p8-casablanca 0.0.3 → 0.0.3.1
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- data/Manifest.txt +5 -2
- data/README.txt +3 -4
- data/init.rb +1 -1
- data/lib/casablanca.rb +1 -1
- data/test/mocks.rb +63 -0
- data/test/test_helper.rb +4 -23
- data/test/test_rails_cas_proxy_callback_controller.rb +6 -0
- data/test/test_rails_filter.rb +7 -39
- metadata +5 -1
- data/lib/casablanca/filters/rails.rb +0 -88
data/Manifest.txt
CHANGED
|
@@ -1,16 +1,19 @@
|
|
|
1
1
|
History.txt
|
|
2
2
|
Manifest.txt
|
|
3
|
-
README.
|
|
3
|
+
README.txt
|
|
4
4
|
Rakefile
|
|
5
5
|
init.rb
|
|
6
6
|
bin/casablanca
|
|
7
7
|
lib/casablanca.rb
|
|
8
8
|
lib/casablanca/cli.rb
|
|
9
9
|
lib/casablanca/client.rb
|
|
10
|
-
lib/casablanca/
|
|
10
|
+
lib/casablanca/rails/filter.rb
|
|
11
|
+
lib/casablanca/rails/cas_proxy_callback_controller.rb
|
|
11
12
|
lib/casablanca/response_parsers.rb
|
|
13
|
+
test/mocks.rb
|
|
12
14
|
test/test_client.rb
|
|
13
15
|
test/test_helper.rb
|
|
14
16
|
test/test_parser.rb
|
|
15
17
|
test/test_rails_filter.rb
|
|
18
|
+
test/test_rails_cas_proxy_callback_controller.rb
|
|
16
19
|
test/test_ticket.rb
|
data/README.txt
CHANGED
|
@@ -4,20 +4,19 @@
|
|
|
4
4
|
|
|
5
5
|
== DESCRIPTION:
|
|
6
6
|
|
|
7
|
-
Casablanca is a single sign-on client for the CAS 2.0 protocol.
|
|
7
|
+
Casablanca is a ruby single sign-on client for the CAS 2.0 protocol.
|
|
8
8
|
|
|
9
9
|
== FEATURES:
|
|
10
10
|
|
|
11
11
|
* Includes a commandline Client to test getting service tickets from a CAS server
|
|
12
12
|
* It can be run as a Rails plugin.
|
|
13
|
-
* Gatewaying (permitting the user to continue without authentication).
|
|
13
|
+
* Gatewaying (permitting the user to continue without authentication) is not implemented.
|
|
14
|
+
Just skip the filter for those actions.
|
|
14
15
|
|
|
15
16
|
== TODO:
|
|
16
17
|
|
|
17
|
-
* Add extra attributes returned from the server
|
|
18
18
|
* Implement proxing
|
|
19
19
|
* Check for single signout
|
|
20
|
-
* Check for endless redirects
|
|
21
20
|
|
|
22
21
|
== SYNOPSIS:
|
|
23
22
|
|
data/init.rb
CHANGED
data/lib/casablanca.rb
CHANGED
data/test/mocks.rb
ADDED
|
@@ -0,0 +1,63 @@
|
|
|
1
|
+
|
|
2
|
+
class MockResponse < Net::HTTPResponse
|
|
3
|
+
attr_accessor :body, :code
|
|
4
|
+
def initialize(body, code=200, header={})
|
|
5
|
+
@body, @code, @header = body, code, header
|
|
6
|
+
end
|
|
7
|
+
|
|
8
|
+
def []= key, value
|
|
9
|
+
@header[key.to_sym] = value
|
|
10
|
+
end
|
|
11
|
+
|
|
12
|
+
def [] key
|
|
13
|
+
@header[key.to_sym]
|
|
14
|
+
end
|
|
15
|
+
|
|
16
|
+
def kind_of?(klass)
|
|
17
|
+
if klass == Net::HTTPSuccess
|
|
18
|
+
code.to_i == 200
|
|
19
|
+
end
|
|
20
|
+
end
|
|
21
|
+
end
|
|
22
|
+
|
|
23
|
+
module ActionController
|
|
24
|
+
class Base
|
|
25
|
+
def self.logger
|
|
26
|
+
@logger = ::Logger.new($stderr)
|
|
27
|
+
@logger.level = ::Logger::ERROR
|
|
28
|
+
@logger
|
|
29
|
+
end
|
|
30
|
+
end
|
|
31
|
+
end
|
|
32
|
+
|
|
33
|
+
class Controller < ActionController::Base
|
|
34
|
+
attr_accessor :params, :session
|
|
35
|
+
def initialize
|
|
36
|
+
@session = {}
|
|
37
|
+
end
|
|
38
|
+
|
|
39
|
+
def request
|
|
40
|
+
Request.new
|
|
41
|
+
end
|
|
42
|
+
|
|
43
|
+
def url_for(url)
|
|
44
|
+
url
|
|
45
|
+
end
|
|
46
|
+
|
|
47
|
+
def redirect_to(url)
|
|
48
|
+
end
|
|
49
|
+
|
|
50
|
+
private
|
|
51
|
+
|
|
52
|
+
def reset_session
|
|
53
|
+
@session = {}
|
|
54
|
+
end
|
|
55
|
+
end
|
|
56
|
+
|
|
57
|
+
class Request
|
|
58
|
+
def headers
|
|
59
|
+
{}
|
|
60
|
+
end
|
|
61
|
+
def post?
