synapses-cas 0.1.1 → 0.1.2
Sign up to get free protection for your applications and to get access to all the features.
- data/CHANGELOG +21 -0
- data/README.md +5 -2
- data/bin/cas_config.yml +9 -2
- data/lib/casserver/server.rb +29 -7
- data/lib/casserver/utils.rb +24 -0
- data/lib/casserver/views/login.erb +3 -0
- data/locales/en.yml +1 -0
- data/locales/pt.yml +1 -0
- data/synapses-cas.gemspec +6 -1
- metadata +34 -2
data/CHANGELOG
CHANGED
|
@@ -1,3 +1,24 @@
|
|
|
1
|
+
=== 0.1.2 :: 2012-05-15
|
|
2
|
+
|
|
3
|
+
* Button for password recovery has been added in login page.
|
|
4
|
+
|
|
5
|
+
The password recovery url must be defined in configuration file.
|
|
6
|
+
password_recovery_url: http://localhost:3000/users/password_recovery
|
|
7
|
+
|
|
8
|
+
* Whitelist for ensure that only allowed clients can connect to cas server
|
|
9
|
+
|
|
10
|
+
To use this feature, you have to set the "service_whitelist" in your config file:
|
|
11
|
+
service_whitelist: http://localhost:3000,http://localhost:3001,http://localhost:3002
|
|
12
|
+
A config file example is available on /bin/cas_config.yml
|
|
13
|
+
|
|
14
|
+
=== 0.1.1 :: 2012-05-11
|
|
15
|
+
|
|
16
|
+
* Configuration default_locale parameter is used now.
|
|
17
|
+
* You can switch between locales clicking on flags at login page. The locale is passed by parameters (?locale=pt) in URL.
|
|
18
|
+
* The selected locale is saved in current session.
|
|
19
|
+
* To start the cas server, you must type "synapses-cas" instead of "rubycas-server"
|
|
20
|
+
* Default theme has been completely rewrite to use twitter bootstrap, including flash messages (error, success and info).
|
|
21
|
+
|
|
1
22
|
=== 0.1.0 :: 2012-05-10
|
|
2
23
|
|
|
3
24
|
* First public release.
|
data/README.md
CHANGED
|
@@ -8,11 +8,14 @@ Other portions are copyright of their respective authors.
|
|
|
8
8
|
## Authors
|
|
9
9
|
|
|
10
10
|
* Tiago Machado (tiago@synapses.com.br)
|
|
11
|
-
* João Lucas (joaolucas@synapses.com.br
|
|
11
|
+
* João Lucas (joaolucas@synapses.com.br)
|
|
12
12
|
|
|
13
13
|
## Differences between Synapses CAS and the original RubyCAS
|
|
14
14
|
|
|
15
|
-
|
|
15
|
+
See CHANGELOG.
|
|
16
|
+
|
|
17
|
+
|
|
18
|
+
|
|
16
19
|
|
|
17
20
|
## License
|
|
18
21
|
|
data/bin/cas_config.yml
CHANGED
|
@@ -483,6 +483,8 @@ organization: Synapses
|
|
|
483
483
|
# if you prefer to have no extra text shown at the bottom of the login box.
|
|
484
484
|
infoline: Powered by <a href="http://www.synapses.com.br/">Synapses</a>
|
|
485
485
|
|
|
486
|
+
password_recovery_url: http://localhost:3000/users/password_recovery
|
|
487
|
+
|
|
486
488
|
# Custom views directory. If set, this will be used instead of 'lib/casserver/views'.
|
|
487
489
|
#custom_views: /path/to/custom/views
|
|
488
490
|
|
|
@@ -563,8 +565,13 @@ db_log:
|
|
|
563
565
|
# is planned for a future release.
|
|
564
566
|
|
|
565
567
|
enable_single_sign_out: true
|
|
566
|
-
|
|
567
|
-
|
|
568
|
+
##### SERVICES #################################################################
|
|
569
|
+
# You can restrict what services can authenticate against the CAS server.
|
|
570
|
+
# By default any service can authenticate and a blank white list will also
|
|
571
|
+
# allow any service to authenticate. Services are listed on a single line
|
|
572
|
+
# separated by a comma.
|
|
573
|
+
service_whitelist: http://localhost:3000,http://localhost:3001,http://localhost:3002
