rack-casual 0.1.0 → 0.1.1

data/README.md

@@ -1,10 +1,16 @@
 Rack::Casual
 ============
 
-A very simple Rack authentication plugin using CAS or a token.
+A simple Rack middleware that does authentication using CAS or a token.
 It kicks in whenever a 401 response is returned from the server.
 
-The plugin has only been tested using ActiveRecord and Rails 3.
+Compability
+===========
+
+* Ruby 1.8.7 and 1.9.2
+* CAS 2.0 using rubycas-server
+* Rails 3 and ActiveRecord 3
+* Sinatra 1.0
 
 
 Installation

data/examples/sinatra_app.rb

@@ -42,7 +42,7 @@ class User
   end
   
   def active?
-    false
+    true
   end
   
   def save

data/lib/generators/rack_casual_generator.rb

@@ -5,4 +5,12 @@ class RackCasualGenerator < Rails::Generators::Base
     copy_file "initializer.rb", "config/initializers/rack-casual.rb"
   end
   
+  def print_usage
+    puts
+    puts "Remember to include the middleware in your application."
+    puts "You can put this into config/application.rb:"
+    puts "  config.middleware.use 'Rack::Casual::Authentication'"
+    puts
+  end    
+  
 end

data/lib/generators/templates/initializer.rb

@@ -4,7 +4,7 @@
 Rack::Casual.setup do |config|
   
   # Base URL to your CAS server -- required
-  config.base_url = 'http://localhost:8088'
+  config.cas_url = 'http://localhost:8088'
   
   # If you want users to authenticate using an authentication token,
   # set the auth_token_key to the name of the attribute in your user model.
@@ -14,7 +14,7 @@ Rack::Casual.setup do |config|
 
   # Name of the session key used to store the user-id
   # Default is "user", so you get session[:user]
-  # config.session_key_user = "user"
+  # config.session_key = "user"
 
   # Rack::Casual can create the user automatically on successful login
   # Set this to false to disable this feature.
@@ -30,11 +30,6 @@ Rack::Casual.setup do |config|
   # This is the username attribute used by your User model.
   # config.username = "username"
   
-  # Finding the user
-  # You can set a custom scope that Rack::Casual should use when finding the user.
-  # If you have a active scope, you can set this to :active.
-  # config.authentication_scope = nil
-  
   # Tracking
   # If you have last_login_at and/or last_login_ip attributes on your User model,
   # Rack::Casual can update these when user logs in.

data/lib/rack/casual.rb

@@ -8,7 +8,10 @@ module Rack
     autoload :Authentication, 'rack/casual/authentication'
     autoload :Client,         'rack/casual/client'
     autoload :UserFactory,    'rack/casual/user_factory'
-    autoload :Controller,     'rack/casual/controller'
+    
+    if defined?(ActionController)
+      autoload :Controller,     'rack/casual/controller'
+    end
     
     # Default options
     defaults = {
@@ -41,74 +44,12 @@ module Rack
       self.send("#{key}=", value)
     end
 
-    # # URI to CAS login
-    # # Default is base_url/login
-    # def self.login_url; @@login_url; end
-    # def self.login_url=(login_url)
-    # 
-    # mattr_accessor :login_url
-    # @@login_url = nil
-    # 
-    # # URI to CAS logout
-    # # Default is base_url/logout
-    # mattr_accessor :logout_url
-    # @@logout_url = nil
-    # 
-    # # URI to service validation
-    # # Default is base_url/serviceValidate
-    # mattr_accessor :validate_url
-    # @@validate_url = nil
-    # 
-    # # Name of authentication token to use in params
-    # # Set to nil to disable token authentication
-    # mattr_accessor :auth_token_key
-    # @@auth_token_key = "auth_token"
-    # 
-    # # Name of the ticket parameter used by CAS
-    # mattr_accessor :ticket_param
-    # @@ticket_param = "ticket"
-    # 
-    # # Name of key to store user id
-    # # Default is 'user' => session[:user]
-    # mattr_accessor :session_key_user
-    # @@session_key_user = "user"
-    # 
-    # # Use this scope when finding users
-    # mattr_accessor :authentication_scope
-    # @@authentication_scope = nil
-    # 
-    # # Set to true to auto-create users
-    # mattr_accessor :create_user
-    # @@create_user = true
-    # 
-    # # Name of the User class
-    # mattr_accessor :user_class
-    # @@user_class = "User"
-    # 
-    # # Username attribute on user
-    # mattr_accessor :username
-    # @@username = "username"
-    # 
-    # # Update user with last_login_at and last_login_ip info
-    # mattr_accessor :tracking_enabled
-    # @@tracking_enabled = true
-
     # Setup Rack::Casual. Run rails generate rack_casual to create
     # a fresh initializer with all configuration values.
     def self.setup
       yield self
     end
 
