rubycas-server 0.4.2 → 0.5.0

data/lib/casserver/postambles.rb

@@ -13,26 +13,28 @@ module CASServer
       key_path = CASServer::Conf.ssl_key || CASServer::Conf.ssl_cert
         # look for the key in the ssl_cert if no ssl_key is specified
       
-      raise "'#{cert_path}' is not a valid ssl certificate. Your 'ssl_cert' configuration" +
-        " setting must be a path to a valid ssl certificate file." unless
-          File.exists? cert_path
-      
-      raise "'#{key_path}' is not a valid ssl private key. Your 'ssl_key' configuration" +
-        " setting must be a path to a valid ssl private key file." unless
-          File.exists? key_path
-      
-      cert = OpenSSL::X509::Certificate.new(File.read(cert_path))
-      key = OpenSSL::PKey::RSA.new(File.read(key_path))
+      webrick_options = {:BindAddress => "0.0.0.0", :Port => CASServer::Conf.port}
+      
+      unless cert_path.nil? && key_path.nil?
+        raise "'#{cert_path}' is not a valid ssl certificate. Your 'ssl_cert' configuration" +
+          " setting must be a path to a valid ssl certificate file." unless
+            File.exists? cert_path
+        
+        raise "'#{key_path}' is not a valid ssl private key. Your 'ssl_key' configuration" +
+          " setting must be a path to a valid ssl private key file." unless
+            File.exists? key_path
+        
+        cert = OpenSSL::X509::Certificate.new(File.read(cert_path))
+        key = OpenSSL::PKey::RSA.new(File.read(key_path))
+        
+        webrick_options[:SSLEnable] = true
+        webrick_options[:SSLVerifyClient] = ::OpenSSL::SSL::VERIFY_NONE
+        webrick_options[:SSLCertificate] = cert
+        webrick_options[:SSLPrivateKey] = key
+      end
       
       begin
-        s = WEBrick::HTTPServer.new(
-          :BindAddress => "0.0.0.0",
-          :Port => CASServer::Conf.port,
-          :SSLEnable => true,
-          :SSLVerifyClient => ::OpenSSL::SSL::VERIFY_NONE,
-          :SSLCertificate => cert,
-          :SSLPrivateKey => key
-        )
+        s = WEBrick::HTTPServer.new(webrick_options)
       rescue Errno::EACCES
         puts "\nThe server could not launch. Are you running on a privileged port? (e.g. port 443) If so, you must run the server as root."
         exit 2
@@ -41,7 +43,7 @@ module CASServer
       CASServer.create
       s.mount "#{CASServer::Conf.uri_path}", WEBrick::CampingHandler, CASServer
       
-      puts "\n** CASServer is running at http://localhost:#{CASServer::Conf.port}#{CASServer::Conf.uri_path} and logging to '#{CASServer::Conf.log[:file]}'\n\n"
+      puts "\n** CASServer is running at http#{webrick_options[:SSLEnable] ? 's' : ''}://#{Socket.gethostname}:#{CASServer::Conf.port}#{CASServer::Conf.uri_path} and logging to '#{CASServer::Conf.log[:file]}'\n\n"
     
       # This lets Ctrl+C shut down your server
       trap(:INT) do
@@ -68,11 +70,6 @@ module CASServer
       require 'rubygems'
       require 'mongrel/camping'
       
-      # camping has fixes for mongrel currently only availabe in SVN
-      # ... you can install camping from svn (1.5.180) by running: 
-      #     gem install camping --source code.whytheluckystiff.net
-      gem 'camping', '~> 1.5.180'
-      
       if $DAEMONIZE
         # check if log and pid are writable before daemonizing, otherwise we won't be able to notify
         # the user if we run into trouble later (since once daemonized, we can't write to stdout/stderr)

data/lib/casserver/utils.rb

@@ -5,6 +5,22 @@ module CASServer
       "#{Time.now.to_i}r%X" % rand(10**32)
     end
     module_function :random_string
+      
+    def log_controller_action(controller, params)
+      $LOG << "\n"
+      
+      /`(.*)'/.match(caller[1])
+      method = $~[1]
+      
+      if params.respond_to? :dup
+        params2 = params.dup
+        params2['password'] = '******' if params2['password']
+      else
+        params2 = params
+      end
+      $LOG.debug("Processing #{controller}::#{method} #{params2.inspect}")
+    end
+    module_function :log_controller_action
     
     class Logger < ::Logger
       def initialize(logdev, shift_age = 0, shift_size = 1048576)

data/lib/casserver/version.rb

@@ -1,9 +1,9 @@
 module CASServer
   module VERSION #:nodoc:
     MAJOR = 0
-    MINOR = 4
-    TINY  = 2
+    MINOR = 5
+    TINY  = 0
 
