global_session 1.0.10 → 1.0.13

data/global_session.gemspec

@@ -7,8 +7,8 @@ spec = Gem::Specification.new do |s|
   s.required_ruby_version = Gem::Requirement.new(">= 1.8.7")
 
   s.name    = 'global_session'
-  s.version = '1.0.10'
-  s.date    = '2012-03-07'
+  s.version = '1.0.13'
+  s.date    = '2012-09-26'
 
   s.authors = ['Tony Spataro']
   s.email   = 'support@rightscale.com'
@@ -17,7 +17,7 @@ spec = Gem::Specification.new do |s|
   s.summary = %q{Secure single-domain session sharing plugin for Rails.}
   s.description = %q{This plugin for Rails allows several web apps in an authentication domain to share session state, facilitating single sign-on in a distributed web app. It only provides session sharing and does not concern itself with authentication or replication of the user database.}
 
-  s.add_runtime_dependency('uuidtools', ["~> 2.1"])
+  s.add_runtime_dependency('uuidtools', [">= 1.0"])
   s.add_runtime_dependency('json', ["~> 1.4"])
   s.add_runtime_dependency('rack-contrib', ["~> 1.0"])
 

data/lib/global_session/configuration.rb

@@ -73,6 +73,11 @@ module GlobalSession
   # you are integrating; see GlobalSession::Rails for more information.
   #
   class Configuration
+    # @return a representation of the object suitable for printing to the console
+    def inspect
+      "<#{self.class.name} @environment=#{@environment.inspect}>"
+    end
+
     # Create a new Configuration object
     #
     # === Parameters

data/lib/global_session/directory.rb

@@ -54,12 +54,17 @@ module GlobalSession
   class Directory
     attr_reader :configuration, :authorities, :private_key
 
+    # @return a representation of the object suitable for printing to the console
+    def inspect
+      "<#{self.class.name} @configuration=#{@configuration.inspect}>"
+    end
+
     # Create a new Directory.
     #
     # === Parameters
     # keystore_directory(String):: Absolute path to authority keystore
     #
-    # ===Raise
+    # === Raise
     # ConfigurationError:: if too many or too few keys are found, or if *.key/*.pub files are malformatted
     def initialize(configuration, keystore_directory)
       @configuration = configuration
@@ -84,6 +89,26 @@ module GlobalSession
       @invalid_sessions = Set.new
     end
 
+    # Create a new Session, initialized against this directory and ready to
+    # be used by the app.
+    #
+    # === Parameters
+    # directory(Directory):: directory implementation that the session should use for various operations
+    # cookie(String):: Optional, serialized global session cookie. If none is supplied, a new session is created.
+    # valid_signature_digest(String):: Optional, already-trusted signature. If supplied, the expensive RSA-verify operation will be skipped if the cookie's signature matches the value supplied.
+    #
+    # === Return
+    # session(Session):: the newly-initialized session
+    #
+    # ===Raise
+    # InvalidSession:: if the session contained in the cookie has been invalidated
+    # ExpiredSession:: if the session contained in the cookie has expired
+    # MalformedCookie:: if the cookie was corrupt or malformed
+    # SecurityError:: if signature is invalid or cookie is not signed by a trusted authority
+    def create_session(*params)
+      Session.new(self, *params)
+    end
+
     def local_authority_name
       @configuration['authority']
     end
@@ -128,5 +153,18 @@ module GlobalSession
     def report_invalid_session(uuid, expired_at)
       @invalid_sessions << uuid
     end
+
+    # Callback used by GlobalSession::Rack::Middleware when the application invalidated
+    # current global_session object. This callback could help application to get data related 
+    # to the previous global session (old_global_session_id), and put it to new global session
+    # (new_global_sesion_id)
+
+    # invalidated_uuid(String):: Invalidated Global session UUID
+    # new_uuid(String):: Newly created Global session UUID
+    # === Return
+    # true: Always returns true
+    def session_invalidated(invalidated_uuid, new_uuid)
+      true
+    end
   end  
 end

data/lib/global_session/rack.rb

@@ -88,7 +88,7 @@ module GlobalSession
         begin
           read_cookie(env)
         rescue Exception => e
-          env['global_session'] = Session.new(@directory)
+          env['global_session'] = @directory.create_session
           handle_error('reading session cookie', env, e)
         end
 
