lastobelus-rubycas-client 2.0.5 → 2.0.6
Sign up to get free protection for your applications and to get access to all the features.
- data/lib/casclient/client.rb +20 -3
- data/lib/casclient/version.rb +1 -1
- metadata +1 -1
data/lib/casclient/client.rb
CHANGED
@@ -1,7 +1,8 @@
|
|
1
1
|
module CASClient
|
2
2
|
# The client brokers all HTTP transactions with the CAS server.
|
3
3
|
class Client
|
4
|
-
attr_reader :cas_base_url, :log, :username_session_key, :extra_attributes_session_key, :service_url
|
4
|
+
attr_reader :cas_base_url, :log, :username_session_key, :extra_attributes_session_key, :service_url
|
5
|
+
attr_reader :verify_ssl_certificate, :ssl_key_path, :ssl_cert_path, :ssl_ca_file_path
|
5
6
|
attr_writer :login_url, :validate_url, :proxy_url, :logout_url, :service_url
|
6
7
|
attr_accessor :proxy_callback_url, :proxy_retrieval_url
|
7
8
|
|
@@ -25,7 +26,9 @@ module CASClient
|
|
25
26
|
@verify_ssl_certificate = conf[:verify_ssl_certificate].nil? ? true : conf[:verify_ssl_certificate]
|
26
27
|
@username_session_key = conf[:username_session_key] || :cas_user
|
27
28
|
@extra_attributes_session_key = conf[:extra_attributes_session_key] || :cas_extra_attributes
|
28
|
-
|
29
|
+
@ssl_cert_path = conf[:ssl_cert_path]
|
30
|
+
@ssl_key_path = conf[:ssl_key_path]
|
31
|
+
@ssl_ca_file_path = conf[:ssl_ca_file_path]
|
29
32
|
@log = CASClient::LoggerWrapper.new
|
30
33
|
@log.set_real_logger(conf[:logger]) if conf[:logger]
|
31
34
|
end
|
@@ -121,10 +124,24 @@ module CASClient
|
|
121
124
|
def http_connection(uri)
|
122
125
|
https = Net::HTTP.new(uri.host, uri.port)
|
123
126
|
https.use_ssl = (uri.scheme == 'https')
|
124
|
-
https.enable_post_connection_check = true
|
127
|
+
https.enable_post_connection_check = true if defined?(http.enable_post_connection_check)
|
125
128
|
store = OpenSSL::X509::Store.new
|
126
129
|
store.set_default_paths
|
127
130
|
https.cert_store = store
|
131
|
+
|
132
|
+
# if your setup doesn't have the cacerts in the default place, you can pass a path to cacert.pem, which you can get at http://curl.haxx.se/ca/cacert.pem
|
133
|
+
https.ca_file = ssl_ca_file_path unless ssl_ca_file_path.blank?
|
134
|
+
unless ssl_cert_path.blank?
|
135
|
+
https.cert = OpenSSL::X509::Certificate.new(File.read(ssl_cert_path))
|
136
|
+
end
|
137
|
+
unless ssl_key_path.blank?
|
138
|
+
begin
|
139
|
+
https.key = OpenSSL::PKey::DSA.new(File.read(ssl_key_path))
|
140
|
+
rescue OpenSSL::PKey::DSAError
|
141
|
+
https.key = OpenSSL::PKey::RSA.new(File.read(ssl_key_path))
|
142
|
+
end
|
143
|
+
end
|
144
|
+
|
128
145
|
if verify_ssl_certificate
|
129
146
|
log.debug "casclient will verify_ssl_certificate"
|
130
147
|
https.verify_mode = OpenSSL::SSL::VERIFY_PEER
|
data/lib/casclient/version.rb
CHANGED