable_get(:@backend) || app.instance_variable_get(:@app) || app.instance_variable_get(:@target))
|
|
8
|
+
end until app.nil? or app.class == session_store_class
|
|
9
|
+
app
|
|
10
|
+
end
|
|
11
|
+
|
|
12
|
+
def session_store_class
|
|
13
|
+
@session_store_class ||=
|
|
14
|
+
begin
|
|
15
|
+
# Rails 3 & 4 session store
|
|
16
|
+
if ::DeviseCasAuthenticatable::SingleSignOut.rails3_or_greater?
|
|
17
|
+
Rails.configuration.session_store
|
|
18
|
+
::Rails.application.config.session_store
|
|
19
|
+
else
|
|
20
|
+
# => Rails 2
|
|
21
|
+
ActionController::Base.session_store
|
|
22
|
+
end
|
|
23
|
+
rescue NameError => e
|
|
24
|
+
# for older versions of Rails (prior to 2.3)
|
|
25
|
+
ActionController::Base.session_options[:database_manager]
|
|
26
|
+
end
|
|
27
|
+
end
|
|
28
|
+
end
|
|
29
|
+
end
|
|
@@ -7,31 +7,6 @@ module DeviseCasAuthenticatable
|
|
|
7
7
|
|
|
8
8
|
# Supports destroying sessions by ID for ActiveRecord and Redis session stores
|
|
9
9
|
module DestroySession
|
|
10
|
-
def session_store_class
|
|
11
|
-
@session_store_class ||=
|
|
12
|
-
begin
|
|
13
|
-
# Rails 3 & 4 session store
|
|
14
|
-
if ::DeviseCasAuthenticatable::SingleSignOut.rails3_or_greater?
|
|
15
|
-
Rails.configuration.session_store
|
|
16
|
-
::Rails.application.config.session_store
|
|
17
|
-
else
|
|
18
|
-
# => Rails 2
|
|
19
|
-
ActionController::Base.session_store
|
|
20
|
-
end
|
|
21
|
-
rescue NameError => e
|
|
22
|
-
# for older versions of Rails (prior to 2.3)
|
|
23
|
-
ActionController::Base.session_options[:database_manager]
|
|
24
|
-
end
|
|
25
|
-
end
|
|
26
|
-
|
|
27
|
-
def current_session_store
|
|
28
|
-
app = Rails.application.app
|
|
29
|
-
begin
|
|
30
|
-
app = (app.instance_variable_get(:@backend) || app.instance_variable_get(:@app) || app.instance_variable_get(:@target))
|
|
31
|
-
end until app.nil? or app.class == session_store_class
|
|
32
|
-
app
|
|
33
|
-
end
|
|
34
|
-
|
|
35
10
|
def destroy_session_by_id(sid)
|
|
36
11
|
logger.debug "Single Sign Out from session store: #{current_session_store.class}"
|
|
37
12
|
|
|
@@ -61,6 +36,18 @@ module DeviseCasAuthenticatable
|
|
|
61
36
|
false
|
|
62
37
|
end
|
|
63
38
|
end
|
|
39
|
+
|
|
40
|
+
def session_store_identifier
|
|
41
|
+
@session_store_identifier ||= DeviseCasAuthenticatable::SessionStoreIdentifier.new
|
|
42
|
+
end
|
|
43
|
+
|
|
44
|
+
def current_session_store
|
|
45
|
+
session_store_identifier.current_session_store
|
|
46
|
+
end
|
|
47
|
+
|
|
48
|
+
def session_store_class
|
|
49
|
+
session_store_identifier.session_store_class
|
|
50
|
+
end
|
|
64
51
|
end
|
|
65
52
|
|
|
66
53
|
end
|
|
@@ -0,0 +1,49 @@
|
|
|
1
|
+
require "spec_helper"
|
|
2
|
+
|
|
3
|
+
describe DeviseCasAuthenticatable::MemcacheChecker do
|
|
4
|
+
let(:conf_double) { stub(session_options: {}) }
|
|
5
|
+
|
|
6
|
+
describe '#session_store_memcache?' do
|
|
7
|
+
subject(:session_store_memcache?) { described_class.new(conf_double).session_store_memcache? }
|
|
8
|
+
|
|
9
|
+
before do
|
|
10
|
+
DeviseCasAuthenticatable::SessionStoreIdentifier.any_instance
|
|
11
|
+
.stubs(:session_store_class).returns(session_store_class)
|
|
12
|
+
end
|
|
13
|
+
|
|
14
|
+
context "when session store is memcache" do
|
|
15
|
+
let(:session_store_class) { FakeMemcacheStore }
|
|
16
|
+
|
|
17
|
+
it { expect(session_store_memcache?).to eq true }
|
|
18
|
+
end
|
|
19
|
+
|
|
20
|
+
context "when session store is NOT memcache" do
|
|
21
|
+
let(:session_store_class) { String }
|
|
22
|
+
|
|
23
|
+
it { expect(session_store_memcache?).to eq false }
|
|
24
|
+
end
|
|
25
|
+
end
|
|
26
|
+
|
|
27
|
+
describe 'alive?' do
|
|
28
|
+
context "when memcache is down" do
|
|
29
|
+
let(:conf_double) { stub(session_options: {memcache_server: ['127.0.0.1:11223']}) }
|
|
30
|
+
subject(:alive?) { described_class.new(conf_double).alive? }
|
|
31
|
+
|
|
32
|
+
it { expect(alive?).to eq false }
|
|
33
|
+
end
|
|
34
|
+
|
|
35
|
+
context "when memcache is running" do
|
|
36
|
+
let(:conf_double) { stub(session_options: {memcache_server: ['127.0.0.1:11214']}) }
|
|
37
|
+
subject(:alive?) { described_class.new(conf_double).alive? }
|
|
38
|
+
|
|
39
|
+
before do
|
|
40
|
+
Net::Telnet.stubs(:new)
|
|
41
|
+
end
|
|
42
|
+
|
|
43
|
+
it { expect(alive?).to eq true }
|
|
44
|
+
end
|
|
45
|
+
end
|
|
46
|
+
end
|
|
47
|
+
|
|
48
|
+
class FakeMemcacheStore
|
|
49
|
+
end
|
data/spec/spec_helper.rb
CHANGED
|
@@ -7,6 +7,7 @@ require 'rspec/rails'
|
|
|
7
7
|
require 'sham_rack'
|
|
8
8
|
require 'capybara/rspec'
|
|
9
9
|
require 'timecop'
|
|
10
|
+
require 'pry'
|
|
10
11
|
|
|
11
12
|
RSpec.configure do |config|
|
|
12
13
|
config.mock_with :mocha
|
|
@@ -15,7 +16,7 @@ end
|
|
|
15
16
|
ShamRack.at('www.example.com') do |env|
|
|
16
17
|
request = Rack::Request.new(env)
|
|
17
18
|
request.path_info = request.path_info.sub(/^\/cas_server/, '')
|
|
18
|
-
|
|
19
|
+
|
|
19
20
|
Castronaut::Application.call(request.env)
|
|
20
21
|
end
|
|
21
22
|
|
metadata
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: devise_cas_authenticatable
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 1.
