omniauth-shibboleth 1.2.1 → 1.3.0

Sign up to get free protection for your applications and to get access to all the features.
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA1:
3
- metadata.gz: 522260d787eef76c5a8ff86890b001ecf2f6b524
4
- data.tar.gz: e118c60297ee37d49f279a2836f54a94933143b5
3
+ metadata.gz: 3b94f789defd2f727c3a4c0bc8b33c7dbe60141e
4
+ data.tar.gz: '09471585f454310be592a3b9cca10bbc32b391d6'
5
5
  SHA512:
6
- metadata.gz: c143be18e00484f679d4e08c4cd56eeb2c58ea8d5651634a8e35159bb4b9aa03836aa83e906a338d1e458132397b88dc465a9dd07a47fe516e4f828500e5f083
7
- data.tar.gz: a136b0b97c1299535f9d06bf96bb27869f96fd35b5d5ab7318b304e3c9b44c11ee3948a5b43b67de13e2926c1adfa625d136fecc179e31a0a10c7876a4f05653
6
+ metadata.gz: 342c129d04c0b59720472cf7851a6e5e48b0ce5eade269978316d28c8be257ca9bc5b424dc0008c248b7895582ea456d10504c74ee28ce094454d626e590779d
7
+ data.tar.gz: e3fc73b3e1767eb962b590a4e5721364cb9a7db941f40e32e763efe2b75641ae363e64dec970284fe2ae800dc3a45d928652191f28a8a69083cac50cf35553ba
data/README.md CHANGED
@@ -167,6 +167,48 @@ When you deploy a new application, you may want to confirm the assumed attribute
167
167
  provider :shibboleth, { :debug => true }
168
168
  end
169
169
 
170
+ ### :multi_values option
171
+
172
+ If your application want to receive multiple values as one attribute, Shibboleth passes them as follows:
173
+
174
+ user2@example2.com;user1@example1.com;user3@example3.com
175
+
176
+ If your application only wants the first entry sorted by alphabetical order, you can use flexible attribute configuration as follows (since semicolons in attribute values are escaped with a backslash, escaped semicolons are skiped for splitting):
177
+
178
+ % vi config/initializer/omniauth.rb
179
+ Rails.application.config.middleware.use OmniAuth::Builder do
180
+ provider :shibboleth, {
181
+ :info_fields => {
182
+ :email => lambda {|request_param| request_param.call('email').split(/(?<!\\);/).sort[0]}
183
+ }
184
+ }
185
+ end
186
+
187
+ However, if you use device to integrate omniauth, lambda function cannot be used. In such a situation, if you still think that attribute conversions in the middleware is required, you can use :multi_values option.
188
+
189
+ - **:raw** (default) Raw multiple values are passed to the application.
190
+ - **:first** The first entry of multiple values is passed to the application.
191
+ - **lambda function** The other descriptions are regarded as lambda function written in String form. The string will be evaluated as Ruby code and used for processing multiple values in the attribute.
192
+
193
+ If you specify :first, you can obtain `user2@example.com` in the above example.
194
+
195
+ % vi config/initializer/omniauth.rb
196
+ Rails.application.config.middleware.use OmniAuth::Builder do
197
+ provider :shibboleth, {
198
+ :multi_values => :first
199
+ }
200
+ end
201
+
202
+ If you need the first attribute in alphabetical order, you can specify lambda function in String form as follows:
203
+
204
+ % vi config/initializer/omniauth.rb
205
+ Rails.application.config.middleware.use OmniAuth::Builder do
206
+ provider :shibboleth, {
207
+ :multi_values => 'lambda {|param_value| param_value.nil? ? nil : param_value.split(/(?<!\\\\);/).sort[0]}'
208
+ }
209
+ end
210
+
211
+
170
212
  ## License (MIT License)
171
213
 