-    def self.cas_client
-      @@cas_client ||= Client.new
-      # @@cas_client ||= ::CASClient::Client.new(
-      #     :cas_base_url => @@base_url,
-      #     :login_url    => @@login_url,
-      #     :logout_url   => @@logout_url,
-      #     :validate_url => @@validate_url
-      #   )
-    end
-
   end
 
 end

data/lib/rack/casual/client.rb

@@ -4,127 +4,127 @@ require 'nokogiri'
 require 'open-uri'
 require 'net/http'
 require 'net/https'
+require 'yaml'
 
-# This is a über simple CAS client responsible for validating a ticket.
-class Rack::Casual::Client
-  attr_accessor :username, :extra_attributes
+# Simple CAS client responsible for validating a ticket.
+module Rack
+  module Casual
 
-  # Returns login url as string
-  def self.login_url(service_url)
-    new(service_url).login_url.to_s
-  end
-  
-  # Creates a new object
-  def initialize(service_url, ticket=nil)
-    raise(ArgumentError, "Base URL must be configured") if Rack::Casual.cas_url.nil?
+    class Client
+      attr_accessor :username, :extra_attributes
+
+      # Creates a new object
+      def initialize(service_url, ticket=nil)
+        raise(ArgumentError, "Base URL must be configured") if Rack::Casual.cas_url.nil?
 
-    @service_url  = service_url    
-    @ticket       = ticket
-    @result       = nil
-  end
+        @service_url  = service_url    
+        @ticket       = ticket
+        @result, @username, @extra_attributes = nil
+      end
+  
+    
+      # Helper that returns the CAS login url as string
+      def self.login_url(service_url)
+        cas_url(:login, :service => service_url).to_s
+      end
+      
+      # Return url to CAS logout page
+      def self.logout_url(options={})
+        cas_url(:logout, options).to_s
+      end
   
-  # Return the URL to the CAS login page
-  def login_url
-    cas_url(:login)
-  end
+      # Return the URL to the CAS login page
+      def login_url
+        Client.cas_url(:login, :service => @service_url)
+      end
   
-  # URL to the CAS ticket validation service
-  def validation_url
-    cas_url(:validate)
-  end
+      # URL to the CAS ticket validation service
+      def validation_url
+        Client.cas_url(:validate, :ticket => @ticket, :service => @service_url)
+      end
 
