omniauth-shibboleth 1.2.1 → 1.3.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA1:
3
- metadata.gz: 522260d787eef76c5a8ff86890b001ecf2f6b524
4
- data.tar.gz: e118c60297ee37d49f279a2836f54a94933143b5
3
+ metadata.gz: 3b94f789defd2f727c3a4c0bc8b33c7dbe60141e
4
+ data.tar.gz: '09471585f454310be592a3b9cca10bbc32b391d6'
5
5
  SHA512:
6
- metadata.gz: c143be18e00484f679d4e08c4cd56eeb2c58ea8d5651634a8e35159bb4b9aa03836aa83e906a338d1e458132397b88dc465a9dd07a47fe516e4f828500e5f083
7
- data.tar.gz: a136b0b97c1299535f9d06bf96bb27869f96fd35b5d5ab7318b304e3c9b44c11ee3948a5b43b67de13e2926c1adfa625d136fecc179e31a0a10c7876a4f05653
6
+ metadata.gz: 342c129d04c0b59720472cf7851a6e5e48b0ce5eade269978316d28c8be257ca9bc5b424dc0008c248b7895582ea456d10504c74ee28ce094454d626e590779d
7
+ data.tar.gz: e3fc73b3e1767eb962b590a4e5721364cb9a7db941f40e32e763efe2b75641ae363e64dec970284fe2ae800dc3a45d928652191f28a8a69083cac50cf35553ba
data/README.md CHANGED
@@ -167,6 +167,48 @@ When you deploy a new application, you may want to confirm the assumed attribute
167
167
  provider :shibboleth, { :debug => true }
168
168
  end
169
169
 
170
+ ### :multi_values option
171
+
172
+ If your application want to receive multiple values as one attribute, Shibboleth passes them as follows:
173
+
174
+ user2@example2.com;user1@example1.com;user3@example3.com
175
+
176
+ If your application only wants the first entry sorted by alphabetical order, you can use flexible attribute configuration as follows (since semicolons in attribute values are escaped with a backslash, escaped semicolons are skiped for splitting):
177
+
178
+ % vi config/initializer/omniauth.rb
179
+ Rails.application.config.middleware.use OmniAuth::Builder do
180
+ provider :shibboleth, {
181
+ :info_fields => {
182
+ :email => lambda {|request_param| request_param.call('email').split(/(?<!\\);/).sort[0]}
183
+ }
184
+ }
185
+ end
186
+
187
+ However, if you use device to integrate omniauth, lambda function cannot be used. In such a situation, if you still think that attribute conversions in the middleware is required, you can use :multi_values option.
188
+
189
+ - **:raw** (default) Raw multiple values are passed to the application.
190
+ - **:first** The first entry of multiple values is passed to the application.
191
+ - **lambda function** The other descriptions are regarded as lambda function written in String form. The string will be evaluated as Ruby code and used for processing multiple values in the attribute.
192
+
193
+ If you specify :first, you can obtain `user2@example.com` in the above example.
194
+
195
+ % vi config/initializer/omniauth.rb
196
+ Rails.application.config.middleware.use OmniAuth::Builder do
197
+ provider :shibboleth, {
198
+ :multi_values => :first
199
+ }
200
+ end
201
+
202
+ If you need the first attribute in alphabetical order, you can specify lambda function in String form as follows:
203
+
204
+ % vi config/initializer/omniauth.rb
205
+ Rails.application.config.middleware.use OmniAuth::Builder do
206
+ provider :shibboleth, {
207
+ :multi_values => 'lambda {|param_value| param_value.nil? ? nil : param_value.split(/(?<!\\\\);/).sort[0]}'
208
+ }
209
+ end
210
+
211
+
170
212
  ## License (MIT License)
171
213
 
