global_session 3.0.0 → 3.0.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
data/VERSION CHANGED
@@ -1 +1 @@
1
- 3.0.0
1
+ 3.0.1
@@ -5,11 +5,11 @@
5
5
 
6
6
  Gem::Specification.new do |s|
7
7
  s.name = %q{global_session}
8
- s.version = "3.0.0"
8
+ s.version = "3.0.1"
9
9
 
10
10
  s.required_rubygems_version = Gem::Requirement.new(">= 0") if s.respond_to? :required_rubygems_version=
11
11
  s.authors = ["Tony Spataro"]
12
- s.date = %q{2013-09-23}
12
+ s.date = %q{2013-10-11}
13
13
  s.description = %q{This Rack middleware allows several web apps in an authentication domain to share session state, facilitating single sign-on in a distributed web app. It only provides session sharing and does not concern itself with authentication or replication of the user database.}
14
14
  s.email = %q{support@rightscale.com}
15
15
  s.extra_rdoc_files = [
@@ -57,7 +57,7 @@ Gem::Specification.new do |s|
57
57
  if Gem::Version.new(Gem::VERSION) >= Gem::Version.new('1.2.0') then
58
58
  s.add_runtime_dependency(%q<json>, ["~> 1.4"])
59
59
  s.add_runtime_dependency(%q<rack-contrib>, ["~> 1.0"])
60
- s.add_runtime_dependency(%q<right_support>, [">= 2.8.1", "< 3.0"])
60
+ s.add_runtime_dependency(%q<right_support>, [">= 2.8.2", "< 3.0"])
61
61
  s.add_runtime_dependency(%q<simple_uuid>, [">= 0.2.0"])
62
62
  s.add_development_dependency(%q<cucumber>, ["~> 1.0"])
63
63
  s.add_development_dependency(%q<debugger>, ["~> 1.5"])
@@ -72,7 +72,7 @@ Gem::Specification.new do |s|
72
72
  else
73
73
  s.add_dependency(%q<json>, ["~> 1.4"])
74
74
  s.add_dependency(%q<rack-contrib>, ["~> 1.0"])
75
- s.add_dependency(%q<right_support>, [">= 2.8.1", "< 3.0"])
75
+ s.add_dependency(%q<right_support>, [">= 2.8.2", "< 3.0"])
76
76
  s.add_dependency(%q<simple_uuid>, [">= 0.2.0"])
77
77
  s.add_dependency(%q<cucumber>, ["~> 1.0"])
78
78
  s.add_dependency(%q<debugger>, ["~> 1.5"])
@@ -88,7 +88,7 @@ Gem::Specification.new do |s|
88
88
  else
89
89
  s.add_dependency(%q<json>, ["~> 1.4"])
90
90
  s.add_dependency(%q<rack-contrib>, ["~> 1.0"])
91
- s.add_dependency(%q<right_support>, [">= 2.8.1", "< 3.0"])
91
+ s.add_dependency(%q<right_support>, [">= 2.8.2", "< 3.0"])
92
92
  s.add_dependency(%q<simple_uuid>, [">= 0.2.0"])
93
93
  s.add_dependency(%q<cucumber>, ["~> 1.0"])
94
94
  s.add_dependency(%q<debugger>, ["~> 1.5"])
@@ -89,7 +89,7 @@ module GlobalSession
89
89
 
90
90
  begin
91
91
  err = nil
92
- read_cookie(env)
92
+ read_authorization_header(env) || read_cookie(env) || create_session(env)
93
93
  rescue Exception => read_err
94
94
  err = read_err
95
95
 
@@ -117,20 +117,65 @@ module GlobalSession
117
117
  end
118
118
  end
119
119
 
120
- protected
120
+ # Read a global session from the HTTP Authorization header, if present. If an authorization
121
+ # header was found, also disable global session cookie update and renewal by setting the
122
+ # corresponding keys of the Rack environment.
123
+ #
124
+ # === Parameters
125
+ # env(Hash): Rack environment.
126
+ #
127
+ # === Return
128
+ # result(true,false):: Returns true if the environment was populated, false otherwise
129
+ def read_authorization_header(env)
130
+ if env.has_key? 'X-HTTP_AUTHORIZATION'
131
+ # RFC2617 style (preferred by OAuth 2.0 spec)
132
+ header_data = env['X-HTTP_AUTHORIZATION'].to_s.split
133
+ elsif env.has_key? 'HTTP_AUTHORIZATION'
134
+ # Fallback style (generally when no load balancer is present, e.g. dev/test)
135
+ header_data = env['HTTP_AUTHORIZATION'].to_s.split
136
+ else
137
+ header_data = nil
138
+ end
121
139
 
122
- # Read a cookie from the Rack environment.
140
+ if header_data && header_data.size == 2 && header_data.first.downcase == 'bearer'
141
+ env['global_session.req.renew'] = false
142
+ env['global_session.req.update'] = false
143
+ env['global_session'] = @directory.load_session(header_data.last)
144
+ true
145
+ else
146
+ false
147
+ end
148
+ end
149
+
150
+ # Read a global session from HTTP cookies, if present.
123
151
  #
124
152
  # === Parameters
125
153
  # env(Hash): Rack environment.
154
+ #
155
+ # === Return
156
+ # result(true,false):: Returns true if the environment was populated, false otherwise
126
157
  def read_cookie(env)
127
158
  if @cookie_retrieval && (cookie = @cookie_retrieval.call(env))
128
159
  env['global_session'] = @directory.load_session(cookie)
160
+ true
129
161
  elsif env['rack.cookies'].has_key?(@cookie_name)
130
162
  env['global_session'] = @directory.load_session(env['rack.cookies'][@cookie_name])
163
+ true
131
164
  else
132
- env['global_session'] = @directory.create_session
165
+ false
133
166
  end
167
+ end
168
+
169
+ # Ensure that the Rack environment contains a global session object; create a session
170
+ # if necessary.
171
+ #
172
+ # === Parameters
173
+ # env(Hash): Rack environment.
174
+ #
175
+ # === Return
176
+ # true:: always returns true
177
+ def create_session(env)
178
+ env['global_session'] ||= @directory.create_session
134
179
 
135
180
  true
136
181
  end
metadata CHANGED
@@ -1,13 +1,13 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: global_session
3
3
  version: !ruby/object:Gem::Version
4
- hash: 7
4
+ hash: 5
5
5
  prerelease: false
6
6
  segments:
7
7
  - 3
8
8
  - 0
9
- - 0
10
- version: 3.0.0
9
+ - 1
10
+ version: 3.0.1
11
11
  platform: ruby
12
12
  authors:
13
13
  - Tony Spataro
@@ -15,7 +15,7 @@ autorequire:
15
15
  bindir: bin
16
16
  cert_chain: []
17
17
 
18
- date: 2013-10-03 00:00:00 -07:00
18
+ date: 2013-10-14 00:00:00 -07:00
19
19
  default_executable:
20
20
  dependencies:
21
21
  - !ruby/object:Gem::Dependency