synapses-cas 0.1.1 → 0.1.2

Sign up to get free protection for your applications and to get access to all the features.
data/CHANGELOG CHANGED
@@ -1,3 +1,24 @@
1
+ === 0.1.2 :: 2012-05-15
2
+
3
+ * Button for password recovery has been added in login page.
4
+
5
+ The password recovery url must be defined in configuration file.
6
+ password_recovery_url: http://localhost:3000/users/password_recovery
7
+
8
+ * Whitelist for ensure that only allowed clients can connect to cas server
9
+
10
+ To use this feature, you have to set the "service_whitelist" in your config file:
11
+ service_whitelist: http://localhost:3000,http://localhost:3001,http://localhost:3002
12
+ A config file example is available on /bin/cas_config.yml
13
+
14
+ === 0.1.1 :: 2012-05-11
15
+
16
+ * Configuration default_locale parameter is used now.
17
+ * You can switch between locales clicking on flags at login page. The locale is passed by parameters (?locale=pt) in URL.
18
+ * The selected locale is saved in current session.
19
+ * To start the cas server, you must type "synapses-cas" instead of "rubycas-server"
20
+ * Default theme has been completely rewrite to use twitter bootstrap, including flash messages (error, success and info).
21
+
1
22
  === 0.1.0 :: 2012-05-10
2
23
 
3
24
  * First public release.
data/README.md CHANGED
@@ -8,11 +8,14 @@ Other portions are copyright of their respective authors.
8
8
  ## Authors
9
9
 
10
10
  * Tiago Machado (tiago@synapses.com.br)
11
- * João Lucas (joaolucas@synapses.com.br
11
+ * João Lucas (joaolucas@synapses.com.br)
12
12
 
13
13
  ## Differences between Synapses CAS and the original RubyCAS
14
14
 
15
- [0001] Changed the location of translations path at "localization.rb
15
+ See CHANGELOG.
16
+
17
+ ![Default theme](https://dl.dropbox.com/s/e7sunyjrja63tv0/synapses-cas-theme.png)
18
+
16
19
 
17
20
  ## License
18
21
 
data/bin/cas_config.yml CHANGED
@@ -483,6 +483,8 @@ organization: Synapses
483
483
  # if you prefer to have no extra text shown at the bottom of the login box.
484
484
  infoline: Powered by <a href="http://www.synapses.com.br/">Synapses</a>
485
485
 
486
+ password_recovery_url: http://localhost:3000/users/password_recovery
487
+
486
488
  # Custom views directory. If set, this will be used instead of 'lib/casserver/views'.
487
489
  #custom_views: /path/to/custom/views
488
490
 
@@ -563,8 +565,13 @@ db_log:
563
565
  # is planned for a future release.
564
566
 
565
567
  enable_single_sign_out: true
566
-
567
-
568
+ ##### SERVICES #################################################################
569
+ # You can restrict what services can authenticate against the CAS server.
570
+ # By default any service can authenticate and a blank white list will also
571
+ # allow any service to authenticate. Services are listed on a single line
572
+ # separated by a comma.
573
+ service_whitelist: http://localhost:3000,http://localhost:3001,http://localhost:3002
574
+ #default_service: http://localhost:3000
568
575
  ##### OTHER ####################################################################
569
576
 
570
577
  # You can set various ticket expiry times (specify the value in seconds).
@@ -298,12 +298,16 @@ module CASServer
298
298
  @infoline = settings.config[:infoline]
299
299
  @custom_views = settings.config[:custom_views]
300
300
  @default_locale = settings.config[:default_locale]
301
+ @password_recovery_url = settings.config[:password_recovery_url]
301
302
  @template_engine = settings.config[:template_engine] || :erb
302
303
  if @template_engine != :erb
303
304
  require @template_engine
304
305
  @template_engine = @template_engine.to_sym
305
306
  end
306
307
 
308
+ # Synapses CAS 0.1.2 - Thanks to https://github.com/dyson/rubycas-server
309
+ @service_whitelist = CASServer::Utils::initialize_service_whitelist(settings.config[:service_whitelist])
310
+
307
311
  # Synapses CAS 0.1.1
308
312
  session[:locale] = params[:locale] || session[:locale] || @default_locale
309
313
 
@@ -324,7 +328,10 @@ module CASServer
324
328
  headers['Expires'] = (Time.now - 1.year).rfc2822
325
329
 
326
330
  # optional params
327
- @service = clean_service_url(params['service'])
331
+ #@service = clean_service_url(params['service']) || settings.config[:default_service]
332
+
333
+ # Synapses CAS 0.1.2 - Whitelist
334
+ @service = CASServer::Utils::validate_service(clean_service_url(params['service']), @service_whitelist) || settings.config[:default_service]
328
335
  @renew = params['renew']
329
336
  @gateway = params['gateway'] == 'true' || params['gateway'] == '1'
330
337
 
