rubycas-server 0.5.0 → 0.5.0.186
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- data/CHANGELOG.txt +8 -0
- data/README.txt +3 -3
- data/Rakefile +2 -2
- data/lib/casserver/cas.rb +2 -2
- data/lib/casserver/utils.rb +7 -2
- data/lib/casserver.rb +3 -2
- data/vendor/camping-1.5.180/lib/camping/webrick.rb +3 -0
- metadata +2 -2
data/CHANGELOG.txt
CHANGED
|
@@ -1,3 +1,11 @@
|
|
|
1
|
+
=== In Progress...
|
|
2
|
+
|
|
3
|
+
* Tickets generated by the server should now be a lot more secure.
|
|
4
|
+
The random string generator used for generating tickets now uses
|
|
5
|
+
Crypt::ISAAC. Tickets have also been extended in length; STs, PTs
|
|
6
|
+
and LTs can now extend up to 32 characters, and PGTs and PGT-IOUs
|
|
7
|
+
up to 64.
|
|
8
|
+
|
|
1
9
|
=== 0.5.0 :: 2007-09-20
|
|
2
10
|
|
|
3
11
|
* Gateway requests should now be handled correctly. When the request to the
|
data/README.txt
CHANGED
|
@@ -14,8 +14,8 @@ You can contact the author at:
|
|
|
14
14
|
==============================================================================
|
|
15
15
|
|
|
16
16
|
RubyCAS-Server is free software; you can redistribute it and/or modify
|
|
17
|
-
it under the terms of the GNU General Public License as published
|
|
18
|
-
the Free Software Foundation; either version 2 of the License, or
|
|
17
|
+
it under the terms of the GNU Lesser General Public License as published
|
|
18
|
+
by the Free Software Foundation; either version 2 of the License, or
|
|
19
19
|
(at your option) any later version.
|
|
20
20
|
|
|
21
21
|
RubyCAS-Server is distributed in the hope that it will be useful,
|
|
@@ -23,7 +23,7 @@ but WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
|
23
23
|
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
|
24
24
|
GNU General Public License for more details.
|
|
25
25
|
|
|
26
|
-
You should have received a copy of the GNU General Public License
|
|
26
|
+
You should have received a copy of the GNU Lesser General Public License
|
|
27
27
|
along with RubyCAS-Server; if not, write to the Free Software
|
|
28
28
|
Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA
|
|
29
29
|
|
data/Rakefile
CHANGED
|
@@ -26,8 +26,8 @@ DEPS = [
|
|
|
26
26
|
|
|
27
27
|
|
|
28
28
|
NAME = "rubycas-server"
|
|
29
|
-
REV = nil
|
|
30
|
-
|
|
29
|
+
#REV = nil
|
|
30
|
+
REV = `svn info`[/Revision: (\d+)/, 1] rescue nil
|
|
31
31
|
VERS = ENV['VERSION'] || (CASServer::VERSION::STRING + (REV ? ".#{REV}" : ""))
|
|
32
32
|
CLEAN.include ['**/.*.sw?', '*.gem', '.config']
|
|
33
33
|
RDOC_OPTS = ['--quiet', '--title', "RubyCAS-Server #{VERS} Documentation",
|
data/lib/casserver/cas.rb
CHANGED
|
@@ -74,8 +74,8 @@ module CASServer::CAS
|
|
|
74
74
|
path = uri.path.empty? ? '/' : uri.path
|
|
75
75
|
|
|
76
76
|
pgt = ProxyGrantingTicket.new
|
|
77
|
-
pgt.ticket = "PGT-" + CASServer::Utils.random_string
|
|
78
|
-
pgt.iou = "PGTIOU-" + CASServer::Utils.random_string
|
|
77
|
+
pgt.ticket = "PGT-" + CASServer::Utils.random_string(60)
|
|
78
|
+
pgt.iou = "PGTIOU-" + CASServer::Utils.random_string(57)
|
|
79
79
|
pgt.service_ticket_id = st.id
|
|
80
80
|
pgt.client_hostname = env['REMOTE_HOST'] || env['REMOTE_ADDR']
|
|
81
81
|
|
data/lib/casserver/utils.rb
CHANGED
|
@@ -1,8 +1,13 @@
|
|
|
1
1
|
# Misc utility function used throughout by the RubyCAS-server.
|
|
2
2
|
module CASServer
|
|
3
3
|
module Utils
|
|
4
|
-
def random_string
|
|
5
|
-
|
|
4
|
+
def random_string(max_length = 29)
|
|
5
|
+
rg = Crypt::ISAAC.new
|
|
6
|
+
max = 4294619050
|
|
7
|
+
r = "#{Time.now.to_i}r%X%X%X%X%X%X%X%X" %
|
|
8
|
+
[rg.rand(max), rg.rand(max), rg.rand(max), rg.rand(max),
|
|
9
|
+
rg.rand(max), rg.rand(max), rg.rand(max), rg.rand(max)]
|
|
10
|
+
r[0..max_length-1]
|
|
6
11
|
end
|
|
7
12
|
module_function :random_string
|
|
8
13
|
|
data/lib/casserver.rb
CHANGED
|
@@ -19,14 +19,15 @@ end
|
|
|
19
19
|
$: << $CASSERVER_HOME + "/../vendor/camping-1.5.180/lib"
|
|
20
20
|
require 'camping'
|
|
21
21
|
|
|
22
|
+
$: << $CASSERVER_HOME + "/../vendor/isaac_0.9.1"
|
|
23
|
+
require 'crypt/ISAAC'
|
|
24
|
+
|
|
22
25
|
require 'active_support'
|
|
23
26
|
require 'yaml'
|
|
24
27
|
|
|
25
28
|
# enable xhtml source code indentation for debugging views
|
|
26
29
|
#Markaby::Builder.set(:indent, 2)
|
|
27
30
|
|
|
28
|
-
# seed the random number generator (ruby does this by default, but it doesn't hurt to do it here just to be sure)
|
|
29
|
-
srand
|
|
30
31
|
|
|
31
32
|
# Camping.goes must be called after the authenticator class is loaded, otherwise weird things happen
|
|
32
33
|
Camping.goes :CASServer
|
|
@@ -42,6 +42,9 @@ class CampingHandler < WEBrick::HTTPServlet::DefaultFileHandler
|
|
|
42
42
|
end
|
|
43
43
|
# Handler for WEBrick requests (also aliased as do_POST).
|
|
44
44
|
def service(req, resp)
|
|
45
|
+
puts @klass.inspect
|
|
46
|
+
puts req.body.inspect
|
|
47
|
+
puts req.meta_vars.inspect
|
|
45
48
|
controller = @klass.run((req.body and StringIO.new(req.body)), req.meta_vars)
|
|
46
49
|
resp.status = controller.status
|
|
47
50
|
@local_path = nil
|
metadata
CHANGED
|
@@ -3,8 +3,8 @@ rubygems_version: 0.9.2
|
|
|
3
3
|
specification_version: 1
|
|
4
4
|
name: rubycas-server
|
|
5
5
|
version: !ruby/object:Gem::Version
|
|
6
|
-
version: 0.5.0
|
|
7
|
-
date: 2007-
|
|
6
|
+
version: 0.5.0.186
|
|
7
|
+
date: 2007-11-27 00:00:00 -05:00
|
|
8
8
|
summary: Provides single sign on for web applications using the CAS protocol.
|
|
9
9
|
require_paths:
|
|
10
10
|
- lib
|