oa-enterprise 0.2.0.beta4 → 0.2.0.beta5
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
|
@@ -0,0 +1 @@
|
|
|
1
|
+
require 'omniauth/enterprise'
|
|
@@ -28,10 +28,10 @@ module OmniAuth
|
|
|
28
28
|
|
|
29
29
|
def callback_phase
|
|
30
30
|
ticket = request.params['ticket']
|
|
31
|
-
return fail!(:no_ticket) unless ticket
|
|
31
|
+
return fail!(:no_ticket, 'No CAS Ticket') unless ticket
|
|
32
32
|
validator = ServiceTicketValidator.new(@configuration, callback_url, ticket)
|
|
33
33
|
@user_info = validator.user_info
|
|
34
|
-
return fail!(:invalid_ticket) if @user_info.nil? || @user_info.empty?
|
|
34
|
+
return fail!(:invalid_ticket, 'Invalid CAS Ticket') if @user_info.nil? || @user_info.empty?
|
|
35
35
|
super
|
|
36
36
|
end
|
|
37
37
|
|
|
@@ -41,7 +41,7 @@ module OmniAuth
|
|
|
41
41
|
'extra' => @user_info
|
|
42
42
|
})
|
|
43
43
|
end
|
|
44
|
-
|
|
44
|
+
|
|
45
45
|
end
|
|
46
46
|
end
|
|
47
47
|
end
|
|
@@ -18,6 +18,8 @@ module OmniAuth
|
|
|
18
18
|
# @option params [String, nil] :cas_service_validate_url (:cas_server + '/serviceValidate') the
|
|
19
19
|
# URL to use for validating service tickets; optional if `:cas_server` is
|
|
20
20
|
# specified, requred otherwise.
|
|
21
|
+
# @option params [Boolean, nil] :disable_ssl_verification disable verification for SSL cert,
|
|
22
|
+
# helpful when you developing with a fake cert.
|
|
21
23
|
def initialize(params)
|
|
22
24
|
parse_params params
|
|
23
25
|
end
|
|
@@ -32,16 +34,24 @@ module OmniAuth
|
|
|
32
34
|
end
|
|
33
35
|
|
|
34
36
|
# Build a service-validation URL from +service+ and +ticket+.
|
|
37
|
+
# If +service+ has a ticket param, first remove it. URL-encode
|
|
38
|
+
# +service+ and add it and the +ticket+ as paraemters to the
|
|
39
|
+
# CAS serviceValidate URL.
|
|
35
40
|
#
|
|
36
41
|
# @param [String] service the service (a.k.a. return-to) URL
|
|
37
42
|
# @param [String] ticket the ticket to validate
|
|
38
43
|
#
|
|
39
44
|
# @return [String] a URL like `http://cas.mycompany.com/serviceValidate?service=...&ticket=...`
|
|
40
45
|
def service_validate_url(service, ticket)
|
|
41
|
-
|
|
46
|
+
service = service.sub(/[?&]ticket=[^?&]+/, '')
|
|
47
|
+
url = append_service(@service_validate_url, service)
|
|
42
48
|
url << '&ticket=' << Rack::Utils.escape(ticket)
|
|
43
49
|
end
|
|
44
50
|
|
|
51
|
+
def disable_ssl_verification?