172
214
  omniauth-shibboleth is released under the MIT license.
data/Rakefile CHANGED
@@ -1,7 +1,5 @@
1
1
  require 'bundler'
2
2
  Bundler::GemHelper.install_tasks
3
- require 'rspec/core/rake_task'
4
- RSpec::Core::RakeTask.new(:spec)
3
+ require "rspec/core/rake_task"
4
+ RSpec::Core::RakeTask.new("spec")
5
5
  task :default => :spec
6
- task :test => :spec
7
-
@@ -1,5 +1,5 @@
1
1
  module OmniAuth
2
2
  module Shibboleth
3
- VERSION = "1.2.1"
3
+ VERSION = "1.3.0"
4
4
  end
5
5
  end
@@ -12,6 +12,7 @@ module OmniAuth
12
12
  option :debug, false
13
13
  option :fail_with_empty_uid, false
14
14
  option :request_type, :env
15
+ option :multi_values, :raw
15
16
 
16
17
  def request_phase
17
18
  [
@@ -25,7 +26,7 @@ module OmniAuth
25
26
  end
26
27
 
27
28
  def request_params
28
- case options[:request_type]
29
+ case options.request_type
29
30
  when :env, 'env', :header, 'header'
30
31
  request.env
31
32
  when :params, 'params'
@@ -34,18 +35,32 @@ module OmniAuth
34
35
  end
35
36
 
36
37
  def request_param(key)
37
- case options[:request_type]
38
- when :env, 'env'
39
- request.env[key]
40
- when :header, 'header'
41
- request.env["HTTP_#{key.upcase.gsub('-', '_')}"]
42
- when :params, 'params'
43
- request.params[key]
38
+ multi_value_handler(
39
+ case options.request_type
40
+ when :env, 'env'
41
+ request.env[key]
42
+ when :header, 'header'
43
+ request.env["HTTP_#{key.upcase.gsub('-', '_')}"]
44
+ when :params, 'params'
45
+ request.params[key]
46
+ end
47
+ )
48
+ end
49
+
50
+ def multi_value_handler(param_value)
51
+ case options.multi_values
52
+ when :raw, 'raw'
53
+ param_value
54
+ when :first, 'first'
55
+ return nil if param_value.nil?
56
+ param_value.split(/(?<!\\);/).first.gsub('\\;', ';')
57
+ else
58
+ eval(options.multi_values).call(param_value)
44
59
  end
45
60
  end
46
61
 
47
62
  def callback_phase
48
- if options[:debug]
63
+ if options.debug
49
64
  # dump attributes
50
65
  return [
51
66
  200,
@@ -56,7 +71,7 @@ module OmniAuth
56
71
  ]
57
72
  end
58
73
  return fail!(:no_shibboleth_session) unless (request_param(options.shib_session_id_field.to_s) || request_param(options.shib_application_id_field.to_s))
59
- return fail!(:empty_uid) if options[:fail_with_empty_uid] && option_handler(options.uid_field).empty?
74
+ return fail!(:empty_uid) if options.fail_with_empty_uid && option_handler(options.uid_field).empty?
60
75
  super
61
76
  end
62
77
 
@@ -0,0 +1,7 @@
1
+ require 'spec_helper'
2
+
3
+ describe 'app_spec' do
4
+ it {
5
+ expect(1).to eq(1)
6
+ }
7
+ end
@@ -64,7 +64,7 @@ describe OmniAuth::Strategies::Shibboleth do
64
64
  @eppn = 'test@example.com'
65
65
  @display_name = 'Test User'
66
66
  env = make_env('/auth/shibboleth/callback', 'Shib-Session-ID' => @dummy_id, 'eppn' => @eppn, 'displayName' => @display_name)
67
- response = strategy.call!(env)
67
+ strategy.call!(env)
68
68
  expect(strategy.env['omniauth.auth']['uid']).to eq(@eppn)
69
69
  expect(strategy.env['omniauth.auth']['info']['name']).to eq(@display_name)
70
70
  end
@@ -88,7 +88,7 @@ describe OmniAuth::Strategies::Shibboleth do
88
88
  @organization = 'Test Corporation'
89
89
  @affiliation = 'faculty'
90
90
  env = make_env('/auth/shibboleth/callback', 'Shib-Session-ID' => @dummy_id, 'uid' => @uid, 'sn' => @sn, 'o' => @organization, 'affiliation' => @affiliation)
91
- response = strategy.call!(env)
91
+ strategy.call!(env)
92
92
  expect(strategy.env['omniauth.auth']['uid']).to eq(@uid)
93
93
  expect(strategy.env['omniauth.auth']['extra']['raw_info']['o']).to eq(@organization)
94
94
  expect(strategy.env['omniauth.auth']['extra']['raw_info']['affiliation']).to eq(@affiliation)
@@ -96,7 +96,7 @@ describe OmniAuth::Strategies::Shibboleth do
96
96
  end
97
97
 
