global_session 1.0.0 → 1.0.2

data/global_session.gemspec

@@ -7,8 +7,8 @@ spec = Gem::Specification.new do |s|
   s.required_ruby_version = Gem::Requirement.new(">= 1.8.7")
 
   s.name    = 'global_session'
-  s.version = '1.0.0'
-  s.date    = '2011-01-01'
+  s.version = '1.0.2'
+  s.date    = '2011-01-15'
 
   s.authors = ['Tony Spataro']
   s.email   = 'code@tracker.xeger.net'
@@ -21,11 +21,11 @@ spec = Gem::Specification.new do |s|
   s.add_runtime_dependency('json', [">= 1.1.7"])
   s.add_runtime_dependency('rack-contrib', [">= 1.0"])
 
-  s.add_development_dependency('rake', ["~> 0.8.7"])
-  s.add_development_dependency('ruby-debug', ["~> 0.10.3"])
-  s.add_development_dependency('rspec', [">= 1.3.0"])
-  s.add_development_dependency('flexmock', [">= 0.8.6"])
-  s.add_development_dependency('actionpack', [">= 2.1.2"])
+  s.add_development_dependency('rake', [">= 0.8.7"])
+  s.add_development_dependency('ruby-debug', [">= 0.10.3"])
+  s.add_development_dependency('rspec', ["~> 1.3"])
+  s.add_development_dependency('flexmock', ["~> 0.8"])
+  s.add_development_dependency('actionpack', ["~> 2.3"])
 
   basedir = File.dirname(__FILE__)
   candidates = ['global_session.gemspec', 'init.rb', 'MIT-LICENSE', 'README.rdoc'] +

data/lib/global_session/directory.rb

@@ -1,3 +1,5 @@
+require 'set'
+
 module GlobalSession
   # The global session directory, which provides some lookup and decision services
   # to instances of Session.
@@ -29,7 +31,7 @@ module GlobalSession
   # at initialization time.
   #
   class Directory
-    attr_reader :configuration, :authorities, :private_key, :local_authority_name
+    attr_reader :configuration, :authorities, :private_key
 
     # Create a new Directory.
     #
@@ -52,15 +54,20 @@ module GlobalSession
         raise ConfigurationError, "Expected #{basename} to contain an RSA public key" unless @authorities[authority].public?
       end
 
-      if (authority_name = @configuration['authority'])
-        key_file = keys.detect { |kf| kf =~ /#{authority_name}.key$/ }
-        raise ConfigurationError, "Key file #{authority_name}.key not found" unless key_file        
+      if local_authority_name
+        key_file = keys.detect { |kf| kf =~ /#{local_authority_name}.key$/ }
+        raise ConfigurationError, "Key file #{local_authority_name}.key not found" unless key_file        
         @private_key  = OpenSSL::PKey::RSA.new(File.read(key_file))
         raise ConfigurationError, "Expected #{key_file} to contain an RSA private key" unless @private_key.private?
-        @local_authority_name = authority_name
       end
+
+      @invalid_sessions = Set.new
     end
 
+    def local_authority_name
+      @configuration['authority']
+    end
+    
     # Determine whether this system trusts a particular authority based on
     # the trust settings specified in Configuration.
     #
@@ -85,11 +92,13 @@ module GlobalSession
     # === Return
     # valid(true|false):: whether the specified session is valid
     def valid_session?(uuid, expired_at)
-      expired_at > Time.now
+      (expired_at > Time.now) && !@invalid_sessions.include?(uuid)
     end
 
     # Callback used by Session objects to report when the application code calls
-    # #invalidate! on them. The default implementation of this method does nothing.
+    # #invalidate! on them. The default implementation of this method records
+    # invalid session IDs using an in-memory data structure, which is not ideal
+    # for most implementations.
     #
     # uuid(String):: Global session UUID
     # expired_at(Time):: When the session expired
@@ -97,7 +106,7 @@ module GlobalSession
     # === Return
     # true:: Always returns true
     def report_invalid_session(uuid, expired_at)
-      true
+      @invalid_sessions << uuid
     end
   end  
 end

data/lib/global_session/rack.rb

@@ -1,4 +1,4 @@
-basedir = File.dirname(__FILE__)
+require File.expand_path(File.join(File.dirname(__FILE__), "..", "global_session"))
 
