rack-cas 0.10.0 → 0.10.1
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/README.md +28 -0
- data/lib/rack-cas/configuration.rb +1 -1
- data/lib/rack-cas/server.rb +5 -2
- data/lib/rack-cas/version.rb +1 -1
- data/lib/rack/cas.rb +3 -1
- metadata +2 -2
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA1:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: e30e5b118a618b8b272d36176d0297a3b6bb9ce9
|
|
4
|
+
data.tar.gz: 69b1b0c2de4fdb69220eaee104766eae66897b85
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: f85843bf2c05234cf863b2dd5c7653059deb871f76d4bfb6b147fce28731c150fa4f7145526a77e89af9bb75111d6c8c00685e2f592a319b86c3347b5eeb6944
|
|
7
|
+
data.tar.gz: 18101042feca858fb47f224d4887026d6a5cebbc12dd8a300c2ce2dcf92de2df4e118d017208517bdc19472e0e096f5d9f997e4f7264b69f38a58065924d40cb
|
data/README.md
CHANGED
|
@@ -88,6 +88,15 @@ Single sign out support outside of Rails is currently untested. We'll be adding
|
|
|
88
88
|
Configuration
|
|
89
89
|
=============
|
|
90
90
|
|
|
91
|
+
Extra Attributes
|
|
92
|
+
----------------
|
|
93
|
+
|
|
94
|
+
You can whitelist which extra attributes to keep.
|
|
95
|
+
In your `config/application.rb`:
|
|
96
|
+
```ruby
|
|
97
|
+
config.rack_cas.extra_attributes_filter = %w(some_attribute some_other_attribute)
|
|
98
|
+
```
|
|
99
|
+
|
|
91
100
|
Excluding Paths
|
|
92
101
|
---------------
|
|
93
102
|
|
|
@@ -101,6 +110,25 @@ The same options can be passed to `FakeCAS`.
|
|
|
101
110
|
```ruby
|
|
102
111
|
use Rack::FakeCAS, exclude_path: '/api'
|
|
103
112
|
```
|
|
113
|
+
|
|
114
|
+
SSL Cert Verification
|
|
115
|
+
---------------------
|
|
116
|
+
|
|
117
|
+
If you're working in development or staging your CAS server may not have a legit SSL cert. You can turn off SSL Cert verification by adding the following to `config/application.rb`.
|
|
118
|
+
|
|
119
|
+
```ruby
|
|
120
|
+
config.rack_cas.verify_ssl_cert = false
|
|
121
|
+
```
|
|
122
|
+
|
|
123
|
+
CAS Login Renew Flag
|
|
124
|
+
--------------
|
|
125
|
+
|
|
126
|
+
The CAS standard allows for a `renew=true` parameter to be passed to the CAS server which will force the user to re-login every time CAS authentication is performed, for added security. To enable this for your application, add the following to `config/application.rb`.
|
|
127
|
+
|
|
128
|
+
```ruby
|
|
129
|
+
config.rack_cas.renew = true
|
|
130
|
+
```
|
|
131
|
+
|
|
104
132
|
Integration
|
|
105
133
|
===========
|
|
106
134
|
Your app should __return a [401 status](http://httpstatus.es/401)__ whenever a request is made that requires authentication. Rack-CAS will catch these responses and attempt to authenticate via your CAS server.
|
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
module RackCAS
|
|
2
2
|
class Configuration
|
|
3
|
-
SETTINGS = [:server_url, :session_store, :exclude_path, :exclude_paths, :extra_attributes_filter, :verify_ssl_cert]
|
|
3
|
+
SETTINGS = [:server_url, :session_store, :exclude_path, :exclude_paths, :extra_attributes_filter, :verify_ssl_cert, :renew]
|
|
4
4
|
|
|
5
5
|
SETTINGS.each do |setting|
|
|
6
6
|
attr_accessor setting
|
data/lib/rack-cas/server.rb
CHANGED
|
@@ -9,7 +9,10 @@ module RackCAS
|
|
|
9
9
|
|
|
10
10
|
def login_url(service_url, params = {})
|
|
11
11
|
service_url = URL.parse(service_url).to_s
|
|
12
|
-
|
|
12
|
+
base_params = {service: service_url}
|
|
13
|
+
base_params[:renew] = true if RackCAS.config.renew?
|
|
14
|
+
|
|
15
|
+
@url.dup.append_path('login').add_params(base_params.merge(params))
|
|
13
16
|
end
|
|
14
17
|
|
|
15
18
|
def logout_url(params = {})
|
|
@@ -31,4 +34,4 @@ module RackCAS
|
|
|
31
34
|
@url.dup.append_path('serviceValidate').add_params(service: service_url, ticket: ticket)
|
|
32
35
|
end
|
|
33
36
|
end
|
|
34
|
-
end
|
|
37
|
+
end
|
data/lib/rack-cas/version.rb
CHANGED
data/lib/rack/cas.rb
CHANGED
|
@@ -71,7 +71,9 @@ class Rack::CAS
|
|
|
71
71
|
end
|
|
72
72
|
|
|
73
73
|
def store_session(request, user, ticket, extra_attrs = {})
|
|
74
|
-
|
|
74
|
+
if RackCAS.config.extra_attributes_filter?
|
|
75
|
+
extra_attrs.select! { |key, val| RackCAS.config.extra_attributes_filter.map(&:to_s).include? key.to_s }
|
|
76
|
+
end
|
|
75
77
|
|
|
76
78
|
request.session['cas'] = { 'user' => user, 'ticket' => ticket, 'extra_attributes' => extra_attrs }
|
|
77
79
|
end
|
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: rack-cas
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 0.10.
|
|
4
|
+
version: 0.10.1
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Adam Crownoble
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: bin
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date: 2015-03-
|
|
11
|
+
date: 2015-03-18 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: rack
|