relevance-rubycas-server 0.6.99

data/test/test_cas.rb

@@ -0,0 +1,33 @@
+require 'rubygems'
+require 'mosquito'
+
+$CONF = {:authenticator => {:class => "CASServer::Authenticators::Test"}, 
+          :log => {:file => "/tmp/test.log", :level => "INFO"}}
+
+require File.dirname(__FILE__) + "/../lib/casserver"
+
+CASServer.create
+
+class TestCASServer < Camping::UnitTest
+
+  include CASServer::CAS
+
+  def test_generate_proxy_granting_ticket
+    pgt_url = "https://portal.urbacon.net:6543/cas_proxy_callback/receive_pgt"
+    st = generate_service_ticket("http://test.foo", "tester")
+    
+    pgt = nil
+    
+    assert_difference(ProxyGrantingTicket, :count, 1) do
+      pgt = generate_proxy_granting_ticket(pgt_url, st)
+    end
+    
+    puts pgt.inspect
+  end
+  
+  protected
+  def env
+    return {'REMOTE_ADDR' => "TEST"}
+  end
+
+end

data/test/test_casserver.rb

@@ -0,0 +1,125 @@
+require 'rubygems'
+require 'mosquito'
+
+$CONF = {:authenticator => {:class => "CASServer::Authenticators::Test"}}
+
+require File.dirname(__FILE__) + "/../lib/casserver"
+
+include CASServer::Models
+CASServer.create
+
+class TestCASServer < Camping::FunctionalTest
+
+  def test_test_atuhenticator
+    require File.dirname(__FILE__) + "/../lib/casserver/authenticators/test"
+    
+    valid_credentials = {:username => "testuser", :password => "testpassword"}
+    invalid_credentials = {:username => "asdfsdf", :password => "asdfsdf"}
+    
+    assert_equal CASServer::Authenticators::Test, $AUTH.class
+    assert $AUTH.validate(valid_credentials)
+    assert !$AUTH.validate(invalid_credentials)
+  end
+  
+  def test_valid_login
+    lt = start_login
+    
+    post '/login',
+          :lt => lt.ticket, 
+          :username => "testuser",
+          :password => "testpassword"
+          
+    assert_match_body("You have successfully logged in")
+    
+    lt = LoginTicket.find_by_ticket(lt.ticket)
+    
+    assert_not_nil @cookies[:tgt]
+    assert_not_nil TicketGrantingTicket.find_by_ticket(@cookies[:tgt])
+    
+    assert lt.consumed?
+  end
+  
+  def test_valid_login_with_service
+    lt = start_login
+    
+    fake_service = "http://www.google.com/"
+    
+    post '/login',
+          :lt => lt.ticket, 
+          :username => "testuser",
+          :password => "testpassword",
+          :service => fake_service
+          
+    @response.headers['Location'].to_s =~ /(.*?)\?ticket=(.*)/
+    redirected_to = $~[1]
+    service_ticket = $~[2]
+    
+    assert_equal fake_service, redirected_to
+    
+    assert_not_nil service_ticket
+    st = ServiceTicket.find_by_ticket(service_ticket)
+    assert_equal fake_service, st.service
+    assert_equal "testuser", st.username
+    assert !st.consumed?
+
+    assert_not_nil @cookies[:tgt]
+    assert_not_nil TicketGrantingTicket.find_by_ticket(@cookies[:tgt])
+    
+    assert LoginTicket.find_by_ticket(lt.ticket).consumed?
+  end
+  
+  def test_invalid_login
+    lt = start_login
+    
+    post '/login',
+          :lt => lt.ticket, 
+          :username => "testuser",
+          :password => "badpassword"
+          
+    assert_match_body("Incorrect username or password")
+    
+    # reusing the same login ticket should fail
+    post '/login',
+          :lt => lt.ticket, 
+          :username => "testuser",
+          :password => "testpassword"
+          
+    assert_match_body("The login ticket you provided has already been used up")
+    
+    # missing username/password
+    lt = start_login
+    post '/login',
+          :lt => lt.ticket
+          
+    assert_match_body("Incorrect username or password")
+    
+    # missing login ticket
+    post '/login',
+          :username => "testuser",
+          :password => "testpassword"
+    
+    assert_match_body("Your login request did not include a login ticket")
+  end
+  
+  private
+  def start_login
+    assert_difference(LoginTicket, :count, 1) do
+      get '/login'
+    end
+    
+    assert_response :success
+    assert_match_body("Login")
+
+    @response.body =~ /LT-[a-zA-Z0-9]*/
+    lt = $~[0]
+    assert_not_nil lt
+    
+    lt = LoginTicket.find_by_ticket(lt)
+    assert_not_nil lt
+    
+    assert !lt.consumed?
+    
+    lt
+  end
+
+end

