rubycas-server 0.1.0

data/lib/casserver/models.rb

@@ -0,0 +1,109 @@
+require 'camping/db'
+
+module CASServer::Models
+  
+  module Consumable
+    def consume!
+      self.consumed = Time.now
+      self.save!
+    end
+  end
+  
+  class Ticket < Base
+    self.abstract_class = true
+    def to_s
+      ticket
+    end
+    
+    def self.cleanup_expired(expiry_time)
+      transaction do
+        expired_tickets = find(:all, 
+          :conditions => ["created_on < ?", Time.now - expiry_time])
+          
+        $LOG.debug("Destroying #{expired_tickets.size} expired #{self}"+
+          "#{'s' if expired_tickets.size > 1}.") if expired_tickets.size > 0
+      
+        expired_tickets.each do |t|
+          t.destroy
+        end
+      end
+    end
+  end
+  
+  class LoginTicket < Ticket
+    include Consumable
+  end
+  
+  class ServiceTicket < Ticket
+    include Consumable
+  end
+  
+  class ProxyTicket < ServiceTicket
+    belongs_to :proxy_granting_ticket
+  end
+  
+  class TicketGrantingTicket < Ticket
+  end
+  
+  class ProxyGrantingTicket < Ticket
+    belongs_to :service_ticket
+    has_many :proxy_tickets, :dependent => :destroy
+  end
+  
+  class Error
+    attr_reader :code, :message
+    
+    def initialize(code, message)
+      @code = code
+      @message = message
+    end
+    
+    def to_s
+      message
+    end
+  end
+
+  class CreateCASServer < V 0.1
+    def self.up
+      $LOG.info("Migrating database")
+      
+      create_table :casserver_login_tickets, :force => true do |t|
+        t.column :ticket,     :string,   :null => false
+        t.column :created_on, :timestamp, :null => false
+        t.column :consumed,   :datetime, :null => true
+        t.column :client_hostname, :string, :null => false
+      end
+    
+      create_table :casserver_service_tickets, :force => true do |t|
+        t.column :ticket,     :string,    :null => false
+        t.column :service,    :string,    :null => false
+        t.column :created_on, :timestamp, :null => false
+        t.column :consumed,   :datetime, :null => true
+        t.column :client_hostname, :string, :null => false
+        t.column :username,   :string,  :null => false
+        t.column :type,       :string,   :null => false
+        t.column :proxy_granting_ticket_id, :integer, :null => true
+      end
+      
+      create_table :casserver_ticket_granting_tickets, :force => true do |t|
+        t.column :ticket,     :string,    :null => false
+        t.column :created_on, :timestamp, :null => false
+        t.column :client_hostname, :string, :null => false
+        t.column :username,   :string,    :null => false
+      end
+      
+      create_table :casserver_proxy_granting_tickets, :force => true do |t|
+        t.column :ticket,     :string,    :null => false
+        t.column :created_on, :timestamp, :null => false
+        t.column :client_hostname, :string, :null => false
+        t.column :iou,        :string,    :null => false
+        t.column :service_ticket_id, :integer, :null => false
+      end
+    end
+    
+    def self.down
+      drop_table :casserver_service_tickets
+      drop_table :casserver_login_tickets
+    end
+  end
+end

data/lib/casserver/utils.rb

@@ -0,0 +1,33 @@
+# Misc utility function used throughout by the RubyCAS-server.
+module CASServer
+  module Utils
+    def random_string
+      "#{Time.now.to_i}r%X" % rand(10**32)
+    end
+    module_function :random_string
+    
+    class Logger < ::Logger
+      def initialize(logdev, shift_age = 0, shift_size = 1048576)
+        begin
+          super
+        rescue Exception
+          puts "WARNING: Couldn't create Logger with output '#{logdev}'. Logger output will be redirected to STDOUT."
+          super(STDOUT, shift_age, shift_size)
+        end
+      end
+    
+      def format_message(severity, datetime, progrname, msg)
+        (@formatter || @default_formatter).call(severity, datetime, progname, msg)
+      end
+    end
+  end
+  
+  class LogFormatter < ::Logger::Formatter
+    Format = "[%s#%d] %5s -- %s: %s\n"
+    
+    def call(severity, time, progname, msg)
+      Format % [format_datetime(time), $$, severity, progname,
+        msg2str(msg)]
+    end
+  end
+end