@@ -414,7 +421,9 @@ module CASServer
414
421
  Utils::log_controller_action(self.class, params)
415
422
 
416
423
  # 2.2.1 (optional)
417
- @service = clean_service_url(params['service'])
424
+
425
+ # Synapses CAS 0.1.2
426
+ @service = CASServer::Utils::validate_service(clean_service_url(params['service']), @service_whitelist) || settings.config[:default_service]
418
427
 
419
428
  # 2.2.2 (required)
420
429
  @username = params['username']
@@ -530,7 +539,10 @@ module CASServer
530
539
  # "logout" page, we take the user back to the login page with a "you have been logged out"
531
540
  # message, allowing for an opportunity to immediately log back in. This makes it
532
541
  # easier for the user to log out and log in as someone else.
533
- @service = clean_service_url(params['service'] || params['destination'])
542
+
543
+ # Synapses CAS 0.1.2
544
+ @service = CASServer::Utils::validate_service(clean_service_url(params['service']), @service_whitelist)
545
+ @destination = params['destination']
534
546
  @continue_url = params['url']
535
547
 
536
548
  @gateway = params['gateway'] == 'true' || params['gateway'] == '1'
@@ -573,7 +585,10 @@ module CASServer
573
585
 
574
586
  @lt = generate_login_ticket
575
587
 
576
- if @gateway && @service
588
+ # Synapses CAS 0.1.2
589
+ if @gateway && @destination
590
+ redirect @destination, 303
591
+ elsif @gateway && @service
577
592
  redirect @service, 303
578
593
  elsif @continue_url
579
594
  render @template_engine, :logout
@@ -621,7 +636,10 @@ module CASServer
621
636
  CASServer::Utils::log_controller_action(self.class, params)
622
637
 
623
638
  # required
624
- @service = clean_service_url(params['service'])
639
+ #@service = clean_service_url(params['service'])
640
+ # Synapses CAS 0.1.2
641
+ @service = CASServer::Utils::validate_service(clean_service_url(params['service']), @service_whitelist)
642
+
625
643
  @ticket = params['ticket']
626
644
  # optional
627
645
  @renew = params['renew']
@@ -644,7 +662,9 @@ module CASServer
644
662
  CASServer::Utils::log_controller_action(self.class, params)
645
663
 
646
664
  # required
647
- @service = clean_service_url(params['service'])
665
+ #@service = clean_service_url(params['service'])
666
+ # Synapses CAS 0.1.2
667
+ @service = CASServer::Utils::validate_service(clean_service_url(params['service']), @service_whitelist)
648
668
  @ticket = params['ticket']
649
669
  # optional
650
670
  @pgt_url = params['pgtUrl']
@@ -675,7 +695,9 @@ module CASServer
675
695
  CASServer::Utils::log_controller_action(self.class, params)
676
696
 
677
697
  # required
678
- @service = clean_service_url(params['service'])
698
+ #@service = clean_service_url(params['service'])
699
+ # Synapses CAS 0.1.2
700
+ @service = CASServer::Utils::validate_service(clean_service_url(params['service']), @service_whitelist)
679
701
  @ticket = params['ticket']
680
702
  # optional
681
703
  @pgt_url = params['pgtUrl']
@@ -28,5 +28,29 @@ module CASServer
28
28
  $LOG.debug("Processing #{controller}::#{method} #{params2.inspect}")
29
29
  end
30
30
  module_function :log_controller_action
31
+
32
+ # Synapses CAS 0.1.2 - Thanks to https://github.com/dyson/rubycas-server
33
+ def initialize_service_whitelist(whitelist)
34
+ $LOG.debug("Initializing Service Whitelist")
35
+ whitelist = whitelist || ''
36
+ whitelist.split(',')
37
+ end
38
+ module_function :initialize_service_whitelist
39
+
40
+ # Synapses CAS 0.1.2 - Thanks to https://github.com/dyson/rubycas-server
41
+ def validate_service(service, whitelist)
42
+ $LOG.debug("Validating service \"#{service}\"")
43
+ if !whitelist.empty?
44
+ whitelist.each do |domain|
45
+ return service if service.to_s[0, domain.length] == domain # starts with
46
+ end
47
+ else
48
+ return service if whitelist.empty?
49
+ end
50
+ $LOG.warn("Service \"#{service}\" is not in service whitelist")
51
+ return nil
52
+ end
53
+ module_function :validate_service
31
54
  end
55
+
32
56
  end
@@ -24,6 +24,9 @@
24
24
  <input type="hidden" id="lt" name="lt" value="<%= escape_html @lt %>" />
25
25
  <input type="hidden" id="service" name="service" value="<%= escape_html @service %>" />
26
26
  <input type="submit" accesskey="l" value="<%= t.button.login %>" tabindex="4" id="login-submit" class="btn btn-primary"/>
27
+ <% if !@password_recovery_url.blank? %>
28
+ <a href="<%= @password_recovery_url %>" class='btn btn-danger'><%= t.button.password_recovery %></a>
29
+ <% end %>
27
30
  </fieldset>
28
31
  </form>
29
32
  </div>
data/locales/en.yml CHANGED
@@ -24,3 +24,4 @@ label:
24
24
 
