rack-cas 0.4.1 → 0.4.2

Sign up to get free protection for your applications and to get access to all the features.
Files changed (3) hide show
  1. data/lib/rack-cas/cas_request.rb +18 -6
  2. data/lib/rack-cas/version.rb +1 -1
  3. metadata +13 -13
data/lib/rack-cas/cas_request.rb CHANGED
@@ -7,11 +7,9 @@ class CASRequest
7
7
 
8
8
  def ticket
9
9
  @ticket ||= if single_sign_out?
10
- xml = Nokogiri::XML(@request.params['logoutRequest'])
11
- node = xml.root.children.find { |c| c.name =~ /SessionIndex/i }
12
- node.text unless node.nil?
13
- else
14
- @request.params['ticket']
10
+ sso_ticket
11
+ elsif ticket_validation?
12
+ ticket_param
15
13
  end
16
14
  end
17
15
 
@@ -28,6 +26,20 @@ class CASRequest
28
26
  end
29
27
 
30
28
  def ticket_validation?
31
- !!@request.params['ticket']
29
+ # The CAS protocol specifies 32 characters as the minimum length of a
30
+ # service ticket (including ST-) http://www.jasig.org/cas/protocol
31
+ !!(@request.get? && ticket_param && ticket_param.to_s =~ /\AST\-[^\s]{29}/)
32
+ end
33
+
34
+ private
35
+
36
+ def ticket_param
37
+ @request.params['ticket']
38
+ end
39
+
40
+ def sso_ticket
41
+ xml = Nokogiri::XML(@request.params['logoutRequest'])
42
+ node = xml.root.children.find { |c| c.name =~ /SessionIndex/i }
43
+ node.text unless node.nil?
32
44
  end
33
45
  end
data/lib/rack-cas/version.rb CHANGED
@@ -1,3 +1,3 @@
1
1
  module RackCAS
2
- VERSION = '0.4.1'
2
+ VERSION = '0.4.2'
3
3
  end
metadata CHANGED
@@ -1,7 +1,7 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: rack-cas
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.4.1
4
+ version: 0.4.2
5
5
  prerelease:
6
6
  platform: ruby
7
7
  authors:
@@ -9,7 +9,7 @@ authors:
9
9
  autorequire:
10
10
  bindir: bin
11
11
  cert_chain: []
12
- date: 2013-01-17 00:00:00.000000000 Z
12
+ date: 2013-01-24 00:00:00.000000000 Z
13
13
  dependencies:
14
14
  - !ruby/object:Gem::Dependency
15
15
  name: rack
@@ -115,25 +115,25 @@ extra_rdoc_files: []
115
115
  files:
116
116
  - README.markdown
117
117
  - MIT-LICENSE
118
- - lib/generators/templates/migration.rb
119
- - lib/generators/cas_session_store_migration_generator.rb
120
- - lib/rack-cas.rb
118
+ - lib/rack-cas/railtie.rb
121
119
  - lib/rack-cas/url.rb
122
120
  - lib/rack-cas/version.rb
123
- - lib/rack-cas/railtie.rb
124
- - lib/rack-cas/session_store/rails/mongo.rb
121
+ - lib/rack-cas/service_validation_response.rb
122
+ - lib/rack-cas/cas_request.rb
123
+ - lib/rack-cas/server.rb
124
+ - lib/rack-cas/session_store/active_record.rb
125
125
  - lib/rack-cas/session_store/rails/active_record.rb
126
+ - lib/rack-cas/session_store/rails/mongo.rb
126
127
  - lib/rack-cas/session_store/rails/mongoid.rb
127
128
  - lib/rack-cas/session_store/mongo.rb
128
- - lib/rack-cas/session_store/active_record.rb
129
+ - lib/rack-cas/session_store/mongoid.rb
129
130
  - lib/rack-cas/session_store/rack/mongo.rb
130
131
  - lib/rack-cas/session_store/rack/mongoid.rb
131
- - lib/rack-cas/session_store/mongoid.rb
132
- - lib/rack-cas/service_validation_response.rb
133
- - lib/rack-cas/server.rb
134
- - lib/rack-cas/cas_request.rb
135
- - lib/rack/fake_cas.rb
132
+ - lib/rack-cas.rb
133
+ - lib/generators/cas_session_store_migration_generator.rb
134
+ - lib/generators/templates/migration.rb
136
135
  - lib/rack/cas.rb
136
+ - lib/rack/fake_cas.rb
137
137
  homepage: https://github.com/biola/rack-cas
138
138
  licenses: []
139
139
  post_install_message: