p8-casablanca 0.1.0 → 0.2.0

Sign up to get free protection for your applications and to get access to all the features.
data/History.txt CHANGED
@@ -1,3 +1,9 @@
1
+ === 0.2.0 / 2009-02-20
2
+
3
+ * 1 major enhancement
4
+
5
+ * Implemented RenewFilter for rails filter
6
+
1
7
  === 0.1.0 / 2009-02-18
2
8
 
3
9
  * 1 major enhancement
data/README.txt CHANGED
@@ -9,11 +9,11 @@ Casablanca is a ruby single sign-on client for the CAS 2.0 protocol.
9
9
  == FEATURES:
10
10
 
11
11
  * Includes a commandline Client to test getting service tickets from a CAS server
12
- * It can be run as a Rails plugin.
12
+ * It can be run as a Rails plugin
13
+ * Supports gatewaying and renewing
13
14
 
14
15
  == TODO:
15
16
 
16
- * Add extra attributes returned from the server
17
17
  * Implement proxying
18
18
  * Check for single signout
19
19
 
@@ -35,22 +35,27 @@ In IRB:
35
35
 
36
36
 
37
37
  === Rails:
38
- - environment.rb:
38
+ Configure your Cas server url in environment.rb:
39
39
 
40
40
  Casablanca::Rails::Config.config do |config|
41
41
  config[:cas_server_url] = "http://localhost:4567"
42
- # Always require new credentials for authentication
43
- config[:renew] = true
44
42
  end
45
43
 
46
44
 
45
+ Add filters to the protected controllers.
46
+ For most cases you would want the default filter:
47
47
 
48
48
  before_filter Casablanca::Rails::Filter
49
- # If you want users without credentials to view the page as well use the Gateway filter
50
- # before_filter Casablanca::Rails::GatewayFilter
49
+
50
+ If you want users without credentials to view the page as well use the Gateway filter
51
+
52
+ before_filter Casablanca::Rails::GatewayFilter
53
+
54
+ If you want users to always require new credentials for authentication use the renew filter
51
55
 
56
+ before_filter Casablanca::Rails::RenewFilter
52
57
 
53
- - Add something like the following to application.rb to get the current user from the Cas session:
58
+ Add something like the following to application.rb to get the current user from the Cas session:
54
59
 
55
60
  def current_user
56
61
  if session[:cas_user] && @user.nil?
@@ -60,7 +65,7 @@ In IRB:
60
65
  @user
61
66
  end
62
67
 
63
- - Your logout action could look like:
68
+ Your logout action could look like:
64
69
 
65
70
  def logout
66
71
  Casablanca::Rails::Filter.logout(self)
@@ -16,15 +16,10 @@ module Casablanca::Rails
16
16
  config = {}
17
17
  yield config
18
18
  @cas_server_url = config[:cas_server_url]
19
- @renew = config[:renew] # always renew the session
20
19
  # set logger to rails logger
21
20
  Casablanca::Client.logger = ::ActionController::Base.logger
22
21
  end
23
22
 
24
- def renew
25
- @renew
26
- end
27
-
28
23
  def cas_server_url
29
24
  @cas_server_url
30
25
  end
@@ -74,28 +69,18 @@ module Casablanca::Rails
74
69
  Casablanca::Client.logger
75
70
  end
76
71
 
77
- # Always require new credentials for authentication?
78
- def renew?
79
- Config.renew
80
- end
81
-
82
72
  # Has the user already talked to the Cas server?
83
73
  def authentication_required?(controller)
84
- (controller.session[:cas_user].nil? || renew?) && controller.params[:ticket].nil?
74
+ controller.session[:cas_user].nil? && controller.params[:ticket].nil?
85
75
  end
86
76
 
87
- def redirect_to_cas_login(controller, renew)
88
- controller.session[:cas_renew] = renew
89
- controller.send(:redirect_to, login_url(controller, :renew => renew))
77
+ def redirect_to_cas_login(controller)
78
+ controller.send(:redirect_to, login_url(controller))
90
79
  end
91
80
 
92
81
  def get_credentials(controller)
93
- if renew?
94
- logger.debug "Always require credentials for authentication"
95
- else
96
- logger.debug "Not authenticated yet. Ticket parameter required"
97
- end
98
- redirect_to_cas_login(controller, renew?)
82
+ logger.debug "Not authenticated yet. Ticket parameter required"
83
+ redirect_to_cas_login(controller)
99
84
  return false
100
85
  end
101
86
 
@@ -111,7 +96,7 @@ module Casablanca::Rails
111
96
  logger.debug "Ticket authentication failed: #{ticket.failure_message}"
112
97
  logout(controller)
113
98
  logger.debug "Renew login credentials"
114
- redirect_to_cas_login(controller, renew?)
99
+ redirect_to_cas_login(controller)
115
100
  return false
116
101
  end
117
102
  end
@@ -145,7 +130,7 @@ module Casablanca::Rails
145
130
  return super(controller)
146
131
  end
147
132
 