|
|
574
|
+
#default_service: http://localhost:3000
|
|
568
575
|
##### OTHER ####################################################################
|
|
569
576
|
|
|
570
577
|
# You can set various ticket expiry times (specify the value in seconds).
|
data/lib/casserver/server.rb
CHANGED
|
@@ -298,12 +298,16 @@ module CASServer
|
|
|
298
298
|
@infoline = settings.config[:infoline]
|
|
299
299
|
@custom_views = settings.config[:custom_views]
|
|
300
300
|
@default_locale = settings.config[:default_locale]
|
|
301
|
+
@password_recovery_url = settings.config[:password_recovery_url]
|
|
301
302
|
@template_engine = settings.config[:template_engine] || :erb
|
|
302
303
|
if @template_engine != :erb
|
|
303
304
|
require @template_engine
|
|
304
305
|
@template_engine = @template_engine.to_sym
|
|
305
306
|
end
|
|
306
307
|
|
|
308
|
+
# Synapses CAS 0.1.2 - Thanks to https://github.com/dyson/rubycas-server
|
|
309
|
+
@service_whitelist = CASServer::Utils::initialize_service_whitelist(settings.config[:service_whitelist])
|
|
310
|
+
|
|
307
311
|
# Synapses CAS 0.1.1
|
|
308
312
|
session[:locale] = params[:locale] || session[:locale] || @default_locale
|
|
309
313
|
|
|
@@ -324,7 +328,10 @@ module CASServer
|
|
|
324
328
|
headers['Expires'] = (Time.now - 1.year).rfc2822
|
|
325
329
|
|
|
326
330
|
# optional params
|
|
327
|
-
|
|
331
|
+
#@service = clean_service_url(params['service']) || settings.config[:default_service]
|
|
332
|
+
|
|
333
|
+
# Synapses CAS 0.1.2 - Whitelist
|
|
334
|
+
@service = CASServer::Utils::validate_service(clean_service_url(params['service']), @service_whitelist) || settings.config[:default_service]
|
|
328
335
|
@renew = params['renew']
|
|
329
336
|
@gateway = params['gateway'] == 'true' || params['gateway'] == '1'
|
|
330
337
|
|
|
@@ -414,7 +421,9 @@ module CASServer
|
|
|
414
421
|
Utils::log_controller_action(self.class, params)
|
|
415
422
|
|
|
416
423
|
# 2.2.1 (optional)
|
|
417
|
-
|
|
424
|
+
|
|
425
|
+
# Synapses CAS 0.1.2
|
|
426
|
+
@service = CASServer::Utils::validate_service(clean_service_url(params['service']), @service_whitelist) || settings.config[:default_service]
|
|
418
427
|
|
|
419
428
|
# 2.2.2 (required)
|
|
420
429
|
@username = params['username']
|
|
@@ -530,7 +539,10 @@ module CASServer
|
|
|
530
539
|
# "logout" page, we take the user back to the login page with a "you have been logged out"
|
|
531
540
|
# message, allowing for an opportunity to immediately log back in. This makes it
|
|
532
541
|
# easier for the user to log out and log in as someone else.
|
|
533
|
-
|
|
542
|
+
|
|
543
|
+
# Synapses CAS 0.1.2
|
|
544
|
+
@service = CASServer::Utils::validate_service(clean_service_url(params['service']), @service_whitelist)
|
|
545
|
+
@destination = params['destination']
|
|
534
546
|
@continue_url = params['url']
|
|
535
547
|
|
|
536
548
|
@gateway = params['gateway'] == 'true' || params['gateway'] == '1'
|
|
@@ -573,7 +585,10 @@ module CASServer
|
|
|
573
585
|
|
|
574
586
|
@lt = generate_login_ticket
|
|
575
587
|
|
|
576
|
-
|
|
588
|
+
# Synapses CAS 0.1.2
|
|
589
|
+
if @gateway && @destination
|
|
590
|
+
redirect @destination, 303
|
|
591
|
+
elsif @gateway && @service
|
|
577
592
|
redirect @service, 303
|
|
578
593
|
elsif @continue_url
|
|
579
594
|
render @template_engine, :logout
|
|
@@ -621,7 +636,10 @@ module CASServer
|
|
|
621
636
|
CASServer::Utils::log_controller_action(self.class, params)