-  # Validate the ticket we got from CAS
-  #
-  # On ticket validation success:
-  # <cas:serviceResponse xmlns:cas='http://www.yale.edu/tp/cas'>
-  #     <cas:authenticationSuccess>
-  #         <cas:user>username</cas:user>
-  #             <cas:proxyGrantingTicket>PGTIOU-84678-8a9d...
-  #         </cas:proxyGrantingTicket>
-  #     </cas:authenticationSuccess>
-  # </cas:serviceResponse>
-  # 
-  # On ticket validation failure:
-  # <cas:serviceResponse xmlns:cas='http://www.yale.edu/tp/cas'>
-  #     <cas:authenticationFailure code="INVALID_TICKET">
-  #         Ticket ST-1856339-aA5Yuvrxzpv8Tau1cYQ7 not recognized
-  #     </cas:authenticationFailure>
-  # </cas:serviceResponse>
-  # 
-  #
-  def validate_ticket
-    url = validation_url
-    http = Net::HTTP.new(url.host, url.port)
-    http.use_ssl = (url.scheme == "https") 
+      # Validate the ticket we got from CAS
+      #
+      # On ticket validation success:
+      # <cas:serviceResponse xmlns:cas='http://www.yale.edu/tp/cas'>
+      #     <cas:authenticationSuccess>
+      #         <cas:user>username</cas:user>
+      #             <cas:proxyGrantingTicket>PGTIOU-84678-8a9d...
+      #         </cas:proxyGrantingTicket>
+      #     </cas:authenticationSuccess>
+      # </cas:serviceResponse>
+      # 
+      # On ticket validation failure:
+      # <cas:serviceResponse xmlns:cas='http://www.yale.edu/tp/cas'>
+      #     <cas:authenticationFailure code="INVALID_TICKET">
+      #         Ticket ST-1856339-aA5Yuvrxzpv8Tau1cYQ7 not recognized
+      #     </cas:authenticationFailure>
+      # </cas:serviceResponse>
+      # 
+      #
+      def validate_ticket
+        url = validation_url
+        http = Net::HTTP.new(url.host, url.port)
+        http.use_ssl = (url.scheme == "https") 
     
-    result = Nokogiri.parse(http.get(url.request_uri).body)
+        body = http.get(url.request_uri).body
+        puts "Result: #{body}"
+        result = Nokogiri.parse(body)
 
-    # set username and extra attributes
-    find_username(result)
-    find_attributes(result) if @username
+        # set username and extra attributes
+        find_username(result)
+        find_attributes(result) if @username
 
-    !@username.nil?
-  end
+        !@username.nil?
+      end
   
-  def find_username(xml)
-    @username = xml.search("//cas:authenticationSuccess //cas:user").first.text rescue nil
-  end
+      def find_username(xml)
+        @username = xml.search("//cas:authenticationSuccess //cas:user").first.text rescue nil
+      end
   
-  def find_attributes(xml)
-    @extra_attributes = {}
-    xml.search("//cas:authenticationSuccess/*").each do |el|
-      # puts " * Attribute #{el.name} = #{el.content}"
-      @extra_attributes[el.name] = el.content
-    end
-  end
+      def find_attributes(xml)
+        @extra_attributes = {}
+        xml.search("//cas:authenticationSuccess/*").each do |el|
+          puts " * Attribute #{el.name} = #{el.content.to_s}"
+          value = YAML::parse(el.content).value.first.value rescue nil
+          @extra_attributes[el.name] = value
+        end
+      end
 
-  # For testing purposes only
-  #
-  # Fetch login ticket from the CAS login page
-  # def acquire_login_ticket(service_url=nil)
-  #   Nokogiri.parse(open(login_url(service_url)).read).search('input[@name=lt]').first.attr('value') rescue nil
-  # end
-  # 
-  # def authenticate(username, password, ticket, service_url=nil)
-  #   ticket = acquire_login_ticket(service_url)
-  #   url    = login_url(service_url)
-  # 
-  #   query  = url.query ? url.query : ""
-  #   query  += "&" + build_query(:username => username, :password => password, :lt => ticket, :service => service_url)
-  #   
-  #   req    = Net::HTTP.new(url.host, url.port)
-  #   res    = req.post url.path, query
-  #   
-  #   res.is_a?(Net::HTTPSuccess)
-  # end
-
-  #
-  # Returns a CAS url
-  # if action is :login or :validate, then the appropriate login and service-validation actions are used.
-  # Otherwise the argument is used as the first action.
-  #
-  # Options is a hash that is appended to the url.
-  #
-  # Return value is a URI object.
-  #
-  # Examples:
-  #
-  #   cas_url :login                          # => http://localhost/login
-  #   cas_url :validate, :ticket => "T123"    # => http://localhost/serviceValidate?ticket=T123
-  #
-  def cas_url(action=nil, options = nil)
-    url = Rack::Casual.cas_url.sub(/\/+$/, '')
+      #
+      # Returns a CAS url
+      # if action is :login or :validate, then the appropriate login and service-validation actions are used.
+      # Otherwise the argument is used as the first action.
+      #
+      # Options is a hash that is appended to the url.
+      #
+      # Return value is a URI object.
+      #
+      # Examples:
+      #
+      #   cas_url :login                          # => http://localhost/login
+      #   cas_url :validate, :ticket => "T123"    # => http://localhost/serviceValidate?ticket=T123
+      #
+      def self.cas_url(action=nil, options = {})
+        url = Rack::Casual.cas_url.sub(/\/+$/, '')
     