|
|
62
|
+
end
|
|
63
|
+
end
|
data/test/test_helper.rb
CHANGED
|
@@ -1,8 +1,10 @@
|
|
|
1
|
-
require(File.expand_path(File.join(File.dirname(__FILE__), '..', 'lib', 'casablanca.rb')))
|
|
2
|
-
require(File.expand_path(File.join(File.dirname(__FILE__), '..', 'lib', 'casablanca', 'filters', 'rails.rb')))
|
|
3
1
|
require 'test/unit'
|
|
4
2
|
require 'rubygems'
|
|
5
3
|
require 'mocha'
|
|
4
|
+
require(File.expand_path(File.join(File.dirname(__FILE__), '..', 'lib', 'casablanca.rb')))
|
|
5
|
+
require(File.expand_path(File.join(File.dirname(__FILE__), '..', 'lib', 'casablanca', 'rails', 'filter.rb')))
|
|
6
|
+
require(File.expand_path(File.join(File.dirname(__FILE__), 'mocks.rb')))
|
|
7
|
+
require(File.expand_path(File.join(File.dirname(__FILE__), '..', 'lib', 'casablanca', 'rails', 'cas_proxy_callback_controller.rb')))
|
|
6
8
|
|
|
7
9
|
# set to false if you're integration testing against a real server
|
|
8
10
|
MOCK_REQUESTS = true
|
|
@@ -31,27 +33,6 @@ class Test::Unit::TestCase
|
|
|
31
33
|
end
|
|
32
34
|
end
|
|
33
35
|
|
|
34
|
-
class MockResponse < Net::HTTPResponse
|
|
35
|
-
attr_accessor :body, :code
|
|
36
|
-
def initialize(body, code=200, header={})
|
|
37
|
-
@body, @code, @header = body, code, header
|
|
38
|
-
end
|
|
39
|
-
|
|
40
|
-
def []= key, value
|
|
41
|
-
@header[key.to_sym] = value
|
|
42
|
-
end
|
|
43
|
-
|
|
44
|
-
def [] key
|
|
45
|
-
@header[key.to_sym]
|
|
46
|
-
end
|
|
47
|
-
|
|
48
|
-
def kind_of?(klass)
|
|
49
|
-
if klass == Net::HTTPSuccess
|
|
50
|
-
code.to_i == 200
|
|
51
|
-
end
|
|
52
|
-
end
|
|
53
|
-
end
|
|
54
|
-
|
|
55
36
|
VALID_REQUEST = %(
|
|
56
37
|
<cas:serviceResponse xmlns:cas='http://www.yale.edu/tp/cas'>
|
|
57
38
|
<cas:authenticationSuccess>
|
data/test/test_rails_filter.rb
CHANGED
|
@@ -34,10 +34,12 @@ class TestRailsFilter < Test::Unit::TestCase
|
|
|
34
34
|
Casablanca::RailsFilter.config do |config|
|
|
35
35
|
config[:cas_server_url] = "http://example.com/cas_server"
|
|
36
36
|
config[:service_url] = "http://example.com/application"
|
|
37
|
+
config[:renew] = true
|
|
37
38
|
end
|
|
38
39
|
# assert_equal "http://example.com/cas_server", RailsFilter.client.cas_server_url
|
|
39
40
|
# assert_equal "http://example.com/application", RailsFilter.client.service_url
|
|
40
|
-
assert_equal 'http://example.com/cas_server/login?service=http%3A%2F%2Fexample.com%2Fapplication', RailsFilter.login_url
|
|
41
|
+
assert_equal 'http://example.com/cas_server/login?service=http%3A%2F%2Fexample.com%2Fapplication', RailsFilter.login_url
|
|
42
|
+
assert_equal true, RailsFilter.renew?