98
98
  context 'with debug options' do
99
- let(:options){ { :debug => true} }
99
+ let(:options) { { :debug => true } }
100
100
  let(:app){ lambda{|env| [404, {}, ['Not Found']]}}
101
101
  let(:strategy){ OmniAuth::Strategies::Shibboleth.new(app, options) }
102
102
 
@@ -129,14 +129,14 @@ describe OmniAuth::Strategies::Shibboleth do
129
129
  @organization = 'Test Corporation'
130
130
  @affiliation = 'faculty'
131
131
  env = make_env('/auth/shibboleth/callback', 'HTTP_SHIB_SESSION_ID' => @dummy_id, 'HTTP_DISPLAYNAME' => @display_name, 'HTTP_UID' => @uid, 'HTTP_O' => @organization, 'HTTP_AFFILIATION' => @affiliation)
132
- response = strategy.call!(env)
132
+ strategy.call!(env)
133
133
  expect(strategy.env['omniauth.auth']['uid']).to eq(@uid)
134
134
  expect(strategy.env['omniauth.auth']['info']['name']).to eq(@display_name)
135
135
  expect(strategy.env['omniauth.auth']['extra']['raw_info']['o']).to eq(@organization)
136
136
  expect(strategy.env['omniauth.auth']['extra']['raw_info']['affiliation']).to eq(@affiliation)
137
137
  end
138
138
  end
139
-
139
+
140
140
  context "with request_type = 'header'" do
141
141
  let(:options){ {
142
142
  :request_type => 'header',
@@ -156,7 +156,7 @@ describe OmniAuth::Strategies::Shibboleth do
156
156
  @organization = 'Test Corporation'
157
157
  @affiliation = 'faculty'
158
158
  env = make_env('/auth/shibboleth/callback', 'HTTP_SHIB_SESSION_ID' => @dummy_id, 'HTTP_DISPLAYNAME' => @display_name, 'HTTP_UID' => @uid, 'HTTP_O' => @organization, 'HTTP_AFFILIATION' => @affiliation)
159
- response = strategy.call!(env)
159
+ strategy.call!(env)
160
160
  expect(strategy.env['omniauth.auth']['uid']).to eq(@uid)
161
161
  expect(strategy.env['omniauth.auth']['info']['name']).to eq(@display_name)
162
162
  expect(strategy.env['omniauth.auth']['extra']['raw_info']['o']).to eq(@organization)
@@ -183,7 +183,7 @@ describe OmniAuth::Strategies::Shibboleth do
183
183
  @organization = 'Test Corporation'
184
184
  @affiliation = 'faculty'
185
185
  env = make_env('/auth/shibboleth/callback', 'QUERY_STRING' => "Shib-Session-ID=#{@dummy_id}&uid=#{@uid}&displayName=#{@display_name}&o=#{@organization}&affiliation=#{@affiliation}")
186
- response = strategy.call!(env)
186
+ strategy.call!(env)
187
187
  expect(strategy.env['omniauth.auth']['uid']).to eq(@uid)
188
188
  expect(strategy.env['omniauth.auth']['info']['name']).to eq(@display_name)
189
189
  expect(strategy.env['omniauth.auth']['extra']['raw_info']['o']).to eq(@organization)
@@ -213,7 +213,7 @@ describe OmniAuth::Strategies::Shibboleth do
213
213
  @organization = 'Test Corporation'
214
214
  @affiliation = 'faculty'
215
215
  env = make_env('/auth/shibboleth/callback', 'Shib-Session-ID' => @dummy_id, 'uid' => @uid, 'eppn' => @eppn, 'cn' => @cn, 'sn' => @sn, 'o' => @organization, 'affiliation' => @affiliation)
216
- response = strategy.call!(env)
216
+ strategy.call!(env)
217
217
  expect(strategy.env['omniauth.auth']['uid']).to eq(@eppn)
218
218
  expect(strategy.env['omniauth.auth']['info']['name']).to eq("#{@cn} #{@sn}")