@@ -114,12 +114,11 @@ module GlobalSession
       # env(Hash): Rack environment.
       def read_cookie(env)
         if env['rack.cookies'].has_key?(@cookie_name)
-          env['global_session'] = Session.new(@directory,
-                                              env['rack.cookies'][@cookie_name])
+          env['global_session'] = @directory.create_session(env['rack.cookies'][@cookie_name])
         elsif @cookie_retrieval && cookie = @cookie_retrieval.call(env)
-          env['global_session'] = Session.new(@directory, cookie)
+          env['global_session'] = @directory.create_session(cookie)
         else
-          env['global_session'] = Session.new(@directory)
+          env['global_session'] = @directory.create_session
         end
 
         true
@@ -149,9 +148,15 @@ module GlobalSession
 
         begin
           domain = @configuration['cookie']['domain'] || env['SERVER_NAME']
-          if env['global_session'] && env['global_session'].valid?
-            value = env['global_session'].to_s
-            expires = @configuration['ephemeral'] ? nil : env['global_session'].expired_at
+          if env['global_session']
+            global_session = env['global_session']
+            unless global_session.valid?
+              invalidated_uuid = global_session.id
+              global_session = @directory.create_session
+              @directory.session_invalidated(invalidated_uuid, global_session.id)
+            end
+            value = global_session.to_s
+            expires = @configuration['ephemeral'] ? nil : global_session.expired_at
             unless env['rack.cookies'].has_key?(@cookie_name) && env['rack.cookies'][@cookie_name] == value
               env['rack.cookies'][@cookie_name] =
                   {:value => value, :domain => domain, :expires => expires, :httponly=>true}

data/lib/global_session/rails/action_controller_class_methods.rb

@@ -25,24 +25,23 @@ module GlobalSession
     # app-wide data such as the configuration object, and implements the DSL used to
     # configure controllers' use of the global session.
     module ActionControllerClassMethods
-      def global_session_config
-        unless @global_session_config
-          config_file = File.join(::Rails.root, 'config', 'global_session.yml')
-          @global_session_config = GlobalSession::Configuration.new(config_file, RAILS_ENV)
-        end
-
-        return @global_session_config
-      end
-
-      def global_session_config=(config)
-        @global_session_config = config
-      end
+      VALID_OPTIONS = [:raise, :renew, :only, :except]
+      DEFAULT_OPTIONS = {
+        :raise=>true,
+        :renew=>true
+      }
 
       def has_global_session(options={})
-        odefault = {:integrated=>false, :raise=>true}
-        obase = self.superclass.global_session_options if self.superclass.respond_to?(:global_session_options)
-        obase ||= {}
-        options = odefault.merge(obase).merge(options)
+        #validate our options
+        options.assert_valid_keys(VALID_OPTIONS)
+        if options.key?(:only) && options.key?(:except)
+          raise ArgumentError, "Must specify :only OR :except, you specified both"
+        end
+
+        #start with default options; merge any options inherited from our base class;
+        #merge any options provided by the caller.
+        obase   = self.superclass.global_session_options
+        options = DEFAULT_OPTIONS.merge(obase).merge(options)
 
         #ensure derived-class options don't conflict with mutually exclusive base-class options
         options.delete(:only) if obase.has_key?(:only) && options.has_key?(:except)
@@ -51,20 +50,23 @@ module GlobalSession
         #mark the global session as enabled (a hidden option) and store our
         #calculated, merged options
         options[:enabled] = true
-        self.global_session_options = options
 
