p8-casablanca 0.0.1 → 0.0.2
Sign up to get free protection for your applications and to get access to all the features.
- data/README.textile +13 -6
- data/bin/casablanca +1 -0
- data/lib/casablanca/cli.rb +2 -1
- data/lib/casablanca/client.rb +4 -3
- data/lib/casablanca/filters/rails.rb +11 -1
- data/lib/casablanca/version.rb +1 -1
- data/test/test_client.rb +14 -10
- data/test/test_helper.rb +23 -0
- data/test/test_rails_filter.rb +14 -3
- metadata +3 -3
data/README.textile
CHANGED
@@ -2,21 +2,25 @@ h1. Casablanca
|
|
2
2
|
|
3
3
|
h2. Description
|
4
4
|
|
5
|
-
|
6
|
-
|
5
|
+
Casablanca is a single sign-on client for the CAS 2.0 protocol.
|
6
|
+
It can be run from the commandline and as a filter for Rails.
|
7
7
|
|
8
8
|
sudo gem install p8-casablanca
|
9
9
|
|
10
10
|
h2. TODO
|
11
11
|
|
12
|
-
* Add
|
13
|
-
* Add extra attributes
|
12
|
+
* Add logging
|
13
|
+
* Add extra attributes returned from the server
|
14
14
|
* Implement gateway and proxy
|
15
15
|
* Check for single signout
|
16
16
|
* Check for endless redirects
|
17
17
|
|
18
18
|
h2. Usage
|
19
19
|
|
20
|
+
Commandline:
|
21
|
+
|
22
|
+
casablanca
|
23
|
+
|
20
24
|
In IRB:
|
21
25
|
|
22
26
|
require 'casablanca'
|
@@ -31,12 +35,15 @@ In IRB:
|
|
31
35
|
In a Rails project:
|
32
36
|
- environment.rb:
|
33
37
|
|
34
|
-
Casablanca::RailsFilter.
|
38
|
+
Casablanca::RailsFilter.config do |config|
|
39
|
+
config[:cas_server_url] = "http://localhost:4567"
|
40
|
+
config[:service_url] = "http://localhost:3000"
|
41
|
+
end
|
35
42
|
|
36
43
|
- Add the following to application.rb:
|
37
44
|
|
38
45
|
before_filter Casablanca::RailsFilter
|
39
|
-
|
46
|
+
|
40
47
|
def current_person
|
41
48
|
@current_person ||= login_from_cas unless @current_person == false
|
42
49
|
end
|
data/bin/casablanca
CHANGED
@@ -3,6 +3,7 @@ irb = RUBY_PLATFORM =~ /mswin32/ ? 'irb.bat' : 'irb'
|
|
3
3
|
options = { :sandbox => false, :irb => irb }
|
4
4
|
|
5
5
|
libs = " -r irb/completion"
|
6
|
+
libs << " -r #{File.dirname(__FILE__)}/../lib/casablanca/version.rb"
|
6
7
|
libs << " -r #{File.dirname(__FILE__)}/../lib/casablanca/client.rb"
|
7
8
|
libs << " -r #{File.dirname(__FILE__)}/../lib/casablanca/cli.rb"
|
8
9
|
libs << " -r #{File.dirname(__FILE__)}/../lib/casablanca/response_parsers.rb"
|
data/lib/casablanca/cli.rb
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
config = { :cas_server_url => "http://localhost:4567", :service_url => "http://localhost:3000" }
|
2
2
|
INFO = %(
|
3
3
|
=====================================================
|
4
|
-
CASABLANCA CLIENT CONSOLE
|
4
|
+
CASABLANCA CLIENT CONSOLE (#{Casablanca::VERSION})
|
5
5
|
|
6
6
|
Use C for a configured client (#{config.inspect})
|
7
7
|
Example:
|
@@ -9,6 +9,7 @@ Example:
|
|
9
9
|
t = C.get_service_ticket('admin', 'admin')
|
10
10
|
C.authenticate_ticket(t)
|
11
11
|
|
12
|
+
The configuration can be changed:
|
12
13
|
C.cas_server_url = "http://example.com/cas_server"
|
13
14
|
C.service_url = "http://example.com/application"
|
14
15
|
|
data/lib/casablanca/client.rb
CHANGED
@@ -6,7 +6,8 @@ require 'rexml/document'
|
|
6
6
|
module Casablanca
|
7
7
|
|
8
8
|
class Client
|
9
|
-
|
9
|
+
attr_accessor :cas_server_url, :service_url
|
10
|
+
|
10
11
|
def initialize(config)
|
11
12
|
raise ":cas_server_url is required" unless config[:cas_server_url]
|
12
13
|
@cas_server_url = config[:cas_server_url]
|