 # Make sure the namespace exists, to satisfy Rails auto-loading
 module GlobalSession
@@ -37,8 +37,20 @@ module GlobalSession
           @configuration = configuration
         end
 
+        begin
+          klass_name = @configuration['directory'] || 'GlobalSession::Directory'
+
+          #Constantize the type name that was given as a string
+          parts = klass_name.split('::')
+          namespace = Object
+          namespace = namespace.const_get(parts.shift.to_sym) until parts.empty?
+          directory_klass = namespace
+        rescue Exception => e
+          raise ConfigurationError, "Invalid/unknown directory class name #{@configuration['directory']}"
+        end
+
         if directory.instance_of?(String)
-          @directory = Directory.new(@configuration, directory)
+          @directory = directory_klass.new(@configuration, directory)
         else
           @directory = directory
         end
@@ -47,6 +59,34 @@ module GlobalSession
         @cookie_name = @configuration['cookie']['name']
       end
 
+      # Rack request chain. Sets up the global session ticket from
+      # the environment and passes it up the chain.
+      def call(env)
+        env['rack.cookies'] = {} unless env['rack.cookies']
+
+        begin
+          read_cookie(env)
+        rescue Exception => e
+          env['global_session'] = Session.new(@directory)
+          handle_error('reading session cookie', env, e)
+        end
+
+        tuple = nil
+
+        begin
+          tuple = @app.call(env)
+        rescue Exception => e
+          handle_error('processing request', env, e)
+          return tuple
+        else
+          renew_cookie(env)
+          update_cookie(env)
+          return tuple
+        end
+      end
+
+      protected
+      
       # Read a cookie from the Rack environment.
       #
       # === Parameters
@@ -71,7 +111,7 @@ module GlobalSession
       def renew_cookie(env)
         return unless env['global_session'].directory.local_authority_name
         return if env['global_session.req.renew'] == false
-        
+
         if (renew = @configuration['renew']) && env['global_session'] &&
             env['global_session'].expired_at < Time.at(Time.now.utc + 60 * renew.to_i)
           env['global_session'].renew!
@@ -110,6 +150,9 @@ module GlobalSession
       # === Parameters
       # env(Hash): Rack environment
       def wipe_cookie(env)
+        return unless env['global_session'].directory.local_authority_name
+        return if env['global_session.req.update'] == false
+
         domain = @configuration['cookie']['domain'] || env['SERVER_NAME']
         env['rack.cookies'][@cookie_name] = {:value => nil, :domain => domain, :expires => Time.at(0)}
       end
@@ -123,42 +166,17 @@ module GlobalSession
       # env(Hash): Rack environment
       # e(Exception): error that happened
       def handle_error(activity, env, e)
-        if e.is_a? ClientError
+        env['rack.logger'].error("#{e.class} while #{activity}: #{e} #{e.backtrace}") if env['rack.logger']
+
+        if e.is_a?(ClientError) || e.is_a?(SecurityError)
           env['global_session.error'] = e
           wipe_cookie(env)
         elsif e.is_a? ConfigurationError
-          env['rack.logger'].error("#{e.class} while #{activity}: #{e} #{e.backtrace}") if env['rack.logger']
           env['global_session.error'] = e
         else
           raise e
         end
       end
-
-      # Rack request chain. Sets up the global session ticket from
-      # the environment and passes it up the chain.
-      def call(env)
-        env['rack.cookies'] = {} unless env['rack.cookies']
-
-        begin
-          read_cookie(env)
-        rescue Exception => e
-          env['global_session'] = Session.new(@directory)
-          handle_error('reading session cookie', env, e)
-        end
-
-        tuple = nil
-        
-        begin
-          tuple = @app.call(env)
-        rescue Exception => e
-          handle_error('processing request', env, e)
-          return tuple
-        else
-          renew_cookie(env)
-          update_cookie(env)
-          return tuple
-        end
-      end
     end
   end
 end

data/lib/global_session/rails/action_controller_instance_methods.rb

@@ -19,6 +19,9 @@ module GlobalSession
         unless base.instance_methods.include?("session_without_global_session")
           base.alias_method_chain :session, :global_session
         end
+        unless base.instance_methods.include?("log_processing_without_global_session")
+          base.alias_method_chain :log_processing, :global_session
+        end
       end
 
       # Shortcut accessor for global session configuration object.
@@ -115,16 +118,13 @@ module GlobalSession
       #
       # === Return
       # name(Type):: Description
-      def log_processing
-        if logger && logger.info?
-          log_processing_for_request_id
-          log_processing_for_parameters
-        end
-      end
+      def log_processing_with_global_session
+        return unless logger && logger.info?
 