data/lib/casserver/version.rb

@@ -0,0 +1,9 @@
+module CASServer
+  module VERSION #:nodoc:
+    MAJOR = 0
+    MINOR = 1
+    TINY  = 0
+
+    STRING = [MAJOR, MINOR, TINY].join('.')
+  end
+end

data/lib/casserver/views.rb

@@ -0,0 +1,185 @@
+# The #.#.# comments (e.g. "2.1.3") refer to section numbers in the CAS protocol spec
+# under http://www.ja-sig.org/products/cas/overview/protocol/index.html
+
+module CASServer::Views
+
+  # need to turn off autovalidation to render CAS xml responses
+  #
+
+  def layout
+    # wrap as XHTML only when auto_validation is on, otherwise pass right through
+    if @auto_validation
+      xhtml_strict do
+        head do 
+          title { "#{organization} Central Login" }
+          link(:rel => "stylesheet", :type => "text/css", :href => "/themes/cas.css")
+          link(:rel => "stylesheet", :type => "text/css", :href => "/themes/#{current_theme}/theme.css")
+        end
+        body(:onload => "if (document.getElementById('username')) document.getElementById('username').focus()") do
+          self << yield 
+        end
+      end
+    else
+      self << yield
+    end
+  end
+
+
+  # 2.1.3
+  def login
+    @logo = 
+  
+    table(:id => "login-box") do
+      tr do
+        td(:colspan => 2) do
+          div(:id => "headline-container") do
+            strong organization
+            text "Central Login"
+          end
+        end
+      end
+      if @message
+        tr do
+          td(:colspan => 2, :id => "messagebox-container") do
+            div(:class => "messagebox #{@message[:type]}") { @message[:message] }
+          end
+        end
+      end
+      tr do
+        td(:id => "logo-container") do
+          img(:id => "logo", :src => "/themes/#{current_theme}/logo.png")
+        end
+        td(:id => "login-form-container") do
+          form(:method => "post", :action => "/login", :id => "login-form",
+              :onsubmit => "submit = document.getElementById('login-submit'); submit.value='Please wait...'; submit.disabled=true; return true;") do
+            table(:id => "form-layout") do
+              tr do
+                td(:id => "username-label-container") do
+                  label(:id => "username-label", :for => "username") { "Username" }
+                end
+                td(:id => "username-container") do
+                  input(:type => "text", :id => "username", :name => "username", :size => "32", :tabindex => "1", :accesskey => "n")
+                end
+              end
+              tr do
+                td(:id => "password-label-container") do
+                  label(:id => "password-label", :for => "password") { "Password" }
+                end
+                td(:id => "password-container") do
+                  input(:type => "password", :id => "password", :name => "password", :size => "32", :tabindex => "2", :accesskey => "p")
+                end
+              end
+              tr do
+                td{}
+                td(:id => "submit-container") do
+                  input(:type => "hidden", :id => "lt", :name => "lt", :value => @lt)
+                  input(:type => "hidden", :id => "service", :name => "service", :value => @service)
+                  input(:type => "hidden", :id => "warn", :name => "warn", :value => @warn)
+                  input(:type => "submit", :class => "button", :accesskey => "l", :value => "LOGIN", :tabindex => "4", :id => "login-submit")
+                end
+              end
+              tr do
+                td(:colspan => 2, :id => "infoline") { infoline }
+              end
+            end
+          end
+        end
+      end
+    end
+  end
+  
+  # 2.4.2
+  def validate
+    @auto_validation = false
+    if @success
+      text "yes\n#{@username}\n"
+    else
+      text "no\n\n"
+    end
+  end
+  
+  # 2.5.2
+  def service_validate
+    @auto_validation = false
+    if @success
+      tag!("cas:serviceResponse", 'xmlns:cas' => "http://www.yale.edu/tp/cas") do
+        tag!("cas:authenticationSuccess") do
+          tag!("cas:user") {@username}
+          if @pgtiou
+            tag!("cas:proxyGrantingTicket") {@pgtiou}
+          end
+        end
+      end
+    else
+      tag!("cas:serviceResponse", 'xmlns:cas' => "http://www.yale.edu/tp/cas") do
+        tag!("cas:authenticationFailure", :code => @error.code) {@error}
+      end
+    end
+  end
+  
+  # 2.6.2
+  def proxy_validate
+    @auto_validation = false
+    if @success
+      tag!("cas:serviceResponse", 'xmlns:cas' => "http://www.yale.edu/tp/cas") do
+        tag!("cas:authenticationSuccess") do
+          tag!("cas:user") {@username}
+          if @pgtiou
+            tag!("cas:proxyGrantingTicket") {@pgtiou}
+          end
+          if @proxies && !@proxies.empty?
+            tag!("cas:proxies") do
+              @proxies.each do |proxy_url|
+                tag!("cas:proxy") {proxy_url}
+              end
+            end
+          end
+        end
+      end
+    else
+      tag!("cas:serviceResponse", 'xmlns:cas' => "http://www.yale.edu/tp/cas") do
+        tag!("cas:authenticationFailure", :code => @error.code) {@error}
+      end
+    end
+  end
+  
+  # 2.7.2
+  def proxy
+    @auto_validation = false
+    if @success
+      tag!("cas:serviceResponse", 'xmlns:cas' => "http://www.yale.edu/tp/cas") do
+        tag!("cas:proxySuccess") do
+          tag!("cas:proxyTicket") {@pt}
+        end
+      end
+    else
+      tag!("cas:serviceResponse", 'xmlns:cas' => "http://www.yale.edu/tp/cas") do
+        tag!("cas:proxyFailure", :code => @error.code) {@error}
+      end
+    end
+  end
+  
+  def configure
+  end
+  
+  protected
+  def themes_dir
+    File.dirname(File.expand_path(__FILE__))+'../themes'
+  end
+  module_function :themes_dir
+  
+  def current_theme
+    CASServer::Conf.theme || "simple"
+  end
+  module_function :current_theme
+  
+  def organization
+    CASServer::Conf.organization || ""
+  end
+  module_function :organization
+  
+  def infoline
+    CASServer::Conf.infoline || ""
+  end
+  module_function :infoline
+end