-        before_filter :global_session_initialize
+        self.global_session_options = options
       end
 
       def no_global_session
-        @global_session_options[:enabled] = false if @global_session_options
-        skip_before_filter :global_session_initialize
+        #mark the global session as not-enabled (a hidden option)
+        self.global_session_options={:enabled=>false}
       end
 
       def global_session_options
-        obase = self.superclass.global_session_options if self.superclass.respond_to?(:global_session_options) 
-        obase ||= {}
-        @global_session_options || obase
+        if @global_session_options
+          @global_session_options
+        elsif self.superclass.respond_to?(:global_session_options)
+          self.superclass.global_session_options
+        else
+          {}
+        end
       end
 
       def global_session_options=(options)

data/lib/global_session/rails/action_controller_instance_methods.rb

@@ -43,6 +43,8 @@ module GlobalSession
         unless base.instance_methods.include?("log_processing_without_global_session")
           base.alias_method_chain :log_processing, :global_session
         end
+
+        base.before_filter :global_session_initialize
       end
 
       # Shortcut accessor for global session configuration object.

data/lib/global_session/rails.rb

@@ -41,14 +41,40 @@ end
 
 module GlobalSession
   module Rails
-    def self.activate(config)
-      authorities = File.join(::Rails.root, 'config', 'authorities')
-      hgs_config  = ActionController::Base.global_session_config
-      hgs_dir     = GlobalSession::Directory.new(hgs_config, authorities)
+    class <<self
+      # Single Configuration object used by entire Rails app
+      attr_accessor :configuration
+
+      # Single Directory object used by entire Rails app
+      attr_accessor :directory
+    end
+
+    def self.activate(rails_config, &block)
+      config_file = File.join(::Rails.root, 'config', 'global_session.yml')
+      self.configuration = GlobalSession::Configuration.new(config_file, ::Rails.env)
+
+      dir_name = self.configuration['directory'] || 'GlobalSession::Directory'
+      begin
+        dir_klass = dir_name.constantize
+      rescue NameError => e
+        raise GlobalSession::ConfigurationError,
+              "Unknown/malformed directory class '#{dir_name}' in config file: #{e.message}"
+      end
+
+      unless dir_klass.ancestors.include?(GlobalSession::Directory)
+        raise GlobalSession::ConfigurationError,
+              "Specified directory class '#{dir_name}' does not inherit from GlobalSession::Directory"
+      end
+
+      authorities_dir = File.join(::Rails.root, 'config', 'authorities')
+      self.directory = dir_klass.new(self.configuration, authorities_dir)
 
       # Add our middleware to the stack.
-      config.middleware.use ::Rack::Cookies
-      config.middleware.use ::Rack::GlobalSession, hgs_config, hgs_dir
+      rails_config.middleware.insert_before(ActionController::Base.session_store, ::Rack::Cookies)
+      rails_config.middleware.insert_before(ActionController::Base.session_store, ::Rack::GlobalSession,
+                                    self.configuration,
+                                    self.directory,
+                                    &block)
 
       return true
     end

data/lib/global_session/session.rb

@@ -48,6 +48,11 @@ module GlobalSession
       return Encoding::JSON.load(json)
     end
 
+    # @return a representation of the object suitable for printing to the console
+    def inspect
+      "<#{self.class.name} @id=#{@id.inspect}>"
+    end
+
     # Create a new global session object.
     #
     # === Parameters

metadata

@@ -1,13 +1,13 @@
 --- !ruby/object:Gem::Specification 
 name: global_session
 version: !ruby/object:Gem::Version 
-  hash: 3
+  hash: 13
   prerelease: false
   segments: 
   - 1
   - 0
-  - 10
-  version: 1.0.10
+  - 13
+  version: 1.0.13
 platform: ruby
 authors: 
 - Tony Spataro
@@ -15,20 +15,20 @@ autorequire:
 bindir: bin
 cert_chain: []
 
-date: 2012-03-07 00:00:00 -08:00
+date: 2012-09-26 00:00:00 -07:00
 default_executable: 
 dependencies: 
 - !ruby/object:Gem::Dependency 
   version_requirements: &id001 !ruby/object:Gem::Requirement 
     none: false
     requirements: 
-    - - ~>
+    - - ">="
       - !ruby/object:Gem::Version 
-        hash: 1
+        hash: 15
         segments: 
-        - 2
         - 1
-        version: "2.1"
+        - 0
+        version: "1.0"
   requirement: *id001
   name: uuidtools
   prerelease: false