oa-enterprise 0.1.4 → 0.1.5
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
|
@@ -11,12 +11,12 @@ module OmniAuth
|
|
|
11
11
|
|
|
12
12
|
# @param [Hash] params configuration options
|
|
13
13
|
# @option params [String, nil] :cas_server the CAS server root URL; probably something like
|
|
14
|
-
#
|
|
14
|
+
# `http://cas.mycompany.com` or `http://cas.mycompany.com/cas`; optional.
|
|
15
15
|
# @option params [String, nil] :cas_login_url (:cas_server + '/login') the URL to which to
|
|
16
|
-
# redirect for logins; options if
|
|
16
|
+
# redirect for logins; options if `:cas_server` is specified,
|
|
17
17
|
# required otherwise.
|
|
18
18
|
# @option params [String, nil] :cas_service_validate_url (:cas_server + '/serviceValidate') the
|
|
19
|
-
# URL to use for validating service tickets; optional if
|
|
19
|
+
# URL to use for validating service tickets; optional if `:cas_server` is
|
|
20
20
|
# specified, requred otherwise.
|
|
21
21
|
def initialize(params)
|
|
22
22
|
parse_params params
|
|
@@ -26,8 +26,7 @@ module OmniAuth
|
|
|
26
26
|
#
|
|
27
27
|
# @param [String] service the service (a.k.a. return-to) URL
|
|
28
28
|
#
|
|
29
|
-
# @return [String] a URL like
|
|
30
|
-
# "http://cas.mycompany.com/login?service=..."
|
|
29
|
+
# @return [String] a URL like `http://cas.mycompany.com/login?service=...`
|
|
31
30
|
def login_url(service)
|
|
32
31
|
append_service @login_url, service
|
|
33
32
|
end
|
|
@@ -37,8 +36,7 @@ module OmniAuth
|
|
|
37
36
|
# @param [String] service the service (a.k.a. return-to) URL
|
|
38
37
|
# @param [String] ticket the ticket to validate
|
|
39
38
|
#
|
|
40
|
-
# @return [String] a URL like
|
|
41
|
-
# "http://cas.mycompany.com/serviceValidate?service=...&ticket=..."
|
|
39
|
+
# @return [String] a URL like `http://cas.mycompany.com/serviceValidate?service=...&ticket=...`
|
|
42
40
|
def service_validate_url(service, ticket)
|
|
43
41
|
url = append_service @service_validate_url, service
|
|
44
42
|
url << '&ticket=' << Rack::Utils.escape(ticket)
|
|
@@ -31,7 +31,7 @@ module OmniAuth
|
|
|
31
31
|
|
|
32
32
|
private
|
|
33
33
|
|
|
34
|
-
# turns an
|
|
34
|
+
# turns an `<cas:authenticationSuccess>` node into a Hash;
|
|
35
35
|
# returns nil if given nil
|
|
36
36
|
def parse_user_info(node)
|
|
37
37
|
return nil if node.nil?
|
|
@@ -45,8 +45,8 @@ module OmniAuth
|
|
|
45
45
|
end
|
|
46
46
|
end
|
|
47
47
|
|
|
48
|
-
# finds an
|
|
49
|
-
# a
|
|
48
|
+
# finds an `<cas:authenticationSuccess>` node in
|
|
49
|
+
# a `<cas:serviceResponse>` body if present; returns nil
|
|
50
50
|
# if the passed body is nil or if there is no such node.
|
|
51
51
|
def find_authentication_success(body)
|
|
52
52
|
return nil if body.nil? || body == ''
|
|
@@ -62,7 +62,7 @@ module OmniAuth
|
|
|
62
62
|
end
|
|
63
63
|
end
|
|
64
64
|
|
|
65
|
-
# retrieves the
|
|
65
|
+
# retrieves the `<cas:serviceResponse>` XML from the CAS server
|
|
66
66
|
def get_service_response_body
|
|
67
67
|
result = ''
|
|
68
68
|
http = Net::HTTP.new(@uri.host, @uri.port)
|
|
@@ -192,60 +192,14 @@ module OmniAuth
|
|
|
192
192
|
end
|
|
193
193
|
false
|
|
194
194
|
end
|
|
195
|
-
|
|
196
|
-
def parse_sasl_digest_md5_credential(cred)