data/lib/themes/cas.css

@@ -0,0 +1,112 @@
+* {
+	font-family: Verdana, sans-serif;
+}
+
+body {
+}
+
+label {
+	font-weight: bold;
+	font-size: 9px;
+}
+
+input {
+	font-weight: normal;
+	font-size: 12px;
+}
+
+input.button {
+	/*font-weight: bold;*/
+	font-size: 10px;
+}
+
+#login-box {
+	margin: 0 auto;
+	width: 350px;
+	top: 130px;
+	position: relative;
+}
+
+#headline-container {
+	text-align: right;
+	border-bottom: 1px solid #899989;
+	font-family: Tahoma, Verdana, sans-serif;
+	font-size: 22px;
+	margin-right: 0px;
+	padding-right: 7px;
+	margin-left: 10px;
+	letter-spacing: -0.25px;
+}
+
+#logo-container {
+	vertical-align: top;
+}
+
+#logo {
+}
+
+#login-form-container {
+	vertical-align: top;
+}
+
+
+#username,
+#password {
+	width: 10em;
+}
+
+#login-form {
+	padding: 20px;
+}
+
+
+#form-layout {
+	position: relative;
+	top: 6px;
+	width: 100%;
+}
+
+#form-layout td {
+	text-align: center;
+	padding-bottom: 8px;
+}
+
+#form-layout td#submit-container {
+	text-align: right;
+	padding-right: 10px;
+}
+
+#infoline {
+	font-size: 9px;
+}
+
+#messagebox-container {
+	padding-left: 11px;
+	padding-right: 16px;
+}
+
+div.messagebox {
+	font-size: 12px;
+	padding: 5px;
+	padding-left: 55px;
+	text-align: center;
+	width: 70%;
+	min-height: 34px;
+	vertical-align: middle;
+}
+
+div.mistake {
+	color: #d00;
+	background-image: url(warning.png);
+	background-repeat: no-repeat;
+	background-position: 10px 5px;
+	font-weight: bold;
+}
+
+div.confirmation {
+	color: #280;
+	background-image: url(ok.png);
+	background-repeat: no-repeat;
+	background-position: 10px 5px;
+	font-weight: bold;
+}