172
214
  omniauth-shibboleth is released under the MIT license.
data/Rakefile CHANGED
@@ -1,7 +1,5 @@
1
1
  require 'bundler'
2
2
  Bundler::GemHelper.install_tasks
3
- require 'rspec/core/rake_task'
4
- RSpec::Core::RakeTask.new(:spec)
3
+ require "rspec/core/rake_task"
4
+ RSpec::Core::RakeTask.new("spec")
5
5
  task :default => :spec
6
- task :test => :spec
7
-
@@ -1,5 +1,5 @@
1
1
  module OmniAuth
2
2
  module Shibboleth
3
- VERSION = "1.2.1"
3
+ VERSION = "1.3.0"
4
4
  end
5
5
  end
@@ -12,6 +12,7 @@ module OmniAuth
12
12
  option :debug, false
13
13
  option :fail_with_empty_uid, false
14
14
  option :request_type, :env
15
+ option :multi_values, :raw
15
16
 
16
17
  def request_phase
17
18
  [
@@ -25,7 +26,7 @@ module OmniAuth
25
26
  end
26
27
 
27
28
  def request_params
28
- case options[:request_type]
29
+ case options.request_type
29
30
  when :env, 'env', :header, 'header'
30
31
  request.env
31
32
  when :params, 'params'
@@ -34,18 +35,32 @@ module OmniAuth
34
35
  end
35
36
 
36
37
  def request_param(key)
37
- case options[:request_type]
38
- when :env, 'env'
39
- request.env[key]
40
- when :header, 'header'
41
- request.env["HTTP_#{key.upcase.gsub('-', '_')}"]
42
- when :params, 'params'
43
- request.params[key]
38
+ multi_value_handler(
39
+ case options.request_type
40
+ when :env, 'env'
41
+ request.env[key]
42
+ when :header, 'header'
43
+ request.env["HTTP_#{key.upcase.gsub('-', '_')}"]
44
+ when :params, 'params'
45
+ request.params[key]
46
+ end
47
+ )
48
+ end
49
+
50
+ def multi_value_handler(param_value)
51
+ case options.multi_values
52
+ when :raw, 'raw'
53
+ param_value
54
+ when :first, 'first'
55
+ return nil if param_value.nil?
56
+ param_value.split(/(?<!\\);/).first.gsub('\\;', ';')
57
+ else
58
+ eval(options.multi_values).call(param_value)
44
59
  end
45
60
  end
46
61
 
47
62
  def callback_phase
48
- if options[:debug]
63
+ if options.debug
49
64
  # dump attributes
50
65
  return [
51
66
  200,
@@ -56,7 +71,7 @@ module OmniAuth
56
71
  ]
57
72
  end
58
73
  return fail!(:no_shibboleth_session) unless (request_param(options.shib_session_id_field.to_s) || request_param(options.shib_application_id_field.to_s))
59
- return fail!(:empty_uid) if options[:fail_with_empty_uid] && option_handler(options.uid_field).empty?
74
+ return fail!(:empty_uid) if options.fail_with_empty_uid && option_handler(options.uid_field).empty?
60
75
  super
61
76
  end
62
77
 
@@ -0,0 +1,7 @@
1
+ require 'spec_helper'
2
+
3
+ describe 'app_spec' do
4
+ it {
5
+ expect(1).to eq(1)
6
+ }
7
+ end
@@ -64,7 +64,7 @@ describe OmniAuth::Strategies::Shibboleth do
64
64
  @eppn = 'test@example.com'
65
65
  @display_name = 'Test User'
66
66
  env = make_env('/auth/shibboleth/callback', 'Shib-Session-ID' => @dummy_id, 'eppn' => @eppn, 'displayName' => @display_name)
67
- response = strategy.call!(env)
67
+ strategy.call!(env)
68
68
  expect(strategy.env['omniauth.auth']['uid']).to eq(@eppn)
69
69
  expect(strategy.env['omniauth.auth']['info']['name']).to eq(@display_name)
70
70
  end
@@ -88,7 +88,7 @@ describe OmniAuth::Strategies::Shibboleth do
88
88
  @organization = 'Test Corporation'
89
89
  @affiliation = 'faculty'
90
90
  env = make_env('/auth/shibboleth/callback', 'Shib-Session-ID' => @dummy_id, 'uid' => @uid, 'sn' => @sn, 'o' => @organization, 'affiliation' => @affiliation)
91
- response = strategy.call!(env)
91
+ strategy.call!(env)
92
92
  expect(strategy.env['omniauth.auth']['uid']).to eq(@uid)
93
93
  expect(strategy.env['omniauth.auth']['extra']['raw_info']['o']).to eq(@organization)
94
94
  expect(strategy.env['omniauth.auth']['extra']['raw_info']['affiliation']).to eq(@affiliation)
@@ -96,7 +96,7 @@ describe OmniAuth::Strategies::Shibboleth do
96
96
  end
97
97
 