25
25
  button:
26
26
  login: "Login"
27
+ password_recovery: "Forgot your password?"
data/locales/pt.yml CHANGED
@@ -24,3 +24,4 @@ label:
24
24
 
25
25
  button:
26
26
  login: "Entrar"
27
+ password_recovery: "Esqueci minha senha"
data/synapses-cas.gemspec CHANGED
@@ -1,6 +1,6 @@
1
1
  $gemspec = Gem::Specification.new do |s|
2
2
  s.name = 'synapses-cas'
3
- s.version = '0.1.1'
3
+ s.version = '0.1.2'
4
4
  s.authors = ["Synapses Group"]
5
5
  s.email = ["tiago@synapses.com.br"]
6
6
  s.homepage = 'https://github.com/synapsesgroup/synapses-cas'
@@ -31,6 +31,9 @@ $gemspec = Gem::Specification.new do |s|
31
31
  s.add_dependency("sinatra", "~> 1.0")
32
32
  s.add_dependency("sinatra-r18n")
33
33
  s.add_dependency("crypt-isaac", "~> 0.9.1")
34
+ s.add_dependency("pg")
35
+ s.add_dependency("bcrypt-ruby")
36
+
34
37
 
35
38
  s.add_development_dependency("rack-test")
36
39
  s.add_development_dependency("capybara", '1.1.2')
@@ -39,6 +42,8 @@ $gemspec = Gem::Specification.new do |s|
39
42
  s.add_development_dependency("rake", "0.8.7")
40
43
  s.add_development_dependency("sqlite3", "~> 1.3.1")
41
44
 
45
+
46
+
42
47
  # for authenticator specs
43
48
  s.add_development_dependency("net-ldap", "~> 0.1.1")
44
49
  s.add_development_dependency("activeresource", ">= 2.3.12", "< 3.1")
metadata CHANGED
@@ -1,7 +1,7 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: synapses-cas
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.1.1
4
+ version: 0.1.2
5
5
  prerelease:
6
6
  platform: ruby
7
7
  authors:
@@ -9,7 +9,7 @@ authors:
9
9
  autorequire:
10
10
  bindir: bin
11
11
  cert_chain: []
12
- date: 2012-05-11 00:00:00.000000000 Z
12
+ date: 2012-05-15 00:00:00.000000000 Z
13
13
  dependencies:
14
14
  - !ruby/object:Gem::Dependency
15
15
  name: activerecord
@@ -103,6 +103,38 @@ dependencies:
103
103
  - - ~>
104
104
  - !ruby/object:Gem::Version
105
105
  version: 0.9.1
106
+ - !ruby/object:Gem::Dependency
107
+ name: pg
108
+ requirement: !ruby/object:Gem::Requirement
109
+ none: false
110
+ requirements:
111
+ - - ! '>='
112
+ - !ruby/object:Gem::Version
113
+ version: '0'
114
+ type: :runtime
115
+ prerelease: false
116
+ version_requirements: !ruby/object:Gem::Requirement
117
+ none: false
118
+ requirements:
119
+ - - ! '>='
120
+ - !ruby/object:Gem::Version
121
+ version: '0'
122
+ - !ruby/object:Gem::Dependency
123
+ name: bcrypt-ruby
124
+ requirement: !ruby/object:Gem::Requirement
125
+ none: false
126
+ requirements:
127
+ - - ! '>='
128
+ - !ruby/object:Gem::Version
129
+ version: '0'
130
+ type: :runtime
131
+ prerelease: false
132
+ version_requirements: !ruby/object:Gem::Requirement
133
+ none: false
134
+ requirements:
135
+ - - ! '>='
136
+ - !ruby/object:Gem::Version
137
+ version: '0'
106
138
  - !ruby/object:Gem::Dependency
107
139
  name: rack-test
108
140
  requirement: !ruby/object:Gem::Requirement