     STRING = [MAJOR, MINOR, TINY].join('.')
   end
-end
+end

data/lib/casserver/views.rb

@@ -8,7 +8,6 @@ Markaby::Builder.set(:indent, 2)
 module CASServer::Views
 
   def layout
-    
     # wrap as XHTML only when auto_validation is on, otherwise pass right through
     if @use_layout
       xhtml_strict do
@@ -28,9 +27,10 @@ module CASServer::Views
 
 
   # 2.1.3
+  # The full login page.
   def login
     @use_layout = true
-  
+    
     table(:id => "login-box") do
       tr do
         td(:colspan => 2) do
@@ -52,47 +52,54 @@ module CASServer::Views
           img(:id => "logo", :src => "/themes/#{current_theme}/logo.png")
         end
         td(:id => "login-form-container") do
-          form(:method => "post", :action => "/login", :id => "login-form",
-              :onsubmit => "submit = document.getElementById('login-submit'); submit.value='Please wait...'; submit.disabled=true; return true;") do
-            table(:id => "form-layout") do
-              tr do
-                td(:id => "username-label-container") do
-                  label(:id => "username-label", :for => "username") { "Username" }
-                end
-                td(:id => "username-container") do
-                  input(:type => "text", :id => "username", :name => "username",
-                    :size => "32", :tabindex => "1", :accesskey => "u")
-                end
-              end
-              tr do
-                td(:id => "password-label-container") do
-                  label(:id => "password-label", :for => "password") { "Password" }
-                end
-                td(:id => "password-container") do
-                  input(:type => "password", :id => "password", :name => "password", 
-                    :size => "32", :tabindex => "2", :accesskey => "p", :autocomplete => "off")
-                end
-              end
-              tr do
-                td{}
-                td(:id => "submit-container") do
-                  input(:type => "hidden", :id => "lt", :name => "lt", :value => @lt)
-                  input(:type => "hidden", :id => "service", :name => "service", :value => @service)
-                  input(:type => "hidden", :id => "warn", :name => "warn", :value => @warn)
-                  input(:type => "submit", :class => "button", :accesskey => "l", :value => "LOGIN", :tabindex => "4", :id => "login-submit")
-                end
-              end
-              tr do
-                td(:colspan => 2, :id => "infoline") { infoline }
-              end
-            end
+          @include_infoline = true
+          login_form
+        end
+      end
+    end
+  end
+  
+  # Just the login form.
+  def login_form
+    form(:method => "post", :action => @form_action || '/login', :id => "login-form",
+        :onsubmit => "submit = document.getElementById('login-submit'); submit.value='Please wait...'; submit.disabled=true; return true;") do
+      table(:id => "form-layout") do
+        tr do
+          td(:id => "username-label-container") do
+            label(:id => "username-label", :for => "username") { "Username" }
+          end
+          td(:id => "username-container") do
+            input(:type => "text", :id => "username", :name => "username",
+              :size => "32", :tabindex => "1", :accesskey => "u")
+          end
+        end
+        tr do
+          td(:id => "password-label-container") do
+            label(:id => "password-label", :for => "password") { "Password" }
+          end
+          td(:id => "password-container") do
+            input(:type => "password", :id => "password", :name => "password", 
+              :size => "32", :tabindex => "2", :accesskey => "p", :autocomplete => "off")
           end
         end
+        tr do
+          td{}
+          td(:id => "submit-container") do
+            input(:type => "hidden", :id => "lt", :name => "lt", :value => @lt)
+            input(:type => "hidden", :id => "service", :name => "service", :value => @service)
+            input(:type => "hidden", :id => "warn", :name => "warn", :value => @warn)
+            input(:type => "submit", :class => "button", :accesskey => "l", :value => "LOGIN", :tabindex => "4", :id => "login-submit")
+          end
+        end
+        tr do
+          td(:colspan => 2, :id => "infoline") { infoline }
+        end if @include_infoline
       end
     end
   end
   
   # 2.4.2
+  # CAS 1.0 validate response.
   def validate
     if @success
       text "yes\n#{@username}\n"
@@ -102,6 +109,7 @@ module CASServer::Views
   end
   
   # 2.5.2
+  # CAS 2.0 service validate response.
   def service_validate
     if @success
       tag!("cas:serviceResponse", 'xmlns:cas' => "http://www.yale.edu/tp/cas") do
@@ -120,6 +128,7 @@ module CASServer::Views
   end
   