98
98
  context 'with debug options' do
99
- let(:options){ { :debug => true} }
99
+ let(:options) { { :debug => true } }
100
100
  let(:app){ lambda{|env| [404, {}, ['Not Found']]}}
101
101
  let(:strategy){ OmniAuth::Strategies::Shibboleth.new(app, options) }
102
102
 
@@ -129,14 +129,14 @@ describe OmniAuth::Strategies::Shibboleth do
129
129
  @organization = 'Test Corporation'
130
130
  @affiliation = 'faculty'
131
131
  env = make_env('/auth/shibboleth/callback', 'HTTP_SHIB_SESSION_ID' => @dummy_id, 'HTTP_DISPLAYNAME' => @display_name, 'HTTP_UID' => @uid, 'HTTP_O' => @organization, 'HTTP_AFFILIATION' => @affiliation)
132
- response = strategy.call!(env)
132
+ strategy.call!(env)
133
133
  expect(strategy.env['omniauth.auth']['uid']).to eq(@uid)
134
134
  expect(strategy.env['omniauth.auth']['info']['name']).to eq(@display_name)
135
135
  expect(strategy.env['omniauth.auth']['extra']['raw_info']['o']).to eq(@organization)
136
136
  expect(strategy.env['omniauth.auth']['extra']['raw_info']['affiliation']).to eq(@affiliation)
137
137
  end
138
138
  end
139
-
139
+
140
140
  context "with request_type = 'header'" do
141
141
  let(:options){ {
142
142
  :request_type => 'header',
@@ -156,7 +156,7 @@ describe OmniAuth::Strategies::Shibboleth do
156
156
  @organization = 'Test Corporation'
157
157
  @affiliation = 'faculty'
158
158
  env = make_env('/auth/shibboleth/callback', 'HTTP_SHIB_SESSION_ID' => @dummy_id, 'HTTP_DISPLAYNAME' => @display_name, 'HTTP_UID' => @uid, 'HTTP_O' => @organization, 'HTTP_AFFILIATION' => @affiliation)
159
- response = strategy.call!(env)
159
+ strategy.call!(env)
160
160
  expect(strategy.env['omniauth.auth']['uid']).to eq(@uid)
161
161
  expect(strategy.env['omniauth.auth']['info']['name']).to eq(@display_name)
162
162
  expect(strategy.env['omniauth.auth']['extra']['raw_info']['o']).to eq(@organization)
@@ -183,7 +183,7 @@ describe OmniAuth::Strategies::Shibboleth do
183
183
  @organization = 'Test Corporation'
184
184
  @affiliation = 'faculty'
185
185
  env = make_env('/auth/shibboleth/callback', 'QUERY_STRING' => "Shib-Session-ID=#{@dummy_id}&uid=#{@uid}&displayName=#{@display_name}&o=#{@organization}&affiliation=#{@affiliation}")
186
- response = strategy.call!(env)
186
+ strategy.call!(env)
187
187
  expect(strategy.env['omniauth.auth']['uid']).to eq(@uid)
188
188
  expect(strategy.env['omniauth.auth']['info']['name']).to eq(@display_name)
189
189
  expect(strategy.env['omniauth.auth']['extra']['raw_info']['o']).to eq(@organization)
@@ -213,7 +213,7 @@ describe OmniAuth::Strategies::Shibboleth do
213
213
  @organization = 'Test Corporation'
214
214
  @affiliation = 'faculty'
215
215
  env = make_env('/auth/shibboleth/callback', 'Shib-Session-ID' => @dummy_id, 'uid' => @uid, 'eppn' => @eppn, 'cn' => @cn, 'sn' => @sn, 'o' => @organization, 'affiliation' => @affiliation)
216
- response = strategy.call!(env)
216
+ strategy.call!(env)
217
217
  expect(strategy.env['omniauth.auth']['uid']).to eq(@eppn)
218
218
  expect(strategy.env['omniauth.auth']['info']['name']).to eq("#{@cn} #{@sn}")