@@ -65,7 +66,7 @@ module Casablanca
|
|
65
66
|
end
|
66
67
|
|
67
68
|
class CommandLineClient < Client
|
68
|
-
|
69
|
+
|
69
70
|
def login(username, password)
|
70
71
|
post(URI.parse(login_url), {:username => username, :password => password, :service => service_url})
|
71
72
|
end
|
@@ -90,7 +91,7 @@ module Casablanca
|
|
90
91
|
|
91
92
|
class Ticket
|
92
93
|
attr_accessor :user, :failure_code, :failure_message
|
93
|
-
attr_reader :service_url
|
94
|
+
attr_reader :service_url, :ticket
|
94
95
|
|
95
96
|
def initialize(ticket, service_url, renew = false)
|
96
97
|
@service_url = service_url
|
@@ -8,11 +8,21 @@ module Casablanca
|
|
8
8
|
@@client = client
|
9
9
|
end
|
10
10
|
|
11
|
+
def client
|
12
|
+
@@client
|
13
|
+
end
|
14
|
+
|
15
|
+
def config
|
16
|
+
config = {}
|
17
|
+
yield config
|
18
|
+
@@client = Client.new(config)
|
19
|
+
end
|
20
|
+
|
11
21
|
def filter(controller)
|
12
22
|
return true if previous_ticket(controller) && !controller.params[:renew]
|
13
23
|
ticket = Ticket.new(controller.params[:ticket], @@client.service_url, controller.params[:renew])
|
14
24
|
if @@client.authenticate_ticket(ticket)
|
15
|
-
puts "Ticket authenticated
|
25
|
+
puts "Ticket authenticated"
|
16
26
|
controller.session[:cas_user] = ticket.user
|
17
27
|
controller.session[:cas_ticket] = ticket.to_hash
|
18
28
|
return true
|
data/lib/casablanca/version.rb
CHANGED
data/test/test_client.rb
CHANGED
@@ -16,14 +16,15 @@ class TestClient < Test::Unit::TestCase
|
|
16
16
|
end
|
17
17
|
|
18
18
|
def test_authenticate_ticket
|
19
|
-
|
20
|
-
|
21
|
-
|
19
|
+
service_ticket = get_service_ticket
|
20
|
+
@client = Client.new(:cas_server_url => "http://localhost:4567", :service_url => "http://localhost:3000")
|
21
|
+
mock_authenticate_ticket(VALID_REQUEST)
|
22
22
|
@client.authenticate_ticket(service_ticket)
|
23
23
|
assert_equal 'admin', service_ticket.user
|
24
24
|
end
|
25
25
|
|
26
26
|
def test_validate_expired_ticket
|
27
|
+
mock_authenticate_ticket(INVALID_TICKET)
|
27
28
|
ticket = 'ST-1231341579r871C5757B79767C21E'
|
28
29
|
service_ticket = Ticket.new(ticket, 'http://localhost:3000', true)
|
29
30
|
@client.authenticate_ticket(service_ticket)
|
@@ -32,11 +33,12 @@ class TestClient < Test::Unit::TestCase
|
|
32
33
|
end
|
33
34
|
|
34
35
|
def test_validate_invalid_ticket
|
35
|
-
|
36
|
+
mock_authenticate_ticket(INVALID_TICKET)
|
37
|
+
ticket = 'ST-1231242314r72465638160B31E8D1'
|
36
38
|
service_ticket = Ticket.new(ticket, 'http://localhost:3000', true)
|
37
39
|
@client.authenticate_ticket(service_ticket)
|
38
40
|
assert_equal 'INVALID_TICKET', service_ticket.failure_code
|
39
|
-
assert_equal "Ticket
|
41
|
+
assert_equal "Ticket ST-1231242314r72465638160B31E8D1 not recognized.", service_ticket.failure_message
|
40
42
|
end
|
41
43
|
|
42
44
|
def test_authenticate_ticket_with_empty_service_url
|
@@ -66,17 +68,19 @@ class TestCommandLineClient < Test::Unit::TestCase
|
|
66
68
|
end
|
67
69
|
|
68
70
|
def test_login
|
69
|
-
|
71
|
+
mock_get_service_ticket
|
70
72
|
res = @client.login('admin', 'admin')
|
71
73
|
assert_equal '', res.body
|
72
74
|
assert_equal '303', res.code
|
73
|
-
assert_equal 'http
|
75
|
+
assert_equal 0, res['location'] =~ /^http:\/\/localhost:3000\?ticket=ST-/
|
76
|
+
assert_equal 61, res['location'].size
|
74
77
|
end
|
75
78
|
|
76
79
|
def test_get_service_ticket
|
77
|
-
|
78
|
-
ticket = @client.
