synapses-cas 0.1.1 → 0.1.2

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (10) hide show
  1. data/CHANGELOG +21 -0
  2. data/README.md +5 -2
  3. data/bin/cas_config.yml +9 -2
  4. data/lib/casserver/server.rb +29 -7
  5. data/lib/casserver/utils.rb +24 -0
  6. data/lib/casserver/views/login.erb +3 -0
  7. data/locales/en.yml +1 -0
  8. data/locales/pt.yml +1 -0
  9. data/synapses-cas.gemspec +6 -1
  10. metadata +34 -2
data/CHANGELOG CHANGED
@@ -1,3 +1,24 @@
1
+ === 0.1.2 :: 2012-05-15
2
+
3
+ * Button for password recovery has been added in login page.
4
+
5
+ The password recovery url must be defined in configuration file.
6
+ password_recovery_url: http://localhost:3000/users/password_recovery
7
+
8
+ * Whitelist for ensure that only allowed clients can connect to cas server
9
+
10
+ To use this feature, you have to set the "service_whitelist" in your config file:
11
+ service_whitelist: http://localhost:3000,http://localhost:3001,http://localhost:3002
12
+ A config file example is available on /bin/cas_config.yml
13
+
14
+ === 0.1.1 :: 2012-05-11
15
+
16
+ * Configuration default_locale parameter is used now.
17
+ * You can switch between locales clicking on flags at login page. The locale is passed by parameters (?locale=pt) in URL.
18
+ * The selected locale is saved in current session.
19
+ * To start the cas server, you must type "synapses-cas" instead of "rubycas-server"
20
+ * Default theme has been completely rewrite to use twitter bootstrap, including flash messages (error, success and info).
21
+
1
22
  === 0.1.0 :: 2012-05-10
2
23
 
3
24
  * First public release.
data/README.md CHANGED
@@ -8,11 +8,14 @@ Other portions are copyright of their respective authors.
8
8
  ## Authors
9
9
 
10
10
  * Tiago Machado (tiago@synapses.com.br)
11
- * João Lucas (joaolucas@synapses.com.br
11
+ * João Lucas (joaolucas@synapses.com.br)
12
12
 
13
13
  ## Differences between Synapses CAS and the original RubyCAS
14
14
 
15
- [0001] Changed the location of translations path at "localization.rb
15
+ See CHANGELOG.
16
+
17
+ ![Default theme](https://dl.dropbox.com/s/e7sunyjrja63tv0/synapses-cas-theme.png)
18
+
16
19
 
17
20
  ## License
18
21
 
data/bin/cas_config.yml CHANGED
@@ -483,6 +483,8 @@ organization: Synapses
483
483
  # if you prefer to have no extra text shown at the bottom of the login box.
484
484
  infoline: Powered by <a href="http://www.synapses.com.br/">Synapses</a>
485
485
 
486
+ password_recovery_url: http://localhost:3000/users/password_recovery
487
+
486
488
  # Custom views directory. If set, this will be used instead of 'lib/casserver/views'.
487
489
  #custom_views: /path/to/custom/views
488
490
 
@@ -563,8 +565,13 @@ db_log:
563
565
  # is planned for a future release.
564
566
 
565
567
  enable_single_sign_out: true
566
-
567
-
568
+ ##### SERVICES #################################################################
569
+ # You can restrict what services can authenticate against the CAS server.
570
+ # By default any service can authenticate and a blank white list will also
571
+ # allow any service to authenticate. Services are listed on a single line
572
+ # separated by a comma.
573
+ service_whitelist: http://localhost:3000,http://localhost:3001,http://localhost:3002
574
+ #default_service: http://localhost:3000
568
575
  ##### OTHER ####################################################################
569
576
 
570
577
  # You can set various ticket expiry times (specify the value in seconds).
data/lib/casserver/server.rb CHANGED
@@ -298,12 +298,16 @@ module CASServer
298
298
  @infoline = settings.config[:infoline]
299
299
  @custom_views = settings.config[:custom_views]
300
300
  @default_locale = settings.config[:default_locale]
301
+ @password_recovery_url = settings.config[:password_recovery_url]
301
302
  @template_engine = settings.config[:template_engine] || :erb
302
303
  if @template_engine != :erb
303
304
  require @template_engine
304
305
  @template_engine = @template_engine.to_sym
305
306
  end
306
307
 
308
+ # Synapses CAS 0.1.2 - Thanks to https://github.com/dyson/rubycas-server
309
+ @service_whitelist = CASServer::Utils::initialize_service_whitelist(settings.config[:service_whitelist])
310
+
307
311
  # Synapses CAS 0.1.1
308
312
  session[:locale] = params[:locale] || session[:locale] || @default_locale
309
313
 
@@ -324,7 +328,10 @@ module CASServer
324
328
  headers['Expires'] = (Time.now - 1.year).rfc2822
325
329
 