219
219
  expect(strategy.env['omniauth.auth']['info']['affiliation']).to eq("#{@affiliation}@my.localdomain")
@@ -232,7 +232,7 @@ describe OmniAuth::Strategies::Shibboleth do
232
232
  @organization = 'Test Corporation'
233
233
  @affiliation = 'faculty'
234
234
  env = make_env('/auth/shibboleth/callback', 'Shib-Session-ID' => @dummy_id, 'uid' => @uid, 'mail' => @mail, 'cn' => @cn, 'sn' => @sn, 'o' => @organization, 'affiliation' => @affiliation)
235
- response = strategy.call!(env)
235
+ strategy.call!(env)
236
236
  expect(strategy.env['omniauth.auth']['uid']).to eq(@mail)
237
237
  expect(strategy.env['omniauth.auth']['info']['name']).to eq("#{@cn} #{@sn}")
238
238
  expect(strategy.env['omniauth.auth']['info']['affiliation']).to eq("#{@affiliation}@my.localdomain")
@@ -256,7 +256,7 @@ describe OmniAuth::Strategies::Shibboleth do
256
256
  @display_name = 'Test User'
257
257
  @uid = ''
258
258
  env = make_env('/auth/shibboleth/callback', 'Shib-Session-ID' => @dummy_id, 'uid' => @uid, 'displayName' => @display_name)
259
- response = strategy.call!(env)
259
+ strategy.call!(env)
260
260
  expect(strategy.env['omniauth.auth']['uid']).to eq(@uid)
261
261
  end
262
262
  end
@@ -283,5 +283,79 @@ describe OmniAuth::Strategies::Shibboleth do
283
283
  expect(response[1]["Location"]).to eq(empty_uid_failure_path)
284
284
  end
285
285
  end
286
+
287
+ context 'with :multi_values => :raw' do
288
+ let(:options){ {
289
+ :request_type => :env,
290
+ :shib_session_id_field => 'Shib-Session-ID',
291
+ :shib_application_id_field => 'Shib-Application-ID',
292
+ :uid_field => :uid,
293
+ :name_field => :displayName,
294
+ :info_fields => {:email => "mail"} } }
295
+ let(:app){ lambda{|env| [200, {}, ['OK']]}}
296
+ let(:strategy){ OmniAuth::Strategies::Shibboleth.new(app, options) }
297
+
298
+ it 'is expected to return the raw value' do
299
+ @dummy_id = 'abcdefg'
300
+ @display_name = 'Test User'
301
+ @uid = 'test'
302
+ @mail = 'test2\;hoge@example.com;test1\;hoge@example.com;test3\;hoge@example.com'
303
+ env = make_env('/auth/shibboleth/callback', 'Shib-Session-ID' => @dummy_id, 'uid' => @uid, 'displayName' => @display_name, 'mail' => @mail)
304
+ strategy.call!(env)
305
+ expect(strategy.env['omniauth.auth']['uid']).to eq(@uid)
306
+ expect(strategy.env['omniauth.auth']['info']['name']).to eq(@display_name)
307
+ expect(strategy.env['omniauth.auth']['info']['email']).to eq(@mail)
308
+ end
309
+ end
310
+
311
+ context 'with :multi_values => :first' do
312
+ let(:options){ {
313
+ :multi_values => :first,
314
+ :request_type => :env,
315
+ :shib_session_id_field => 'Shib-Session-ID',
316
+ :shib_application_id_field => 'Shib-Application-ID',
317
+ :uid_field => :uid,
318
+ :name_field => :displayName,
319
+ :info_fields => {:email => "mail"} } }
320
+ let(:app){ lambda{|env| [200, {}, ['OK']]}}
321
+ let(:strategy){ OmniAuth::Strategies::Shibboleth.new(app, options) }
322
+
323
+ it 'is expected return the first value by specifying :first' do
324