   # 2.6.2
+  # CAS 2.0 proxy validate response.
   def proxy_validate
     if @success
       tag!("cas:serviceResponse", 'xmlns:cas' => "http://www.yale.edu/tp/cas") do
@@ -145,6 +154,7 @@ module CASServer::Views
   end
   
   # 2.7.2
+  # CAS 2.0 proxy request response.
   def proxy
     if @success
       tag!("cas:serviceResponse", 'xmlns:cas' => "http://www.yale.edu/tp/cas") do
@@ -183,3 +193,7 @@ module CASServer::Views
   end
   module_function :infoline
 end
+
+if CASServer::Conf.custom_views_file
+  require CASServer::Conf.custom_views_file
+end

data/lib/casserver.rb

@@ -14,7 +14,9 @@ unless Object.method_defined? :gem
   alias gem require_gem
 end
 
-gem 'camping', '~> 1.5'
+
+#gem 'camping', '~> 1.5.180'
+$: << $CASSERVER_HOME + "/../vendor/camping-1.5.180/lib"
 require 'camping'
 
 require 'active_support'
@@ -64,7 +66,7 @@ CASServer.init_logger
 def CASServer.create
   CASServer::Models.create_schema
   
-  $LOG.info("RubyCAS-Server initialized.")
+  $LOG.info("RubyCAS-Server #{CASServer::VERSION::STRING} initialized.")
   
   $LOG.debug("Configuration is:\n#{$CONF.to_yaml}")
   $LOG.debug("Authenticator is: #{$AUTH}")
@@ -88,6 +90,11 @@ if __FILE__ == $0 || $RUN
     $LOG.warn("Unable to create a pid file. You must use mongrel or webrick for this feature.")
   end
 
+  require 'casserver/version'
+  puts
+  puts "*** Starting RubyCAS-Server #{CASServer::VERSION::STRING} using codebase at #{$CASSERVER_HOME}"
+
+
   begin
     raise NoMethodError if CASServer::Conf.server.nil?
     send(CASServer::Conf.server)

data/lib/themes/cas.css

@@ -3,6 +3,7 @@
 }
 
 body {
+    text-align: center; /* hack for IE */
 }
 
 label {

data/vendor/camping-1.5.180/lib/camping/db.rb

@@ -0,0 +1,78 @@
+class MissingLibrary < Exception #:nodoc: all
+end
+begin
+    require 'active_record'
+rescue LoadError => e
+    raise MissingLibrary, "ActiveRecord could not be loaded (is it installed?): #{e.message}"
+end
+
+$AR_EXTRAS = %{
+  Base = ActiveRecord::Base unless const_defined? :Base
+
+  def Y; ActiveRecord::Base.verify_active_connections!; self; end
+
+  class SchemaInfo < Base
+  end
+
+  def self.V(n)
+    @final = [n, @final.to_i].max
+    m = (@migrations ||= [])
+    Class.new(ActiveRecord::Migration) do
+      meta_def(:version) { n }
+      meta_def(:inherited) { |k| m << k }
+    end
+  end
+
+  def self.create_schema(opts = {})
+    opts[:assume] ||= 0
+    opts[:version] ||= @final
+    if @migrations
+      unless SchemaInfo.table_exists?
+        ActiveRecord::Schema.define do
+          create_table SchemaInfo.table_name do |t|
+            t.column :version, :float
+          end
+        end
+      end
+
+      si = SchemaInfo.find(:first) || SchemaInfo.new(:version => opts[:assume])
+      if si.version < opts[:version]
+        @migrations.each do |k|
+          k.migrate(:up) if si.version < k.version and k.version <= opts[:version]
+          k.migrate(:down) if si.version > k.version and k.version > opts[:version]
+        end
+        si.update_attributes(:version => opts[:version])
+      end
+    end
+  end
+}
+
+module Camping
+  module Models
+    A = ActiveRecord
+    # Base is an alias for ActiveRecord::Base.  The big warning I'm going to give you
+    # about this: *Base overloads table_name_prefix.*  This means that if you have a
+    # model class Blog::Models::Post, it's table name will be <tt>blog_posts</tt>.
+    #
+    # ActiveRecord is not loaded if you never reference this class.  The minute you
+    # use the ActiveRecord or Camping::Models::Base class, then the ActiveRecord library
+    # is loaded.
+    Base = A::Base
+
+    # The default prefix for Camping model classes is the topmost module name lowercase
+    # and followed with an underscore.
+    #
+    #   Tepee::Models::Page.table_name_prefix
+    #     #=> "tepee_pages"
+    #
+    def Base.table_name_prefix
+        "#{name[/\w+/]}_".downcase.sub(/^(#{A}|camping)_/i,'')
+    end
+    module_eval $AR_EXTRAS
+  end
+end
+Camping::S.sub! "autoload:Base,'camping/db'", ""
+Camping::S.sub! "def Y;self;end", $AR_EXTRAS
+Camping::Apps.each do |app|
+    app::Models.module_eval $AR_EXTRAS
+end