|
|
197
|
-
params = {}
|
|
198
|
-
cred.scan(/(\w+)=(\"?)(.+?)\2(?:,|$)/) do |name, sep, value|
|
|
199
|
-
params[name] = value
|
|
200
|
-
end
|
|
201
|
-
params
|
|
202
|
-
end
|
|
203
|
-
CHARS = ("a".."z").to_a + ("A".."Z").to_a + ("0".."9").to_a
|
|
204
|
-
def generate_client_nonce(size=32)
|
|
205
|
-
nonce = ""
|
|
206
|
-
size.times do |i|
|
|
207
|
-
nonce << CHARS[rand(CHARS.size)]
|
|
208
|
-
end
|
|
209
|
-
nonce
|
|
210
|
-
end
|
|
195
|
+
|
|
211
196
|
def sasl_bind_setup_digest_md5(bind_dn, options)
|
|
212
197
|
initial_credential = ""
|
|
213
|
-
nonce_count = 1
|
|
214
198
|
challenge_response = Proc.new do |cred|
|
|
215
|
-
|
|
216
|
-
|
|
217
|
-
|
|
218
|
-
|
|
219
|
-
_("unsupported qops: %s") % qops.inspect
|
|
220
|
-
end
|
|
221
|
-
qop = "auth"
|
|
222
|
-
server = @connection.instance_variable_get("@conn").addr[2]
|
|
223
|
-
realm = params['realm']
|
|
224
|
-
uri = "ldap/#{server}"
|
|
225
|
-
nc = "%08x" % nonce_count
|
|
226
|
-
nonce = params["nonce"]
|
|
227
|
-
cnonce = generate_client_nonce
|
|
228
|
-
requests = {
|
|
229
|
-
:username => bind_dn.inspect,
|
|
230
|
-
:realm => realm.inspect,
|
|
231
|
-
:nonce => nonce.inspect,
|
|
232
|
-
:cnonce => cnonce.inspect,
|
|
233
|
-
:nc => nc,
|
|
234
|
-
:qop => qop,
|
|
235
|
-
:maxbuf => "65536",
|
|
236
|
-
"digest-uri" => uri.inspect,
|
|
237
|
-
}
|
|
238
|
-
a1 = "#{bind_dn}:#{realm}:#{options[:password]||@password}"
|
|
239
|
-
a1 = "#{Digest::MD5.digest(a1)}:#{nonce}:#{cnonce}"
|
|
240
|
-
ha1 = Digest::MD5.hexdigest(a1)
|
|
241
|
-
a2 = "AUTHENTICATE:#{uri}"
|
|
242
|
-
ha2 = Digest::MD5.hexdigest(a2)
|
|
243
|
-
response = "#{ha1}:#{nonce}:#{nc}:#{cnonce}:#{qop}:#{ha2}"
|
|
244
|
-
requests["response"] = Digest::MD5.hexdigest(response)
|
|
245
|
-
nonce_count += 1
|
|
246
|
-
requests.collect do |key, value|
|
|
247
|
-
"#{key}=#{value}"
|
|
248
|
-
end.join(",")
|
|
199
|
+
pref = SASL::Preferences.new :digest_uri => "ldap/#{@host}", :username => bind_dn, :has_password? => true, :password => options[:password]||@password
|
|
200
|
+
sasl = SASL.new("DIGEST-MD5", pref)
|
|
201
|
+
response = sasl.receive("challenge", cred)
|
|
202
|
+
response[1]
|
|
249
203
|
end
|
|
250
204
|
[initial_credential, challenge_response]
|
|
251
205
|
end
|
metadata
CHANGED
|
@@ -1,13 +1,13 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: oa-enterprise
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
hash:
|
|
4
|
+
hash: 17
|
|
5
5
|
prerelease: false
|
|
6
6
|
segments:
|
|
7
7
|
- 0
|
|
8
8
|
- 1
|
|
9
|
-
-
|
|
10
|
-
version: 0.1.
|
|
9
|
+
- 5
|
|
10
|
+
version: 0.1.5
|
|
11
11
|
platform: ruby
|
|
12
12
|
authors:
|
|
13
13
|
- James A. Rosen
|
|
@@ -16,7 +16,7 @@ autorequire:
|
|
|
16
16
|
bindir: bin
|
|
17
17
|
cert_chain: []
|
|
18
18
|
|
|
19
|
-
date: 2010-10-
|
|
19
|
+
date: 2010-10-19 00:00:00 -05:00
|
|
20
20
|
default_executable:
|
|
21
21
|
dependencies:
|
|
22
22
|
- !ruby/object:Gem::Dependency
|
|
@@ -25,12 +25,12 @@ dependencies:
|
|
|
25
25
|
requirements:
|
|
26
26
|
- - "="
|
|
27
27
|
- !ruby/object:Gem::Version
|
|
28
|
-
hash:
|
|
28
|
+
hash: 17
|
|
29
29
|
segments:
|
|
30
30
|
- 0
|
|
31
31
|
- 1
|
|
32
|
-
-
|
|
33
|
-
version: 0.1.