data/vendor/isaac_0.9.1/LICENSE

@@ -0,0 +1,26 @@
+Copyright (c) 2004 - 2005 Kirk Haines (khaines@enigo.com)
+
+Permission is hereby granted, free of charge, to any person obtaining
+a copy of this software and associated documentation files (the
+"Software"), to deal in the Software without restriction, including
+without limitation the rights to use, copy, modify, merge, publish,
+distribute, sublicense, and/or sell copies of the Software, and to
+permit persons to whom the Software is furnished to do so, subject to
+the following conditions:
+
+The above copyright notice and this permission notice shall be
+included in all copies or substantial portions of the Software.
+
+For details about the ISAAC algorithm itself, see:
+
+http://burtleburtle.net/bob/rand/isaac.html
+
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
+EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
+MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
+NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
+LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
+OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
+WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
+

data/vendor/isaac_0.9.1/README

@@ -0,0 +1,78 @@
+Crypt::ISAAC README
+============
+
+ISAAC is a cryptographically secure PRNG for generating high quality random
+numbers.  Detailed information about the algorithm can be found at:
+
+http://burtleburtle.net/bob/rand/isaac.html
+
+This is a pure Ruby implementation of the algorithm.  It is reasonably fast for
+a pure Ruby implementation.  On an 800Mhz PIII computer running Ruby 1.8.2,
+and while the machine is also serving as general desktop, the library seems to
+consistently generate between 15000 and 16000 random numbers per second.
+
+Ruby uses the Mersenne Twister as its PRNG, and while this the Twister is
+a fast PRNG that produces highly random numbers, it is not strong for
+cryptographic purposes, nor is it suitable when one needs multiple
+independent streams of random numbers.  Crypt::ISAAC is suitable for either
+purpose.
+
+
+Requirements
+------------
+
+  * Ruby 1.8 (should also run on 1.6.x)
+
+
+Install
+-------
+
+  If you have never installed Crypt::ISAAC, you may run the testsuite
+  to confirm that it works with:
+
+    # ruby setup.rb test
+
+  If you already have a version of Crypt::ISAAC installed, but want to
+  confirm this one before installing, run the test suite manually as
+  follows:
+
+    # ruby test/TC_ISAAC.rb local
+
+  When you are ready to install Crypt::ISAAC, type:
+
+    # ruby setup.rb install
+
+  This one step will install Crypt::ISAAC in your Ruby SITELIB.  To test
+  the library after installation:
+
+    # ruby setup.rb test
+
+Usage
+-----
+
+require 'crypt/ISAAC'
+
+rng = Crypt::ISAAC.new
+
+r1 = rng.rand() # returns a floating point between 0 and 1
+r2 = rnd.rand(1000) # returns an integer between 0 and 999
+
+rand() should work identically to the Kernel.rand().
+
+Enjoy it.  Let me know if you find anything that can be improved or that
+needs to be fixed.
+
+
+License
+-------
+
+The Crypt::ISAAC library is licensed with an MIT style licence.
+See the LICENSE file for details.  As for the ISAAC algorithm itself,
+see:
+
+http://burtleburtle.net/bob/rand/isaac.html
+
+
+
+Kirk Haines
+khaines@enigo.com

data/vendor/isaac_0.9.1/TODO

@@ -0,0 +1,3 @@
+*	Add a C version of the ISAAC algorithm and make it possible to install
+	the pure Ruby version and/or a version using a C extension for better
+	performance.

data/vendor/isaac_0.9.1/VERSIONS

@@ -0,0 +1,3 @@
+* 0.9		Initial public release.  Pure Ruby.
+* 0.9.1		Update to tweak a couple things and reorganize project struct.
+		Now uses a Package based installer, or can be installed as a gem.