-      def log_processing_for_request_id # :nodoc:
-        if global_session && global_session.id
-          session_id = global_session.id + " (#{session[:session_id]})"
+        gs = request.env['global_session']
+        
+        if gs && gs.id
+          session_id = gs.id + " (#{session[:session_id] || request.session_options[:id]})"
         elsif session[:session_id]
           session_id = session[:session_id]
         elsif request.session_options[:id]
@@ -137,9 +137,7 @@ module GlobalSession
         request_id << "\n  Session ID: #{session_id}" if session_id
 
         logger.info(request_id)
-      end
 
-      def log_processing_for_parameters # :nodoc:
         parameters = respond_to?(:filter_parameters) ? filter_parameters(params) : params.dup
         parameters = parameters.except!(:controller, :action, :format, :_method)
 

metadata

@@ -1,13 +1,13 @@
 --- !ruby/object:Gem::Specification 
 name: global_session
 version: !ruby/object:Gem::Version 
-  hash: 23
+  hash: 19
   prerelease: false
   segments: 
   - 1
   - 0
-  - 0
-  version: 1.0.0
+  - 2
+  version: 1.0.2
 platform: ruby
 authors: 
 - Tony Spataro
@@ -15,7 +15,7 @@ autorequire:
 bindir: bin
 cert_chain: []
 
-date: 2011-01-01 00:00:00 -08:00
+date: 2011-01-15 00:00:00 -08:00
 default_executable: 
 dependencies: 
 - !ruby/object:Gem::Dependency 
@@ -71,7 +71,7 @@ dependencies:
   requirement: &id004 !ruby/object:Gem::Requirement 
     none: false
     requirements: 
-    - - ~>
+    - - ">="
       - !ruby/object:Gem::Version 
         hash: 49
         segments: 
@@ -87,7 +87,7 @@ dependencies:
   requirement: &id005 !ruby/object:Gem::Requirement 
     none: false
     requirements: 
-    - - ~>
+    - - ">="
       - !ruby/object:Gem::Version 
         hash: 49
         segments: 
@@ -103,14 +103,13 @@ dependencies:
   requirement: &id006 !ruby/object:Gem::Requirement 
     none: false
     requirements: 
-    - - ">="
+    - - ~>
       - !ruby/object:Gem::Version 
-        hash: 27
+        hash: 9
         segments: 
         - 1
         - 3
-        - 0
-        version: 1.3.0
+        version: "1.3"
   type: :development
   version_requirements: *id006
 - !ruby/object:Gem::Dependency 
@@ -119,14 +118,13 @@ dependencies:
   requirement: &id007 !ruby/object:Gem::Requirement 
     none: false
     requirements: 
-    - - ">="
+    - - ~>
       - !ruby/object:Gem::Version 
-        hash: 51
+        hash: 27
         segments: 
         - 0
         - 8
-        - 6
-        version: 0.8.6
+        version: "0.8"
   type: :development
   version_requirements: *id007
 - !ruby/object:Gem::Dependency 
@@ -135,14 +133,13 @@ dependencies:
   requirement: &id008 !ruby/object:Gem::Requirement 
     none: false
     requirements: 
-    - - ">="
+    - - ~>
       - !ruby/object:Gem::Version 
-        hash: 15
+        hash: 5
         segments: 
         - 2
-        - 1
-        - 2
-        version: 2.1.2
+        - 3
+        version: "2.3"
   type: :development
   version_requirements: *id008
 description: This plugin for Rails allows several web apps in an authentication domain to share session state, facilitating single sign-on in a distributed web app. It only provides session sharing and does not concern itself with authentication or replication of the user database.