219
219
  expect(strategy.env['omniauth.auth']['info']['affiliation']).to eq("#{@affiliation}@my.localdomain")
@@ -232,7 +232,7 @@ describe OmniAuth::Strategies::Shibboleth do
232
232
  @organization = 'Test Corporation'
233
233
  @affiliation = 'faculty'
234
234
  env = make_env('/auth/shibboleth/callback', 'Shib-Session-ID' => @dummy_id, 'uid' => @uid, 'mail' => @mail, 'cn' => @cn, 'sn' => @sn, 'o' => @organization, 'affiliation' => @affiliation)
235
- response = strategy.call!(env)
235
+ strategy.call!(env)
236
236
  expect(strategy.env['omniauth.auth']['uid']).to eq(@mail)
237
237
  expect(strategy.env['omniauth.auth']['info']['name']).to eq("#{@cn} #{@sn}")
238
238
  expect(strategy.env['omniauth.auth']['info']['affiliation']).to eq("#{@affiliation}@my.localdomain")
@@ -256,7 +256,7 @@ describe OmniAuth::Strategies::Shibboleth do
256
256
  @display_name = 'Test User'
257
257
  @uid = ''
258
258
  env = make_env('/auth/shibboleth/callback', 'Shib-Session-ID' => @dummy_id, 'uid' => @uid, 'displayName' => @display_name)
259
- response = strategy.call!(env)
259
+ strategy.call!(env)
260
260
  expect(strategy.env['omniauth.auth']['uid']).to eq(@uid)
261
261
  end
262
262
  end
@@ -283,5 +283,79 @@ describe OmniAuth::Strategies::Shibboleth do
283
283
  expect(response[1]["Location"]).to eq(empty_uid_failure_path)
284
284
  end
285
285
  end
286
+
287
+ context 'with :multi_values => :raw' do
288
+ let(:options){ {
289
+ :request_type => :env,
290
+ :shib_session_id_field => 'Shib-Session-ID',
291
+ :shib_application_id_field => 'Shib-Application-ID',
292
+ :uid_field => :uid,
293
+ :name_field => :displayName,
294
+ :info_fields => {:email => "mail"} } }
295
+ let(:app){ lambda{|env| [200, {}, ['OK']]}}
296
+ let(:strategy){ OmniAuth::Strategies::Shibboleth.new(app, options) }
297
+
298
+ it 'is expected to return the raw value' do
299
+ @dummy_id = 'abcdefg'
300
+ @display_name = 'Test User'
301
+ @uid = 'test'
302
+ @mail = 'test2\;hoge@example.com;test1\;hoge@example.com;test3\;hoge@example.com'
303
+ env = make_env('/auth/shibboleth/callback', 'Shib-Session-ID' => @dummy_id, 'uid' => @uid, 'displayName' => @display_name, 'mail' => @mail)
304
+ strategy.call!(env)
305
+ expect(strategy.env['omniauth.auth']['uid']).to eq(@uid)
306
+ expect(strategy.env['omniauth.auth']['info']['name']).to eq(@display_name)
307
+ expect(strategy.env['omniauth.auth']['info']['email']).to eq(@mail)
308
+ end
309
+ end
310
+
311
+ context 'with :multi_values => :first' do
312
+ let(:options){ {
313
+ :multi_values => :first,
314
+ :request_type => :env,
315
+ :shib_session_id_field => 'Shib-Session-ID',
316
+ :shib_application_id_field => 'Shib-Application-ID',
317
+ :uid_field => :uid,
318
+ :name_field => :displayName,
319
+ :info_fields => {:email => "mail"} } }
320
+ let(:app){ lambda{|env| [200, {}, ['OK']]}}
321
+ let(:strategy){ OmniAuth::Strategies::Shibboleth.new(app, options) }
322
+
323
+ it 'is expected return the first value by specifying :first' do
324