data/vendor/isaac_0.9.1/crypt/ISAAC.rb

@@ -0,0 +1,171 @@
+module Crypt
+
+	# ISAAC is a fast, strong random number generator.  Details on the
+	# algorithm can be found here: http://burtleburtle.net/bob/rand/isaac.html
+	# This provides a consistent and capable algorithm for producing
+	# independent streams of quality random numbers.
+
+	class ISAAC
+
+		attr_accessor :randrsl, :randcnt
+		attr_accessor :mm, :aa, :bb, :cc
+
+		# When a Crypt::ISAAC object is created, it needs to be seeded for
+		# random number generation.  If the system has a /dev/urandom file,
+		# that will be used to do the seeding by default.  If false is explictly
+		# passed when creating the object, it will instead use /dev/random to
+		# generate its seeds.  Be warned that this may make for SLOW
+		# initialization.
+		# If the requested source (/dev/urandom or /dev/random) do not exist,
+		# the system will fall back to a simplistic initialization mechanism
+		# using the builtin Mersenne Twister PRNG.
+
+		def initialize(noblock = true)
+			@mm = []
+			@randrsl = []
+			# Best initialization of the generator would be by pulling
+			# numbers from /dev/random.
+			rnd_source = noblock ? '/dev/urandom' : '/dev/random'
+			if (FileTest.exist? rnd_source)
+				File.open(rnd_source,'r') do |r|
+					256.times do |t|
+						z = r.read(4)
+						x = z.unpack('V')[0]
+						@randrsl[t] = x
+					end
+				end
+			else
+				# If urandom isn't available, the standard Ruby PRNG makes an
+				# adequate fallback.
+				256.times do |t|
+					@randrsl[t] = Kernel.rand(4294967295)
+				end
+			end
+			randinit(true)
+			nil
+		end
+
+		# Works just like the standard rand() function.  If called with an
+		# integer argument, rand() will return positive random number in
+		# the range of 0 to (argument - 1).  If called without an integer
+		# argument, rand() returns a positive floating point number less than 1.
+  
+		def rand(*num)
+			if (@randcnt == 1)
+				isaac
+				@randcnt = 256
+			end
+			@randcnt -= 1
+			if num[0].to_i > 0
+				@randrsl[@randcnt].modulo(num[0])
+			else
+				".#{@randrsl[@randcnt]}".to_f
+			end
+		end
+
+		def isaac
+			i = 0
+			x = 0
+			y = 0
+
+			@cc += 1
+			@bb += @cc
+			@bb & 0xffffffff
+
+			while (i < 256) do 
+				x = @mm[i]
+				@aa = (@mm[(i + 128) & 255] + (@aa^(@aa << 13)) ) & 0xffffffff
+				@mm[i] = y = (@mm[(x>>2)&255] + @aa + @bb ) & 0xffffffff
+				@randrsl[i] = @bb = (@mm[(y>>10)&255] + x ) & 0xffffffff
+				i += 1
+
+				x = @mm[i]
+				@aa = (@mm[(i+128)&255] + (@aa^(0x03ffffff & (@aa >> 6))) ) & 0xffffffff
+				@mm[i] = y = (@mm[(x>>2)&255] + @aa + @bb ) & 0xffffffff
+				@randrsl[i] = @bb = (@mm[(y>>10)&255] + x ) & 0xffffffff
+				i += 1
+
+				x = @mm[i]
+				@aa = (@mm[(i + 128)&255] + (@aa^(@aa << 2)) ) & 0xffffffff
+				@mm[i] = y = (@mm[(x>>2)&255] + @aa + @bb ) & 0xffffffff
+				@randrsl[i] = @bb = (@mm[(y>>10)&255] + x ) & 0xffffffff
+				i += 1
+
+				x = @mm[i]
+				@aa = (@mm[(i+128)&255] + (@aa^(0x0000ffff & (@aa >> 16))) ) & 0xffffffff
+				@mm[i] = y = (@mm[(x>>2)&255] + @aa + @bb ) & 0xffffffff
+				@randrsl[i] = @bb = (@mm[(y>>10)&255] + x ) & 0xffffffff
+				i += 1
+			end
+		end
+
+		def randinit(flag)
+			i = 0
+			a = 0
+			b = 0
+			c = 0
+			d = 0
+			e = 0
+			f = 0
+			g = 0
+			@aa = @bb = @cc = 0
+			a = b = c = d = e = f = g = h = 0x9e3779b9
+
+			while (i < 4) do
+				a ^= b<<1; d += a; b += c
+				b ^= 0x3fffffff & (c>>2); e += b; c += d
+				c ^= d << 8; f += c; d += e
+				d ^= 0x0000ffff & (e >> 16); g += d; e += f
+				e ^= f << 10; h += e; f += g
+				f ^= 0x0fffffff & (g >> 4); a += f; g += h
+				g ^= h << 8; b += g; h += a
+				h ^= 0x007fffff & (a >> 9); c += h; a += b
+				i += 1
+			end
+
+			i = 0
+			while (i < 256) do
+				if (flag)
+					a+=@randrsl[i  ].to_i; b+=@randrsl[i+1].to_i;
+					c+=@randrsl[i+2]; d+=@randrsl[i+3];
+					e+=@randrsl[i+4]; f+=@randrsl[i+5];
+					g+=@randrsl[i+6]; h+=@randrsl[i+7];
+				end
+
+				a^=b<<11; d+=a; b+=c;
+				b^=0x3fffffff & (c>>2);  e+=b; c+=d;
+				c^=d<<8;  f+=c; d+=e;
+				d^=0x0000ffff & (e>>16); g+=d; e+=f;
+				e^=f<<10; h+=e; f+=g;
+				f^=0x0fffffff & (g>>4);  a+=f; g+=h;
+				g^=h<<8;  b+=g; h+=a;
+				h^=0x007fffff & (a>>9);  c+=h; a+=b;
+				@mm[i]=a;@mm[i+1]=b; @mm[i+2]=c; @mm[i+3]=d;
+				@mm[i+4]=e; @mm[i+5]=f; @mm[i+6]=g; @mm[i+7]=h;
+				i += 8
+			end
+
+			if flag
+				i = 0
+				while (i < 256)
+					a+=@mm[i  ]; b+=@mm[i+1]; c+=@mm[i+2]; d+=@mm[i+3];
+					e+=@mm[i+4]; f+=@mm[i+5]; g+=@mm[i+6]; h+=@mm[i+7];
+					a^=b<<11; d+=a; b+=c;
+					b^=0x3fffffff & (c>>2);  e+=b; c+=d;
+					c^=d<<8;  f+=c; d+=e;
+					d^=0x0000ffff & (e>>16); g+=d; e+=f;
+					e^=f<<10; h+=e; f+=g;
+					f^=0x0fffffff & (g>>4);  a+=f; g+=h;
+					g^=h<<8;  b+=g; h+=a;
+					h^=0x007fffff & (a>>9);  c+=h; a+=b;
+					@mm[i  ]=a; @mm[i+1]=b; @mm[i+2]=c; @mm[i+3]=d;
+					@mm[i+4]=e; @mm[i+5]=f; @mm[i+6]=g; @mm[i+7]=h;
+					i += 8
+				end
+			end
+
+  		isaac()
+   		@randcnt=256;        # /* prepare to use the first set of results */
+		end
+	end
+end