-    url << case action
-    when :login    then "/login"
-    when :validate then "/serviceValidate"
-    else
-      action.to_s
-    end
+        url << case action
+        when :login    then "/login"
+        when :logout   then "/logout"
+        when :validate then "/serviceValidate"
+        else
+          action.to_s
+        end
     
-    url += "?service=#{@service_url}"
-    url += "&ticket=#{@ticket}" if @ticket
-    URI.parse(url)
-  end
+        options = options.reject { |key,value| value.nil? }
+        if options.any?
+          url += "?" + options.map{|key,value| "#{key}=#{value}" }.join("&")
+        end
+
+        URI.parse(url)
+      end
       
-end
+    end
+
+  end 
+end

data/lib/rack/casual/controller.rb

@@ -2,19 +2,32 @@
 module Rack
   
   module Casual
-    
+
+    # Mixin module for ActionController
     module Controller
 
+      # Will send a 401 response to the user if user isn't logged in.
       def authenticate!
         authenticate_or_request_with_http_token unless logged_in?
       end
 
+      # Returns true if user is logged in
       def logged_in?
-        !session[::Rack::Casual.session_key_user].nil?
+        !session[Casual.session_key].nil?
       end
 
+      # Returns the logged in user
       def current_user
-        @current_user ||= ::Rack::Casual::UserFactory.authentication_scope.find(session[:user])
+        return @current_user if @current_user
+        @current_user = UserFactory.resource.find(session[Casual.session_key])
+        
+        # If user is not active, unset session
+        if UserFactory.user_not_active(@current_user)
+          @current_user = nil 
+          session[Casual.session_key] = nil
+        end
+        
+        @current_user
       end
 
     end

metadata

@@ -1,13 +1,12 @@
 --- !ruby/object:Gem::Specification 
 name: rack-casual
 version: !ruby/object:Gem::Version 
-  hash: 27
   prerelease: false
   segments: 
   - 0
   - 1
-  - 0
-  version: 0.1.0
+  - 1
+  version: 0.1.1
 platform: ruby
 authors: 
 - Gudleik Rasch
@@ -26,7 +25,6 @@ dependencies:
     requirements: 
     - - ~>
       - !ruby/object:Gem::Version 
-        hash: 1
         segments: 
         - 1
         - 4
@@ -42,7 +40,6 @@ dependencies:
     requirements: 
     - - ~>
       - !ruby/object:Gem::Version 
-        hash: 62196427
         segments: 
         - 2
         - 0
@@ -60,14 +57,13 @@ dependencies:
     requirements: 
     - - ~>
       - !ruby/object:Gem::Version 
-        hash: 9
         segments: 
         - 1
         - 3
         version: "1.3"
   type: :development
   version_requirements: *id003
-description: Rack middleware for authentication using CAS and/or tokens
+description: Rack middleware for authentication using CAS and/or token
 email: 
 - gudleik@gmail.com
 executables: []
@@ -103,7 +99,6 @@ required_ruby_version: !ruby/object:Gem::Requirement
   requirements: 
   - - ">="
     - !ruby/object:Gem::Version 
-      hash: 3
       segments: 
       - 0
       version: "0"
@@ -112,7 +107,6 @@ required_rubygems_version: !ruby/object:Gem::Requirement
   requirements: 
   - - ">="
     - !ruby/object:Gem::Version 
-      hash: 21
       segments: 
       - 1
       - 3
@@ -124,6 +118,6 @@ rubyforge_project:
 rubygems_version: 1.3.7
 signing_key: 
 specification_version: 3
-summary: CAS and token authentication using Rack
+summary: Rack middleware for authentication using CAS and/or token
 test_files: []