326
330
  # optional params
327
- @service = clean_service_url(params['service'])
331
+ #@service = clean_service_url(params['service']) || settings.config[:default_service]
332
+
333
+ # Synapses CAS 0.1.2 - Whitelist
334
+ @service = CASServer::Utils::validate_service(clean_service_url(params['service']), @service_whitelist) || settings.config[:default_service]
328
335
  @renew = params['renew']
329
336
  @gateway = params['gateway'] == 'true' || params['gateway'] == '1'
330
337
 
@@ -414,7 +421,9 @@ module CASServer
414
421
  Utils::log_controller_action(self.class, params)
415
422
 
416
423
  # 2.2.1 (optional)
417
- @service = clean_service_url(params['service'])
424
+
425
+ # Synapses CAS 0.1.2
426
+ @service = CASServer::Utils::validate_service(clean_service_url(params['service']), @service_whitelist) || settings.config[:default_service]
418
427
 
419
428
  # 2.2.2 (required)
420
429
  @username = params['username']
@@ -530,7 +539,10 @@ module CASServer
530
539
  # "logout" page, we take the user back to the login page with a "you have been logged out"
531
540
  # message, allowing for an opportunity to immediately log back in. This makes it
532
541
  # easier for the user to log out and log in as someone else.
533
- @service = clean_service_url(params['service'] || params['destination'])
542
+
543
+ # Synapses CAS 0.1.2
544
+ @service = CASServer::Utils::validate_service(clean_service_url(params['service']), @service_whitelist)
545
+ @destination = params['destination']
534
546
  @continue_url = params['url']
535
547
 
536
548
  @gateway = params['gateway'] == 'true' || params['gateway'] == '1'
@@ -573,7 +585,10 @@ module CASServer
573
585
 
574
586
  @lt = generate_login_ticket
575
587
 
576
- if @gateway && @service
588
+ # Synapses CAS 0.1.2
589
+ if @gateway && @destination
590
+ redirect @destination, 303
591
+ elsif @gateway && @service
577
592
  redirect @service, 303
578
593
  elsif @continue_url
579
594
  render @template_engine, :logout
@@ -621,7 +636,10 @@ module CASServer
621
636
  CASServer::Utils::log_controller_action(self.class, params)
622
637
 
623
638
  # required
624
- @service = clean_service_url(params['service'])
639
+ #@service = clean_service_url(params['service'])
640
+ # Synapses CAS 0.1.2
641
+ @service = CASServer::Utils::validate_service(clean_service_url(params['service']), @service_whitelist)
642
+
625
643
  @ticket = params['ticket']
626
644
  # optional
627
645
  @renew = params['renew']
@@ -644,7 +662,9 @@ module CASServer
644
662
  CASServer::Utils::log_controller_action(self.class, params)
645
663
 
646
664
  # required
647
- @service = clean_service_url(params['service'])
665
+ #@service = clean_service_url(params['service'])
666
+ # Synapses CAS 0.1.2
667
+ @service = CASServer::Utils::validate_service(clean_service_url(params['service']), @service_whitelist)
648
668
  @ticket = params['ticket']
649
669
  # optional
650
670
  @pgt_url = params['pgtUrl']
@@ -675,7 +695,9 @@ module CASServer
675
695
  CASServer::Utils::log_controller_action(self.class, params)
676
696
 
677
697
  # required
678
- @service = clean_service_url(params['service'])
698
+ #@service = clean_service_url(params['service'])
699
+ # Synapses CAS 0.1.2
700
+ @service = CASServer::Utils::validate_service(clean_service_url(params['service']), @service_whitelist)
679
701
  @ticket = params['ticket']
680
702
  # optional
681
703
  @pgt_url = params['pgtUrl']
data/lib/casserver/utils.rb CHANGED
@@ -28,5 +28,29 @@ module CASServer
28
28
  $LOG.debug("Processing #{controller}::#{method} #{params2.inspect}")
29
29
  end
30
30
  module_function :log_controller_action
31
+
32
+ # Synapses CAS 0.1.2 - Thanks to https://github.com/dyson/rubycas-server
33
+ def initialize_service_whitelist(whitelist)
34
+ $LOG.debug("Initializing Service Whitelist")
35
+ whitelist = whitelist || ''
36
+ whitelist.split(',')
37
+ end
38
+ module_function :initialize_service_whitelist
39
+
40
+ # Synapses CAS 0.1.2 - Thanks to https://github.com/dyson/rubycas-server
41
+ def validate_service(service, whitelist)
42
+ $LOG.debug("Validating service \"#{service}\"")
43
+ if !whitelist.empty?
44
+ whitelist.each do |domain|
45
+ return service if service.to_s[0, domain.length] == domain # starts with
46
+ end
47
+ else
48
+ return service if whitelist.empty?
49
+ end
50
+ $LOG.warn("Service \"#{service}\" is not in service whitelist")
51
+ return nil
52
+ end
53
+ module_function :validate_service
31
54
  end
55
+
32
56
  end
data/lib/casserver/views/login.erb CHANGED
@@ -24,6 +24,9 @@
24
24
  <input type="hidden" id="lt" name="lt" value="<%= escape_html @lt %>" />
25
25
  <input type="hidden" id="service" name="service" value="<%= escape_html @service %>" />
26
26
  <input type="submit" accesskey="l" value="<%= t.button.login %>" tabindex="4" id="login-submit" class="btn btn-primary"/>
27
+ <% if !@password_recovery_url.blank? %>
28
+ <a href="<%= @password_recovery_url %>" class='btn btn-danger'><%= t.button.password_recovery %></a>
29
+ <% end %>
27
30
  </fieldset>
28
31
  </form>
29
32
  </div>
data/locales/en.yml CHANGED
@@ -24,3 +24,4 @@ label:
24
24
 