148
- def redirect_to_cas_login(controller, renew)
133
+ def redirect_to_cas_login(controller)
149
134
  controller.session[:cas_gatewayed] = true
150
135
  logger.debug "Redirecting to #{login_url(controller, :gateway => true)}"
151
136
  controller.send(:redirect_to, login_url(controller, :gateway => true))
@@ -153,5 +138,31 @@ module Casablanca::Rails
153
138
 
154
139
  end
155
140
  end
141
+
142
+ ##
143
+ # Always require new credentials for authentication?
144
+ class RenewFilter < Filter
145
+
146
+ class << self
147
+
148
+ # Has the user already talked to the Cas server?
149
+ def authentication_required?(controller)
150
+ (controller.session[:cas_user].nil? || controller.session[:cas_renewed].nil?) && controller.params[:ticket].nil?
151
+ end
152
+
153
+ def get_credentials(controller)
154
+ logger.debug "Always require credentials for authentication"
155
+ redirect_to_cas_login(controller)
156
+ return false
157
+ end
158
+
159
+ def redirect_to_cas_login(controller)
160
+ controller.session[:cas_renewed] = true
161
+ logger.debug "Redirecting to #{login_url(controller, :renew => true)}"
162
+ controller.send(:redirect_to, login_url(controller, :renew => true))
163
+ end
164
+
165
+ end
166
+ end
156
167
 
157
168
  end
data/lib/casablanca.rb CHANGED
@@ -1,5 +1,5 @@
1
1
  module Casablanca
2
- VERSION = '0.1.1'
2
+ VERSION = '0.2.0'
3
3
  end
4
4
  require 'casablanca/client'
5
5
  require 'casablanca/response_parsers'
@@ -10,10 +10,8 @@ class TestRailsConfig < Test::Unit::TestCase
10
10
  def test_config
11
11
  Rails::Config.config do |config|
12
12
  config[:cas_server_url] = "http://example.com/cas_server"
13
- config[:renew] = true
14
13
  end
15
14
  assert_equal 'http://example.com/cas_server/login?service=http%3A%2F%2Flocalhost%3A3000', Rails::Filter.login_url(@controller)
16
- assert_equal true, Rails::Filter.renew?
17
15
  end
18
16
 
19
17
  end
@@ -71,17 +69,6 @@ class TestRailsFilter < Test::Unit::TestCase
71
69
  assert_equal true, Filter.filter(@controller)
72
70
  assert_equal 'admin', @controller.session[:cas_user]
73
71
  end
74
-
75
- def test_filter_already_authenticated_with_valid_ticket_from_session_but_renew_required
76
- Config.config do |config|
77
- config[:cas_server_url] = "http://localhost:4567"
78
- config[:renew] = true
79
- end
80
- service_ticket = get_service_ticket
81
- @controller.session = {:cas_user => 'admin'}
82
- assert_equal false, Filter.filter(@controller)
83
- assert_equal 'admin', @controller.session[:cas_user]
84
- end
85
72
 
86
73
  def test_filter_not_authenticated
87
74
  assert_equal false, Filter.filter(@controller)
@@ -117,4 +104,34 @@ class TestRailsGatewayFilter < TestRailsFilter
117
104
  assert_equal nil, @controller.session[:cas_user]
118
105
  end
119
106
 
107
+ end
108
+
109
+ class TestRailsRenewFilter < TestRailsFilter
110
+ def setup
111
+ Config.config do |config|
112
+ config[:cas_server_url] = "http://localhost:4567"
113
+ end
114
+ @controller = Controller.new
115
+ @controller.params = {}
116
+ end
117
+
118
+ def test_filter_already_authenticated_on_cas_server_but_renew_required
119
+ Config.config do |config|
120
+ config[:cas_server_url] = "http://localhost:4567"
121
+ end
122
+ service_ticket = get_service_ticket
123
+ @controller.session = {:cas_user => 'admin'}
124
+ assert_equal false, RenewFilter.filter(@controller)
125
+ end
126
+
127
+ def test_filter_already_renewed_with_valid_ticket_from_session_should_not_renew
128
+ Config.config do |config|
129
+ config[:cas_server_url] = "http://localhost:4567"
130
+ end
131
+ service_ticket = get_service_ticket
132
+ @controller.session = {:cas_user => 'admin', :cas_renewed => true}
133
+ assert_equal true, RenewFilter.filter(@controller)
134
+ assert_equal 'admin', @controller.session[:cas_user]
135
+ end
136
+
120
137
  end
metadata CHANGED
@@ -1,7 +1,7 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: p8-casablanca
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.1.0
4
+ version: 0.2.0
5
5
  platform: ruby
6
6
  authors:
7
7
  - Petrik de Heus
@@ -9,7 +9,7 @@ autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
11
 
12
- date: 2009-02-18 00:00:00 -08:00
12
+ date: 2009-02-20 00:00:00 -08:00
13
13
  default_executable: casablanca
14
14
  dependencies:
15
15
  - !ruby/object:Gem::Dependency