|
|
622
637
|
|
|
623
638
|
# required
|
|
624
|
-
|
|
639
|
+
#@service = clean_service_url(params['service'])
|
|
640
|
+
# Synapses CAS 0.1.2
|
|
641
|
+
@service = CASServer::Utils::validate_service(clean_service_url(params['service']), @service_whitelist)
|
|
642
|
+
|
|
625
643
|
@ticket = params['ticket']
|
|
626
644
|
# optional
|
|
627
645
|
@renew = params['renew']
|
|
@@ -644,7 +662,9 @@ module CASServer
|
|
|
644
662
|
CASServer::Utils::log_controller_action(self.class, params)
|
|
645
663
|
|
|
646
664
|
# required
|
|
647
|
-
|
|
665
|
+
#@service = clean_service_url(params['service'])
|
|
666
|
+
# Synapses CAS 0.1.2
|
|
667
|
+
@service = CASServer::Utils::validate_service(clean_service_url(params['service']), @service_whitelist)
|
|
648
668
|
@ticket = params['ticket']
|
|
649
669
|
# optional
|
|
650
670
|
@pgt_url = params['pgtUrl']
|
|
@@ -675,7 +695,9 @@ module CASServer
|
|
|
675
695
|
CASServer::Utils::log_controller_action(self.class, params)
|
|
676
696
|
|
|
677
697
|
# required
|
|
678
|
-
|
|
698
|
+
#@service = clean_service_url(params['service'])
|
|
699
|
+
# Synapses CAS 0.1.2
|
|
700
|
+
@service = CASServer::Utils::validate_service(clean_service_url(params['service']), @service_whitelist)
|
|
679
701
|
@ticket = params['ticket']
|
|
680
702
|
# optional
|
|
681
703
|
@pgt_url = params['pgtUrl']
|
data/lib/casserver/utils.rb
CHANGED
|
@@ -28,5 +28,29 @@ module CASServer
|
|
|
28
28
|
$LOG.debug("Processing #{controller}::#{method} #{params2.inspect}")
|
|
29
29
|
end
|
|
30
30
|
module_function :log_controller_action
|
|
31
|
+
|
|
32
|
+
# Synapses CAS 0.1.2 - Thanks to https://github.com/dyson/rubycas-server
|
|
33
|
+
def initialize_service_whitelist(whitelist)
|
|
34
|
+
$LOG.debug("Initializing Service Whitelist")
|
|
35
|
+
whitelist = whitelist || ''
|
|
36
|
+
whitelist.split(',')
|
|
37
|
+
end
|
|
38
|
+
module_function :initialize_service_whitelist
|
|
39
|
+
|
|
40
|
+
# Synapses CAS 0.1.2 - Thanks to https://github.com/dyson/rubycas-server
|
|
41
|
+
def validate_service(service, whitelist)
|
|
42
|
+
$LOG.debug("Validating service \"#{service}\"")
|
|
43
|
+
if !whitelist.empty?
|
|
44
|
+
whitelist.each do |domain|
|
|
45
|
+
return service if service.to_s[0, domain.length] == domain # starts with
|
|
46
|
+
end
|
|
47
|
+
else
|
|
48
|
+
return service if whitelist.empty?
|
|
49
|
+
end
|
|
50
|
+
$LOG.warn("Service \"#{service}\" is not in service whitelist")
|
|
51
|
+
return nil
|
|
52
|
+
end
|
|
53
|
+
module_function :validate_service
|
|
31
54
|
end
|
|
55
|
+
|
|
32
56
|
end
|
|
@@ -24,6 +24,9 @@
|
|
|
24
24
|
<input type="hidden" id="lt" name="lt" value="<%= escape_html @lt %>" />
|
|
25
25
|
<input type="hidden" id="service" name="service" value="<%= escape_html @service %>" />
|
|
26
26
|
<input type="submit" accesskey="l" value="<%= t.button.login %>" tabindex="4" id="login-submit" class="btn btn-primary"/>
|
|
27
|
+
<% if !@password_recovery_url.blank? %>
|
|
28
|
+
<a href="<%= @password_recovery_url %>" class='btn btn-danger'><%= t.button.password_recovery %></a>
|
|
29
|
+
<% end %>
|
|
27
30
|
</fieldset>
|
|
28
31
|
</form>
|
|
29
32
|
</div>
|
data/locales/en.yml
CHANGED
data/locales/pt.yml
CHANGED
data/synapses-cas.gemspec
CHANGED
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
$gemspec = Gem::Specification.new do |s|
|
|
2
2
|
s.name = 'synapses-cas'
|
|
3
|
-
s.version = '0.1.