|
|
52
|
+
@disable_ssl_verification
|
|
53
|
+
end
|
|
54
|
+
|
|
45
55
|
private
|
|
46
56
|
|
|
47
57
|
def parse_params(params)
|
|
@@ -58,6 +68,8 @@ module OmniAuth
|
|
|
58
68
|
@service_validate_url = params[:cas_service_validate_url]
|
|
59
69
|
@service_validate_url ||= DEFAULT_SERVICE_VALIDATE_URL % params[:cas_server]
|
|
60
70
|
validate_is_url 'service-validate URL', @service_validate_url
|
|
71
|
+
|
|
72
|
+
@disable_ssl_verification = params[:disable_ssl_verification]
|
|
61
73
|
end
|
|
62
74
|
|
|
63
75
|
IS_NOT_URL_ERROR_MESSAGE = "%s is not a valid URL"
|
|
@@ -14,7 +14,8 @@ module OmniAuth
|
|
|
14
14
|
# @param [String] return_to_url the URL of this CAS client service
|
|
15
15
|
# @param [String] ticket the service ticket to validate
|
|
16
16
|
def initialize(configuration, return_to_url, ticket)
|
|
17
|
-
@
|
|
17
|
+
@configuration = configuration
|
|
18
|
+
@uri = URI.parse(@configuration.service_validate_url(return_to_url, ticket))
|
|
18
19
|
end
|
|
19
20
|
|
|
20
21
|
# Request validation of the ticket from the CAS server's
|
|
@@ -30,7 +31,7 @@ module OmniAuth
|
|
|
30
31
|
end
|
|
31
32
|
|
|
32
33
|
private
|
|
33
|
-
|
|
34
|
+
|
|
34
35
|
# turns an `<cas:authenticationSuccess>` node into a Hash;
|
|
35
36
|
# returns nil if given nil
|
|
36
37
|
def parse_user_info(node)
|
|
@@ -67,8 +68,9 @@ module OmniAuth
|
|
|
67
68
|
result = ''
|
|
68
69
|
http = Net::HTTP.new(@uri.host, @uri.port)
|
|
69
70
|
http.use_ssl = @uri.port == 443 || @uri.instance_of?(URI::HTTPS)
|
|
71
|
+
http.verify_mode = OpenSSL::SSL::VERIFY_NONE if http.use_ssl? && @configuration.disable_ssl_verification?
|
|
70
72
|
http.start do |c|
|
|
71
|
-
response = c.get "#{@uri.path}?#{@uri.query}", VALIDATION_REQUEST_HEADERS
|
|
73
|
+
response = c.get "#{@uri.path}?#{@uri.query}", VALIDATION_REQUEST_HEADERS.dup
|
|
72
74
|
result = response.body
|
|
73
75
|
end
|
|
74
76
|
result
|
metadata
CHANGED
|
@@ -2,7 +2,7 @@
|
|
|
2
2
|
name: oa-enterprise
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
4
|
prerelease: 6
|
|
5
|
-
version: 0.2.0.
|
|
5
|
+
version: 0.2.0.beta5
|
|
6
6
|
platform: ruby
|
|
7
7
|
authors:
|
|
8
8
|
- James A. Rosen
|
|
@@ -11,7 +11,7 @@ autorequire:
|
|
|
11
11
|
bindir: bin
|
|
12
12
|
cert_chain: []
|
|
13
13
|
|
|
14
|
-
date: 2011-
|
|
14
|
+
date: 2011-03-01 00:00:00 -06:00
|
|
15
15
|
default_executable:
|
|
16
16
|
dependencies:
|
|
17
17
|
- !ruby/object:Gem::Dependency
|
|
@@ -21,7 +21,7 @@ dependencies:
|
|
|
21
21
|
requirements:
|
|
22
22
|
- - "="
|
|
23
23
|
- !ruby/object:Gem::Version
|
|
24
|
-
version: 0.2.0.
|
|
24
|
+
version: 0.2.0.beta5
|
|
25
25
|
type: :runtime
|
|
26
26
|
prerelease: false
|
|
27
27
|
version_requirements: *id001
|
|
@@ -144,6 +144,7 @@ extensions: []
|
|
|
144
144
|
extra_rdoc_files: []
|
|
145
145
|
|
|
146
146
|
files:
|
|
147
|
+
- lib/oa-enterprise.rb
|
|
147
148
|
- lib/omniauth/enterprise.rb
|
|
148
149
|
- lib/omniauth/strategies/cas/configuration.rb
|
|
149
150
|
- lib/omniauth/strategies/cas/service_ticket_validator.rb
|
|
@@ -166,7 +167,7 @@ required_ruby_version: !ruby/object:Gem::Requirement
|
|
|
166
167
|
requirements:
|
|
167
168
|
- - ">="
|
|
168
169
|
- !ruby/object:Gem::Version
|
|
169
|
-
hash: -
|
|
170
|
+
hash: -2736009096566092048
|
|
170
171
|
segments:
|
|
171
172
|
- 0
|
|
172
173
|
version: "0"
|