|
|
4
|
+
version: 1.8.0
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Nat Budin
|
|
@@ -9,7 +9,7 @@ authors:
|
|
|
9
9
|
autorequire:
|
|
10
10
|
bindir: bin
|
|
11
11
|
cert_chain: []
|
|
12
|
-
date: 2016-
|
|
12
|
+
date: 2016-05-04 00:00:00.000000000 Z
|
|
13
13
|
dependencies:
|
|
14
14
|
- !ruby/object:Gem::Dependency
|
|
15
15
|
name: devise
|
|
@@ -67,6 +67,20 @@ dependencies:
|
|
|
67
67
|
- - ">="
|
|
68
68
|
- !ruby/object:Gem::Version
|
|
69
69
|
version: '0'
|
|
70
|
+
- !ruby/object:Gem::Dependency
|
|
71
|
+
name: test-unit
|
|
72
|
+
requirement: !ruby/object:Gem::Requirement
|
|
73
|
+
requirements:
|
|
74
|
+
- - "~>"
|
|
75
|
+
- !ruby/object:Gem::Version
|
|
76
|
+
version: '3.0'
|
|
77
|
+
type: :development
|
|
78
|
+
prerelease: false
|
|
79
|
+
version_requirements: !ruby/object:Gem::Requirement
|
|
80
|
+
requirements:
|
|
81
|
+
- - "~>"
|
|
82
|
+
- !ruby/object:Gem::Version
|
|
83
|
+
version: '3.0'
|
|
70
84
|
- !ruby/object:Gem::Dependency
|
|
71
85
|
name: mocha
|
|
72
86
|
requirement: !ruby/object:Gem::Requirement
|
|
@@ -202,6 +216,7 @@ extra_rdoc_files:
|
|
|
202
216
|
files:
|
|
203
217
|
- ".gitignore"
|
|
204
218
|
- ".project"
|
|
219
|
+
- ".rspec"
|
|
205
220
|
- ".travis.yml"
|
|
206
221
|
- CHANGELOG.md
|
|
207
222
|
- Gemfile
|
|
@@ -222,10 +237,12 @@ files:
|
|
|
222
237
|
- lib/devise_cas_authenticatable.rb
|
|
223
238
|
- lib/devise_cas_authenticatable/cas_action_url_factory_base.rb
|
|
224
239
|
- lib/devise_cas_authenticatable/exceptions.rb
|
|
240
|
+
- lib/devise_cas_authenticatable/memcache_checker.rb
|
|
225
241
|
- lib/devise_cas_authenticatable/model.rb
|
|
226
242
|
- lib/devise_cas_authenticatable/railtie.rb
|
|
227
243
|
- lib/devise_cas_authenticatable/routes.rb
|
|
228
244
|
- lib/devise_cas_authenticatable/schema.rb
|
|
245
|
+
- lib/devise_cas_authenticatable/session_store_identifier.rb
|
|
229
246
|
- lib/devise_cas_authenticatable/single_sign_out.rb
|
|
230
247
|
- lib/devise_cas_authenticatable/single_sign_out/rack.rb
|
|
231
248
|
- lib/devise_cas_authenticatable/single_sign_out/strategies.rb
|
|
@@ -235,6 +252,7 @@ files:
|
|
|
235
252
|
- lib/devise_cas_authenticatable/strategy.rb
|
|
236
253
|
- rails/init.rb
|
|
237
254
|
- spec/config_spec.rb
|
|
255
|
+
- spec/memcache_checker_spec.rb
|
|
238
256
|
- spec/model_spec.rb
|
|
239
257
|
- spec/routes_spec.rb
|
|
240
258
|
- spec/scenario/.gitignore
|
|
@@ -298,6 +316,7 @@ specification_version: 4
|
|
|
298
316
|
summary: CAS authentication module for Devise
|
|
299
317
|
test_files:
|
|
300
318
|
- spec/config_spec.rb
|
|
319
|
+
- spec/memcache_checker_spec.rb
|
|
301
320
|
- spec/model_spec.rb
|
|
302
321
|
- spec/routes_spec.rb
|
|
303
322
|
- spec/scenario/.gitignore
|