|
79
|
-
assert_equal
|
80
|
+
mock_get_service_ticket
|
81
|
+
ticket = @client.get_service_ticket('admin', 'admin')
|
82
|
+
assert_equal 0, ticket.ticket =~ /^ST-/
|
83
|
+
assert_equal 32, ticket.ticket.size
|
80
84
|
end
|
81
85
|
|
82
86
|
end
|
data/test/test_helper.rb
CHANGED
@@ -4,8 +4,31 @@ require 'test/unit'
|
|
4
4
|
require 'rubygems'
|
5
5
|
require 'mocha'
|
6
6
|
|
7
|
+
# set to false if you're integration testing against a real server
|
8
|
+
MOCK_REQUESTS = true
|
9
|
+
|
7
10
|
class Test::Unit::TestCase
|
8
11
|
include Casablanca
|
12
|
+
|
13
|
+
def mock_authenticate_ticket(body)
|
14
|
+
if MOCK_REQUESTS
|
15
|
+
@client.expects(:get).returns(MockResponse.new(body, '200', :location => 'http://localhost:3000?ticket=ST-1231341579r871C5757B79767C21E'))
|
16
|
+
end
|
17
|
+
end
|
18
|
+
|
19
|
+
def mock_get_service_ticket
|
20
|
+
if MOCK_REQUESTS
|
21
|
+
@client.expects(:post).returns(MockResponse.new('', '303', :location => 'http://localhost:3000?ticket=ST-1231341579r871C5757B79767C21E'))
|
22
|
+
end
|
23
|
+
end
|
24
|
+
|
25
|
+
def get_service_ticket
|
26
|
+
cli = CommandLineClient.new(:cas_server_url => "http://localhost:4567", :service_url => "http://localhost:3000")
|
27
|
+
if MOCK_REQUESTS
|
28
|
+
cli.expects(:post).returns(MockResponse.new('', '303', :location => 'http://localhost:3000?ticket=ST-1231341579r871C5757B79767C21E'))
|
29
|
+
end
|
30
|
+
cli.get_service_ticket('admin', 'admin')
|
31
|
+
end
|
9
32
|
end
|
10
33
|
|
11
34
|
class MockResponse < Net::HTTPResponse
|
data/test/test_rails_filter.rb
CHANGED
@@ -12,6 +12,14 @@ class TestRailsFilter < Test::Unit::TestCase
|
|
12
12
|
assert_equal 'http://localhost:4567/login?service=http://localhost:3000', RailsFilter.login_url
|
13
13
|
end
|
14
14
|
|
15
|
+
def test_config
|
16
|
+
Casablanca::RailsFilter.config do |config|
|
17
|
+
config[:cas_server_url] = "http://example.com/cas_server"
|
18
|
+
config[:service_url] = "http://example.com/application"
|
19
|
+
end
|
20
|
+
assert_equal "http://example.com/cas_server", RailsFilter.client.cas_server_url
|
21
|
+
assert_equal "http://example.com/application", RailsFilter.client.service_url
|
22
|
+
end
|
15
23
|
# def test_filter_requires_config
|
16
24
|
# RailsFilter.config = nil
|
17
25
|
# assert_raises(RuntimeError) do
|
@@ -25,16 +33,18 @@ class TestRailsFilter < Test::Unit::TestCase
|
|
25
33
|
end
|
26
34
|
|
27
35
|
def test_filter_invalid_attempt
|
36
|
+
mock_authenticate_ticket(INVALID_TICKET)
|
28
37
|
@controller.session = {}
|
29
38
|
assert_equal false, RailsFilter.filter(@controller)
|
30
39
|
end
|
31
40
|
|
32
41
|
def test_filter_authenticated
|
33
|
-
|
34
|
-
|
42
|
+
service_ticket = get_service_ticket
|
43
|
+
params = {:ticket => service_ticket.ticket}
|
44
|
+
mock_authenticate_ticket(VALID_REQUEST)
|
35
45
|
@controller.params = params
|
36
46
|
assert_equal true, RailsFilter.filter(@controller)
|
37
|
-
assert_session(
|
47
|
+
assert_session('admin', { :ticket => service_ticket.ticket, :user => 'admin', :service_url => 'http://localhost:3000' })
|
38
48
|
end
|
39
49
|
|
40
50
|
def test_filter_same_ticket
|
@@ -46,6 +56,7 @@ class TestRailsFilter < Test::Unit::TestCase
|
|
46
56
|
end
|
47
57
|
|
48
58
|
def test_filter_resets_sessions_for_renew
|
59
|
+
mock_authenticate_ticket(INVALID_TICKET)
|
49
60
|
@controller.session[:cas_ticket] = { :ticket => 'a', :service_url => 'b' }
|
50
61
|
@controller.params = {:renew => true }
|
51
62
|
assert_equal false, RailsFilter.filter(@controller)
|
metadata
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: p8-casablanca
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 0.0.
|
4
|
+
version: 0.0.2
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Petrik de Heus
|
@@ -55,7 +55,7 @@ homepage:
|
|
55
55
|
post_install_message:
|
56
56
|
rdoc_options:
|
57
57
|
- --main
|
58
|
-
- README.
|
58
|
+
- README.textile
|
59
59
|
require_paths:
|
60
60
|
- lib
|
61
61
|
required_ruby_version: !ruby/object:Gem::Requirement
|
@@ -76,7 +76,7 @@ rubyforge_project: casablanca
|
|
76
76
|
rubygems_version: 1.2.0
|
77
77
|
signing_key:
|
78
78
|
specification_version: 2
|
79
|
-
summary: A single sign-on client
|
79
|
+
summary: A single sign-on client for the CAS 2.0 protocol
|
80
80
|
test_files:
|
81
81
|
- test/test_client.rb
|
82
82
|
- test/test_helper.rb
|