|
|
3
|
+
s.version = '0.1.2'
|
|
4
4
|
s.authors = ["Synapses Group"]
|
|
5
5
|
s.email = ["tiago@synapses.com.br"]
|
|
6
6
|
s.homepage = 'https://github.com/synapsesgroup/synapses-cas'
|
|
@@ -31,6 +31,9 @@ $gemspec = Gem::Specification.new do |s|
|
|
|
31
31
|
s.add_dependency("sinatra", "~> 1.0")
|
|
32
32
|
s.add_dependency("sinatra-r18n")
|
|
33
33
|
s.add_dependency("crypt-isaac", "~> 0.9.1")
|
|
34
|
+
s.add_dependency("pg")
|
|
35
|
+
s.add_dependency("bcrypt-ruby")
|
|
36
|
+
|
|
34
37
|
|
|
35
38
|
s.add_development_dependency("rack-test")
|
|
36
39
|
s.add_development_dependency("capybara", '1.1.2')
|
|
@@ -39,6 +42,8 @@ $gemspec = Gem::Specification.new do |s|
|
|
|
39
42
|
s.add_development_dependency("rake", "0.8.7")
|
|
40
43
|
s.add_development_dependency("sqlite3", "~> 1.3.1")
|
|
41
44
|
|
|
45
|
+
|
|
46
|
+
|
|
42
47
|
# for authenticator specs
|
|
43
48
|
s.add_development_dependency("net-ldap", "~> 0.1.1")
|
|
44
49
|
s.add_development_dependency("activeresource", ">= 2.3.12", "< 3.1")
|
metadata
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: synapses-cas
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 0.1.
|
|
4
|
+
version: 0.1.2
|
|
5
5
|
prerelease:
|
|
6
6
|
platform: ruby
|
|
7
7
|
authors:
|
|
@@ -9,7 +9,7 @@ authors:
|
|
|
9
9
|
autorequire:
|
|
10
10
|
bindir: bin
|
|
11
11
|
cert_chain: []
|
|
12
|
-
date: 2012-05-
|
|
12
|
+
date: 2012-05-15 00:00:00.000000000 Z
|
|
13
13
|
dependencies:
|
|
14
14
|
- !ruby/object:Gem::Dependency
|
|
15
15
|
name: activerecord
|
|
@@ -103,6 +103,38 @@ dependencies:
|
|
|
103
103
|
- - ~>
|
|
104
104
|
- !ruby/object:Gem::Version
|
|
105
105
|
version: 0.9.1
|
|
106
|
+
- !ruby/object:Gem::Dependency
|
|
107
|
+
name: pg
|
|
108
|
+
requirement: !ruby/object:Gem::Requirement
|
|
109
|
+
none: false
|
|
110
|
+
requirements:
|
|
111
|
+
- - ! '>='
|
|
112
|
+
- !ruby/object:Gem::Version
|
|
113
|
+
version: '0'
|
|
114
|
+
type: :runtime
|
|
115
|
+
prerelease: false
|
|
116
|
+
version_requirements: !ruby/object:Gem::Requirement
|
|
117
|
+
none: false
|
|
118
|
+
requirements:
|
|
119
|
+
- - ! '>='
|
|
120
|
+
- !ruby/object:Gem::Version
|
|
121
|
+
version: '0'
|
|
122
|
+
- !ruby/object:Gem::Dependency
|
|
123
|
+
name: bcrypt-ruby
|
|
124
|
+
requirement: !ruby/object:Gem::Requirement
|
|
125
|
+
none: false
|
|
126
|
+
requirements:
|
|
127
|
+
- - ! '>='
|
|
128
|
+
- !ruby/object:Gem::Version
|
|
129
|
+
version: '0'
|
|
130
|
+
type: :runtime
|
|
131
|
+
prerelease: false
|
|
132
|
+
version_requirements: !ruby/object:Gem::Requirement
|
|
133
|
+
none: false
|
|
134
|
+
requirements:
|
|
135
|
+
- - ! '>='
|
|
136
|
+
- !ruby/object:Gem::Version
|
|
137
|
+
version: '0'
|
|
106
138
|
- !ruby/object:Gem::Dependency
|
|
107
139
|
name: rack-test
|
|
108
140
|
requirement: !ruby/object:Gem::Requirement
|