|
|
32
|
+
- 5
|
|
33
|
+
version: 0.1.5
|
|
34
34
|
requirement: *id001
|
|
35
35
|
name: oa-core
|
|
36
36
|
prerelease: false
|
|
@@ -85,6 +85,23 @@ dependencies:
|
|
|
85
85
|
type: :runtime
|
|
86
86
|
- !ruby/object:Gem::Dependency
|
|
87
87
|
version_requirements: &id005 !ruby/object:Gem::Requirement
|
|
88
|
+
none: false
|
|
89
|
+
requirements:
|
|
90
|
+
- - ~>
|
|
91
|
+
- !ruby/object:Gem::Version
|
|
92
|
+
hash: 65
|
|
93
|
+
segments:
|
|
94
|
+
- 0
|
|
95
|
+
- 0
|
|
96
|
+
- 3
|
|
97
|
+
- 1
|
|
98
|
+
version: 0.0.3.1
|
|
99
|
+
requirement: *id005
|
|
100
|
+
name: pyu-ruby-sasl
|
|
101
|
+
prerelease: false
|
|
102
|
+
type: :runtime
|
|
103
|
+
- !ruby/object:Gem::Dependency
|
|
104
|
+
version_requirements: &id006 !ruby/object:Gem::Requirement
|
|
88
105
|
none: false
|
|
89
106
|
requirements:
|
|
90
107
|
- - ">="
|
|
@@ -93,12 +110,12 @@ dependencies:
|
|
|
93
110
|
segments:
|
|
94
111
|
- 0
|
|
95
112
|
version: "0"
|
|
96
|
-
requirement: *
|
|
113
|
+
requirement: *id006
|
|
97
114
|
name: rake
|
|
98
115
|
prerelease: false
|
|
99
116
|
type: :development
|
|
100
117
|
- !ruby/object:Gem::Dependency
|
|
101
|
-
version_requirements: &
|
|
118
|
+
version_requirements: &id007 !ruby/object:Gem::Requirement
|
|
102
119
|
none: false
|
|
103
120
|
requirements:
|
|
104
121
|
- - ~>
|
|
@@ -109,12 +126,12 @@ dependencies:
|
|
|
109
126
|
- 0
|
|
110
127
|
- 8
|
|
111
128
|
version: 0.0.8
|
|
112
|
-
requirement: *
|
|
129
|
+
requirement: *id007
|
|
113
130
|
name: mg
|
|
114
131
|
prerelease: false
|
|
115
132
|
type: :development
|
|
116
133
|
- !ruby/object:Gem::Dependency
|
|
117
|
-
version_requirements: &
|
|
134
|
+
version_requirements: &id008 !ruby/object:Gem::Requirement
|
|
118
135
|
none: false
|
|
119
136
|
requirements:
|
|
120
137
|
- - ~>
|
|
@@ -125,12 +142,12 @@ dependencies:
|
|
|
125
142
|
- 3
|
|
126
143
|
- 0
|
|
127
144
|
version: 1.3.0
|
|
128
|
-
requirement: *
|
|
145
|
+
requirement: *id008
|
|
129
146
|
name: rspec
|
|
130
147
|
prerelease: false
|
|
131
148
|
type: :development
|
|
132
149
|
- !ruby/object:Gem::Dependency
|
|
133
|
-
version_requirements: &
|
|
150
|
+
version_requirements: &id009 !ruby/object:Gem::Requirement
|
|
134
151
|
none: false
|
|
135
152
|
requirements:
|
|
136
153
|
- - ~>
|
|
@@ -141,12 +158,12 @@ dependencies:
|
|
|
141
158
|
- 3
|
|
142
159
|
- 4
|
|
143
160
|
version: 1.3.4
|
|
144
|
-
requirement: *
|
|
161
|
+
requirement: *id009
|
|
145
162
|
name: webmock
|
|
146
163
|
prerelease: false
|
|
147
164
|
type: :development
|
|
148
165
|
- !ruby/object:Gem::Dependency
|
|
149
|
-
version_requirements: &
|
|
166
|
+
version_requirements: &id010 !ruby/object:Gem::Requirement
|
|
150
167
|
none: false
|
|
151
168
|
requirements:
|
|
152
169
|
- - ~>
|
|
@@ -157,12 +174,12 @@ dependencies:
|
|
|
157
174
|
- 5
|
|
158
175
|
- 4
|
|
159
176
|
version: 0.5.4
|
|
160
|
-
requirement: *
|
|
177
|
+
requirement: *id010
|
|
161
178
|
name: rack-test
|
|
162
179
|
prerelease: false
|
|
163
180
|
type: :development
|
|
164
181
|
- !ruby/object:Gem::Dependency
|
|
165
|
-
version_requirements: &
|
|
182
|
+
version_requirements: &id011 !ruby/object:Gem::Requirement
|
|
166
183
|
none: false
|
|
167
184
|
requirements:
|
|
168
185
|
- - ~>
|
|
@@ -173,7 +190,7 @@ dependencies:
|
|
|
173
190
|
- 4
|
|
174
191
|
- 3
|
|
175
192
|
version: 1.4.3
|
|
176
|
-
requirement: *
|
|
193
|
+
requirement: *id011
|
|
177
194
|
name: json
|
|
178
195
|
prerelease: false
|
|
179
196
|
type: :development
|