data/vendor/isaac_0.9.1/isaac.gemspec

@@ -0,0 +1,39 @@
+#####
+# Crypt::ISAAC
+#   http://rubyforge.org/projects/crypt-isaac/
+#   Copyright 2004-2005 Kirk Haines
+#
+#   Licensed under the Ruby License.  See the README for details.
+#
+#####
+
+spec = Gem::Specification.new do |s|
+  s.name              = 'Crypt::ISAAC'
+  s.version           = '0.9.1'
+  s.summary           = %q(Ruby implementation of the ISAAC PRNG)
+  s.platform          = Gem::Platform::RUBY
+
+  s.has_rdoc          = true
+  s.rdoc_options      = %w(--title Crypt::ISAAC --main README --line-numbers)
+  s.extra_rdoc_files  = %w(README)
+
+  s.files = %w(README LICENSE TODO VERSIONS setup.rb isaac.gemspec test/TC_ISAAC.rb crypt/ISAAC.rb)
+
+  s.test_files = ['test/TC_ISAAC.rb']
+
+  s.require_paths     = %w(crypt)
+
+  s.author            = %q(Kirk Haines)
+  s.email             = %q(khaines@enigo.com)
+  s.rubyforge_project = %q(crypt-isaac)
+  s.homepage          = %q(http://rubyforge.org/projects/crypt-isaac)
+  description         = []
+  File.open("README") do |file|
+    file.each do |line|
+      line.chomp!
+      break if line.empty?
+      description << "#{line.gsub(/\[\d\]/, '')}"
+    end
+  end
+  s.description = description[1..-1].join(" ")
+end