+ @dummy_id = 'abcdefg'
325
+ @display_name = 'Test User'
326
+ @uid = 'test'
327
+ @mail = 'test2\;hoge@example.com;test1\;hoge@example.com;test3\;hoge@example.com'
328
+ env = make_env('/auth/shibboleth/callback', 'Shib-Session-ID' => @dummy_id, 'uid' => @uid, 'displayName' => @display_name, 'mail' => @mail)
329
+ strategy.call!(env)
330
+ expect(strategy.env['omniauth.auth']['uid']).to eq(@uid)
331
+ expect(strategy.env['omniauth.auth']['info']['name']).to eq(@display_name)
332
+ expect(strategy.env['omniauth.auth']['info']['email']).to eq('test2;hoge@example.com')
333
+ end
334
+ end
335
+
336
+ context 'with :multi_values => lambda function' do
337
+ let(:options){ {
338
+ :multi_values => "lambda {|param_value| param_value.nil? ? nil : param_value.split(/(?<!\\\\);/).sort[0].gsub('\\;',';')}",
339
+ :request_type => :env,
340
+ :shib_session_id_field => 'Shib-Session-ID',
341
+ :shib_application_id_field => 'Shib-Application-ID',
342
+ :uid_field => :uid,
343
+ :name_field => :displayName,
344
+ :info_fields => {:email => "mail"} } }
345
+ let(:app){ lambda{|env| [200, {}, ['OK']]}}
346
+ let(:strategy){ OmniAuth::Strategies::Shibboleth.new(app, options) }
347
+ it 'is expected return the processed value by specifying lambda function' do
348
+ @dummy_id = 'abcdefg'
349
+ @display_name = 'Test User'
350
+ @uid = 'test'
351
+ @mail = 'test2\;hoge@example.com;test1\;hoge@example.com;test3\;hoge@example.com'
352
+ env = make_env('/auth/shibboleth/callback', 'Shib-Session-ID' => @dummy_id, 'uid' => @uid, 'displayName' => @display_name, 'mail' => @mail)
353
+ strategy.call!(env)
354
+ expect(strategy.env['omniauth.auth']['uid']).to eq(@uid)
355
+ expect(strategy.env['omniauth.auth']['info']['name']).to eq(@display_name)
356
+ expect(strategy.env['omniauth.auth']['info']['email']).to eq('test1;hoge@example.com')
357
+ end
358
+ end
359
+
286
360
  end
287
361
  end
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: omniauth-shibboleth
3
3
  version: !ruby/object:Gem::Version
4
- version: 1.2.1
4
+ version: 1.3.0
5
5
  platform: ruby
6
6
  authors:
7
7
  - Toyokazu Akiyama
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2015-06-22 00:00:00.000000000 Z
11
+ date: 2017-08-28 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: omniauth
@@ -81,6 +81,7 @@ files:
81
81
  - lib/omniauth-shibboleth/version.rb
82
82
  - lib/omniauth/strategies/shibboleth.rb
83
83
  - omniauth-shibboleth.gemspec
84
+ - spec/app_spec.rb
84
85
  - spec/omniauth/strategies/shibboleth_spec.rb
85
86
  - spec/spec_helper.rb
86
87
  homepage: ''
@@ -103,10 +104,11 @@ required_rubygems_version: !ruby/object:Gem::Requirement
103
104
  version: '0'
104
105
  requirements: []
105
106
  rubyforge_project:
106
- rubygems_version: 2.4.5
107
+ rubygems_version: 2.6.8
107
108
  signing_key:
108
109
  specification_version: 4
109
110
  summary: OmniAuth Shibboleth strategies for OmniAuth 1.x
110
111
  test_files:
112
+ - spec/app_spec.rb
111
113
  - spec/omniauth/strategies/shibboleth_spec.rb
112
114
  - spec/spec_helper.rb