data/vendor/camping-1.5.180/lib/camping/fastcgi.rb

@@ -0,0 +1,244 @@
+# == About camping/fastcgi.rb
+#
+# Camping works very well with FastCGI, since your application is only loaded
+# once -- when FastCGI starts.  In addition, this class lets you mount several
+# Camping apps under a single FastCGI process, to help save memory costs.
+#
+# So where do you use the Camping::FastCGI class?  Use it in your application's
+# postamble and then you can point your web server directly at your application.
+# See Camping::FastCGI docs for more.
+require 'camping'
+require 'fcgi'
+
+module Camping
+# Camping::FastCGI is a small class for hooking one or more Camping apps up to
+# FastCGI.  Generally, you'll use this class in your application's postamble.
+#
+# == The Smallest Example
+#
+#  if __FILE__ == $0
+#    require 'camping/fastcgi'
+#    Camping::FastCGI.start(YourApp)
+#  end
+#
+# This example is stripped down to the basics.  The postamble has no database
+# connection.  It just loads this class and calls Camping::FastCGI.start.
+#
+# Now, in Lighttpd or Apache, you can point to your app's file, which will
+# be executed, only to discover that your app now speaks the FastCGI protocol.
+#
+# Here's a sample lighttpd.conf (tested with Lighttpd 1.4.11) to serve as example:
+#
+#   server.port                 = 3044
+#   server.bind                 = "127.0.0.1"
+#   server.modules              = ( "mod_fastcgi" )
+#   server.document-root        = "/var/www/camping/blog/" 
+#   server.errorlog             = "/var/www/camping/blog/error.log" 
+#   
+#   #### fastcgi module
+#   fastcgi.server = ( "/" => ( 
+#     "localhost" => ( 
+#       "socket" => "/tmp/camping-blog.socket",
+#       "bin-path" => "/var/www/camping/blog/blog.rb",
+#       "check-local" => "disable",
+#       "max-procs" => 1 ) ) )
+#
+# The file <tt>/var/www/camping/blog/blog.rb</tt> is the Camping app with
+# the postamble.
+#
+# == Mounting Many Apps
+#
+#  require 'camping/fastcgi'
+#  fast = Camping::FastCGI.new
+#  fast.mount("/blog", Blog)
+#  fast.mount("/tepee", Tepee)
+#  fast.mount("/", Index)
+#  fast.start
+#
+class FastCGI
+    CHUNK_SIZE=(4 * 1024)
+
+    attr_reader :mounts
+
+    # Creates a Camping::FastCGI class with empty mounts.
+    def initialize
+        @mounts = {}
+    end
+    # Mounts a Camping application.  The +dir+ being the name of the directory
+    # to serve as the application's root.  The +app+ is a Camping class.
+    def mount(dir, app)
+        dir.gsub!(/\/{2,}/, '/')
+        dir.gsub!(/\/+$/, '')
+        @mounts[dir] = app
+    end
+
+    # 
+    # Starts the FastCGI main loop.
+    def start(&blk)
+        FCGI.each do |req|
+            camp_do(req, &blk)
+        end
+    end
+
+    # A simple single-app starter mechanism
+    #
+    #   Camping::FastCGI.start(Blog)
+    #
+    def self.start(app)
+        cf = Camping::FastCGI.new
+        cf.mount("/", app)
+        cf.start
+    end
+
+    # Serve an entire directory of Camping apps. (See 
+    # http://code.whytheluckystiff.net/camping/wiki/TheCampingServer.)
+    #
+    # Use this method inside your FastCGI dispatcher:
+    #
+    #   #!/usr/local/bin/ruby
+    #   require 'rubygems'
+    #   require 'camping/fastcgi'
+    #   Camping::Models::Base.establish_connection :adapter => 'sqlite3', :database => "/path/to/db"
+    #   Camping::FastCGI.serve("/home/why/cvs/camping/examples")
+    # 
+    def self.serve(path, index=nil)
+        require 'camping/reloader'
+        if File.directory? path
+            fast = Camping::FastCGI.new
+            script_load = proc do |script|
+                app = Camping::Reloader.new(script)
+                fast.mount("/#{app.mount}", app)
+                app
+            end
+            Dir[File.join(path, '*.rb')].each &script_load
+            fast.mount("/", index) if index
+
+            fast.start do |dir, app|
+                 Dir[File.join(path, dir, '*.rb')].each do |script|
+                     smount = "/" + File.basename(script, '.rb')