|
|
41
43
|
end
|
|
42
44
|
|
|
43
45
|
def test_filter_invalid_attempt
|
|
@@ -65,46 +67,12 @@ class TestRailsFilter < Test::Unit::TestCase
|
|
|
65
67
|
assert_equal 'admin', @controller.session[:cas_user]
|
|
66
68
|
end
|
|
67
69
|
|
|
68
|
-
|
|
69
|
-
|
|
70
|
-
module ActionController
|
|
71
|
-
module Base
|
|
72
|
-
def self.logger
|
|
73
|
-
@logger = ::Logger.new($stderr)
|
|
74
|
-
@logger.level = ::Logger::ERROR
|
|
75
|
-
@logger
|
|
76
|
-
end
|
|
70
|
+
def test_filter_not_authenticated
|
|
71
|
+
assert_equal false, RailsFilter.filter(@controller)
|
|
77
72
|
end
|
|
78
|
-
end
|
|
79
73
|
|
|
80
|
-
|
|
81
|
-
|
|
82
|
-
def initialize
|
|
83
|
-
@session = {}
|
|
84
|
-
end
|
|
85
|
-
|
|
86
|
-
def request
|
|
87
|
-
Request.new
|
|
88
|
-
end
|
|
89
|
-
|
|
90
|
-
def url_for(url)
|
|
91
|
-
url
|
|
92
|
-
end
|
|
93
|
-
|
|
94
|
-
def redirect_to(url)
|
|
95
|
-
end
|
|
96
|
-
|
|
97
|
-
private
|
|
98
|
-
|
|
99
|
-
def reset_session
|
|
100
|
-
@session = {}
|
|
74
|
+
def test_filter_not_authenticated
|
|
75
|
+
assert_equal false, RailsFilter.filter(@controller)
|
|
101
76
|
end
|
|
102
|
-
end
|
|
103
77
|
|
|
104
|
-
class Request
|
|
105
|
-
def headers
|
|
106
|
-
{}
|
|
107
|
-
end
|
|
108
|
-
def post?
|
|
109
|
-
end
|
|
110
78
|
end
|
metadata
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: p8-casablanca
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 0.0.3
|
|
4
|
+
version: 0.0.3.1
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Petrik de Heus
|
|
@@ -43,11 +43,13 @@ files:
|
|
|
43
43
|
- lib/casablanca/client.rb
|
|
44
44
|
- lib/casablanca/filters/rails.rb
|
|
45
45
|
- lib/casablanca/response_parsers.rb
|
|
46
|
+
- test/mocks.rb
|
|
46
47
|
- test/test_client.rb
|
|
47
48
|
- test/test_helper.rb
|
|
48
49
|
- test/test_parser.rb
|
|
49
50
|
- test/test_rails_filter.rb
|
|
50
51
|
- test/test_ticket.rb
|
|
52
|
+
- test/test_rails_cas_proxy_callback_controller.rb
|
|
51
53
|
- README.txt
|
|
52
54
|
has_rdoc: true
|
|
53
55
|
homepage:
|
|
@@ -77,8 +79,10 @@ signing_key:
|
|
|
77
79
|
specification_version: 2
|
|
78
80
|
summary: A single sign-on client for the CAS 2.0 protocol
|
|
79
81
|
test_files:
|
|
82
|
+
- test/mocks.rb
|
|
80
83
|
- test/test_client.rb
|
|
81
84
|
- test/test_helper.rb
|
|
82
85
|
- test/test_parser.rb
|
|
83
86
|
- test/test_rails_filter.rb
|
|
84
87
|
- test/test_ticket.rb
|
|
88
|
+
- test/test_rails_cas_proxy_callback_controller.rb
|
|
@@ -1,88 +0,0 @@
|
|
|
1
|
-
module Casablanca
|
|
2
|
-
class RailsFilter
|
|
3
|
-
|
|
4
|
-
class << self
|
|
5
|
-
|
|
6
|
-
##
|
|
7
|
-
# Configure the client
|
|
8
|
-
#
|
|
9
|
-
# Casablanca::RailsFilter.config do |config|
|
|
10
|
-