25
25
  button:
26
26
  login: "Login"
27
+ password_recovery: "Forgot your password?"
data/locales/pt.yml CHANGED
@@ -24,3 +24,4 @@ label:
24
24
 
25
25
  button:
26
26
  login: "Entrar"
27
+ password_recovery: "Esqueci minha senha"
data/synapses-cas.gemspec CHANGED
@@ -1,6 +1,6 @@
1
1
  $gemspec = Gem::Specification.new do |s|
2
2
  s.name = 'synapses-cas'
3
- s.version = '0.1.1'
3
+ s.version = '0.1.2'
4
4
  s.authors = ["Synapses Group"]
5
5
  s.email = ["tiago@synapses.com.br"]
6
6
  s.homepage = 'https://github.com/synapsesgroup/synapses-cas'
@@ -31,6 +31,9 @@ $gemspec = Gem::Specification.new do |s|
31
31
  s.add_dependency("sinatra", "~> 1.0")
32
32
  s.add_dependency("sinatra-r18n")
33
33
  s.add_dependency("crypt-isaac", "~> 0.9.1")
34
+ s.add_dependency("pg")
35
+ s.add_dependency("bcrypt-ruby")
36
+
34
37
 
35
38
  s.add_development_dependency("rack-test")
36
39
  s.add_development_dependency("capybara", '1.1.2')
@@ -39,6 +42,8 @@ $gemspec = Gem::Specification.new do |s|
39
42
  s.add_development_dependency("rake", "0.8.7")
40
43
  s.add_development_dependency("sqlite3", "~> 1.3.1")
41
44
 
45
+
46
+
42
47
  # for authenticator specs
43
48
  s.add_development_dependency("net-ldap", "~> 0.1.1")
44
49
  s.add_development_dependency("activeresource", ">= 2.3.12", "< 3.1")
metadata CHANGED
@@ -1,7 +1,7 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: synapses-cas
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.1.1
4
+ version: 0.1.2
5
5
  prerelease:
6
6
  platform: ruby
7
7
  authors:
@@ -9,7 +9,7 @@ authors:
9
9
  autorequire:
10
10
  bindir: bin
11
11
  cert_chain: []
12
- date: 2012-05-11 00:00:00.000000000 Z
12
+ date: 2012-05-15 00:00:00.000000000 Z
13
13
  dependencies:
14
14
  - !ruby/object:Gem::Dependency
15
15
  name: activerecord
@@ -103,6 +103,38 @@ dependencies:
103
103
  - - ~>
104
104
  - !ruby/object:Gem::Version
105
105
  version: 0.9.1
106
+ - !ruby/object:Gem::Dependency
107
+ name: pg
108
+ requirement: !ruby/object:Gem::Requirement
109
+ none: false
110
+ requirements:
111
+ - - ! '>='
112
+ - !ruby/object:Gem::Version
113
+ version: '0'
114
+ type: :runtime
115
+ prerelease: false
116
+ version_requirements: !ruby/object:Gem::Requirement
117
+ none: false
118
+ requirements:
119
+ - - ! '>='
120
+ - !ruby/object:Gem::Version
121
+ version: '0'
122
+ - !ruby/object:Gem::Dependency
123
+ name: bcrypt-ruby
124
+ requirement: !ruby/object:Gem::Requirement
125
+ none: false
126
+ requirements:
127
+ - - ! '>='
128
+ - !ruby/object:Gem::Version
129
+ version: '0'
130
+ type: :runtime
131
+ prerelease: false
132
+ version_requirements: !ruby/object:Gem::Requirement
133
+ none: false
134
+ requirements:
135
+ - - ! '>='
136
+ - !ruby/object:Gem::Version
137
+ version: '0'
106
138
  - !ruby/object:Gem::Dependency
107
139
  name: rack-test
108
140
  requirement: !ruby/object:Gem::Requirement