+                     script_load[script] unless fast.mounts.has_key? smount
+                 end
+            end
+        else
+            start(Camping::Reloader.new(path))
+        end
+    end
+
+    private
+
+    def camp_do(req)
+        root, path, dir, app = "/"
+        if ENV['FORCE_ROOT'] and ENV['FORCE_ROOT'].to_i == 1
+            path = req.env['SCRIPT_NAME']
+        else
+            root = req.env['SCRIPT_NAME']
+            path = req.env['PATH_INFO']
+        end
+
+        dir, app = @mounts.max { |a,b| match(path, a[0]) <=> match(path, b[0]) }
+        unless dir and app
+            dir, app = '/', Camping
+        end
+        yield dir, app if block_given?
+
+        req.env['SERVER_SCRIPT_NAME'] = req.env['SCRIPT_NAME']
+        req.env['SERVER_PATH_INFO'] = req.env['PATH_INFO']
+        req.env['SCRIPT_NAME'] = File.join(root, dir)
+        req.env['PATH_INFO'] = path.gsub(/^#{dir}/, '')
+
+        controller = app.run(SeekStream.new(req.in), req.env)
+        sendfile = nil
+        headers = {}
+        controller.headers.each do |k, v|
+            if k =~ /^X-SENDFILE$/i and !ENV['SERVER_X_SENDFILE']
+                sendfile = v
+            else
+                headers[k] = v
+            end
+        end
+
+        body = controller.body
+        controller.body = ""
+        controller.headers = headers
+
+        req.out << controller.to_s
+        if sendfile
+            File.open(sendfile, "rb") do |f|
+                while chunk = f.read(CHUNK_SIZE) and chunk.length > 0
+                    req.out << chunk
+                end
+            end
+        elsif body.respond_to? :read
+            while chunk = body.read(CHUNK_SIZE) and chunk.length > 0
+                req.out << chunk
+            end
+            body.close if body.respond_to? :close
+        else
+            req.out << body.to_s
+        end
+    rescue Exception => e
+        req.out << server_error(root, path, exc, req)
+    ensure
+        req.finish
+    end
+
+    def server_error(root, path, exc, req)
+        "Content-Type: text/html\r\n\r\n" +
+        "<h1>Camping Problem!</h1>" +
+        "<h2><strong>#{root}</strong>#{path}</h2>" + 
+        "<h3>#{exc.class} #{esc exc.message}</h3>" +
+        "<ul>" + exc.backtrace.map { |bt| "<li>#{esc bt}</li>" }.join + "</ul>" +
+        "<hr /><p>#{req.env.inspect}</p>"
+    end
+
+    def match(path, mount)
+        m = path.match(/^#{Regexp::quote mount}(\/|$)/)
+        if m; m.end(0)
+        else  -1
+        end
+    end
+
+    def esc(str)
+        str.gsub(/&/n, '&amp;').gsub(/\"/n, '&quot;').gsub(/>/n, '&gt;').gsub(/</n, '&lt;')
+    end
+
+    class SeekStream
+        def initialize(stream)
+            @last_read = ""
+            @stream = stream
+            @buffer = ""
+        end
+        def eof?
+            @buffer.empty? && @stream.eof?
+        end
+        def each
+            while true
+                pull(1024) until eof? or @buffer.index("\n")
+                return nil if eof?
+                yield @buffer.slice!(0..(@buffer.index("\n") || -1))
+            end
+        end
+        def pull(len)
+            @buffer += @stream.read(len).to_s
+        end
+        def read(len = 16384)
+            pull(len)
+            @last_read =
+                if eof?
+                    nil
+                else
+                    @buffer.slice!(0...len)
+                end
+        end
+        def seek(len, typ)
+            raise NotImplementedError, "only IO::SEEK_CUR is supported with SeekStream" if typ != IO::SEEK_CUR
+            raise NotImplementedError, "only rewinding is supported with SeekStream" if len > 0
+            raise NotImplementedError, "rewinding #{-len} past the buffer #{@last_read.size} start not supported with SeekStream" if -len > @last_read.size
+            @buffer = @last_read[len..-1] + @buffer
+            @last_read = ""
+            self
+        end
+    end
+
+end
+end