# config[:cas_server_url] = "http://localhost:4567"
|
|
11
|
-
# config[:service_url] = "http://localhost:3000"
|
|
12
|
-
# end
|
|
13
|
-
def config
|
|
14
|
-
config = {}
|
|
15
|
-
yield config
|
|
16
|
-
@cas_server_url = config[:cas_server_url]
|
|
17
|
-
@service_url = config[:service_url]
|
|
18
|
-
@renew = config[:renew] # always renew the session
|
|
19
|
-
# set logger to rails logger
|
|
20
|
-
Client.logger = ::ActionController::Base.logger
|
|
21
|
-
end
|
|
22
|
-
|
|
23
|
-
def filter(controller)
|
|
24
|
-
|
|
25
|
-
client = Client.new(:cas_server_url => @cas_server_url, :service_url => @service_url)
|
|
26
|
-
if !controller.session[:cas_user] && !controller.params[:ticket]
|
|
27
|
-
if renew?
|
|
28
|
-
logger.debug "Always require credentials for authentication"
|
|
29
|
-
else
|
|
30
|
-
logger.debug "Not authenticated yet. Ticket parameter required"
|
|
31
|
-
end
|
|
32
|
-
redirect_to_cas_login(controller, renew?)
|
|
33
|
-
return false
|
|
34
|
-
end
|
|
35
|
-
ticket = Ticket.new(controller.params[:ticket], client.service_url, controller.session[:cas_renew])
|
|
36
|
-
if client.authenticate_ticket(ticket)
|
|
37
|
-
logger.debug "Ticket authenticated"
|
|
38
|
-
controller.session[:cas_user] = ticket.user
|
|
39
|
-
controller.session[:cas_renew] = nil
|
|
40
|
-
return true
|
|
41
|
-
else
|
|
42
|
-
logger.warn "Ticket authentication failed: #{ticket.failure_message}"
|
|
43
|
-
logout(controller)
|
|
44
|
-
logger.debug "Renew login credentials"
|
|
45
|
-
redirect_to_cas_login(controller, true)
|
|
46
|
-
return false
|
|
47
|
-
end
|
|
48
|
-
end
|
|
49
|
-
|
|
50
|
-
##
|
|
51
|
-
# The login url of the Cas server. This page has the login form.
|
|
52
|
-
def login_url(params={})
|
|
53
|
-
client = Client.new(:cas_server_url => @cas_server_url, :service_url => @service_url)
|
|
54
|
-
client.login_url(params)
|
|
55
|
-
end
|
|
56
|
-
|
|
57
|
-
##
|
|
58
|
-
# The logout url of the Cas server.
|
|
59
|
-
def logout_url(params={})
|
|
60
|
-
client = Client.new(:cas_server_url => @cas_server_url, :service_url => @service_url)
|
|
61
|
-
client.logout_url(params)
|
|
62
|
-
end
|
|
63
|
-
|
|
64
|
-
##
|
|
65
|
-
# Logs out of the Cas server.
|
|
66
|
-
def logout(controller)
|
|
67
|
-
controller.session[:cas_user] = nil
|
|
68
|
-
end
|
|
69
|
-
|
|
70
|
-
def logger
|
|
71
|
-
Client.logger
|
|
72
|
-
end
|
|
73
|
-
|
|
74
|
-
private
|
|
75
|
-
|
|
76
|
-
def redirect_to_cas_login(controller, renew)
|
|
77
|
-
controller.session[:cas_renew] = renew
|
|
78
|
-
controller.send(:redirect_to, login_url(:renew => renew))
|
|
79
|
-
end
|
|
80
|
-
|
|
81
|
-
def renew?
|
|
82
|
-
@renew
|
|
83
|
-
end
|
|
84
|
-
|
|
85
|
-
end
|
|
86
|
-
end
|
|
87
|
-
|
|
88
|
-
end
|