+ @dummy_id = 'abcdefg'
325
+ @display_name = 'Test User'
326
+ @uid = 'test'
327
+ @mail = 'test2\;hoge@example.com;test1\;hoge@example.com;test3\;hoge@example.com'
328
+ env = make_env('/auth/shibboleth/callback', 'Shib-Session-ID' => @dummy_id, 'uid' => @uid, 'displayName' => @display_name, 'mail' => @mail)
329
+ strategy.call!(env)
330
+ expect(strategy.env['omniauth.auth']['uid']).to eq(@uid)
331
+ expect(strategy.env['omniauth.auth']['info']['name']).to eq(@display_name)
332
+ expect(strategy.env['omniauth.auth']['info']['email']).to eq('test2;hoge@example.com')
333
+ end
334
+ end
335
+
336
+ context 'with :multi_values => lambda function' do
337
+ let(:options){ {
338
+ :multi_values => "lambda {|param_value| param_value.nil? ? nil : param_value.split(/(?<!\\\\);/).sort[0].gsub('\\;',';')}",
339
+ :request_type => :env,
340
+ :shib_session_id_field => 'Shib-Session-ID',
341
+ :shib_application_id_field => 'Shib-Application-ID',
342
+ :uid_field => :uid,
343
+ :name_field => :displayName,
344
+ :info_fields => {:email => "mail"} } }
345
+ let(:app){ lambda{|env| [200, {}, ['OK']]}}
346
+ let(:strategy){ OmniAuth::Strategies::Shibboleth.new(app, options) }
347
+ it 'is expected return the processed value by specifying lambda function' do
348
+ @dummy_id = 'abcdefg'
349
+ @display_name = 'Test User'
350
+ @uid = 'test'
351
+ @mail = 'test2\;hoge@example.com;test1\;hoge@example.com;test3\;hoge@example.com'
352
+ env = make_env('/auth/shibboleth/callback', 'Shib-Session-ID' => @dummy_id, 'uid' => @uid, 'displayName' => @display_name, 'mail' => @mail)
353
+ strategy.call!(env)
354
+ expect(strategy.env['omniauth.auth']['uid']).to eq(@uid)
355
+ expect(strategy.env['omniauth.auth']['info']['name']).to eq(@display_name)
356
+ expect(strategy.env['omniauth.auth']['info']['email']).to eq('test1;hoge@example.com')
357
+ end
358
+ end
359
+
286
360
  end
287
361
  end
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: omniauth-shibboleth
3
3
  version: !ruby/object:Gem::Version
4
- version: 1.2.1
4
+ version: 1.3.0
5
5
  platform: ruby
6
6
  authors:
7
7
  - Toyokazu Akiyama
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2015-06-22 00:00:00.000000000 Z
11
+ date: 2017-08-28 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: omniauth
@@ -81,6 +81,7 @@ files:
81
81
  - lib/omniauth-shibboleth/version.rb
82
82
  - lib/omniauth/strategies/shibboleth.rb
83
83
  - omniauth-shibboleth.gemspec
84
+ - spec/app_spec.rb
84
85
  - spec/omniauth/strategies/shibboleth_spec.rb
85
86
  - spec/spec_helper.rb
86
87
  homepage: ''
@@ -103,10 +104,11 @@ required_rubygems_version: !ruby/object:Gem::Requirement
103
104
  version: '0'
104
105
  requirements: []
105
106
  rubyforge_project:
106
- rubygems_version: 2.4.5
107
+ rubygems_version: 2.6.8
107
108
  signing_key:
108
109
  specification_version: 4
109
110
  summary: OmniAuth Shibboleth strategies for OmniAuth 1.x
110
111
  test_files:
112
+ - spec/app_spec.rb
111
113
  - spec/omniauth/strategies/shibboleth_spec.rb
112
114
  - spec/spec_helper.rb