vibes-rubycas-client 2.3.0.alpha4 → 2.3.0.alpha5

data/Rakefile

@@ -21,6 +21,7 @@ Jeweler::Tasks.new do |gem|
   gem.description = "We've taken the rubycas-client and added some enterprisey features and improved compatibility with JASIG's CAS server"
   gem.authors = ["Matt Campbell", "Rahul Joshi", "Matt Zukowski", "Matt Walker"]
   gem.rdoc_options = ['--main', 'README.rdoc']
+  gem.files.exclude '.rvmrc'
   # dependencies defined in Gemfile
 end
 Jeweler::RubygemsDotOrgTasks.new

data/VERSION

@@ -1 +1 @@
-2.3.0.alpha4
+2.3.0.alpha5

data/lib/casclient/client.rb

@@ -40,6 +40,7 @@ module CASClient
       
       @log = CASClient::LoggerWrapper.new
       @log.set_real_logger(conf[:logger]) if conf[:logger]
+      @ticket_store.log = @log
       @conf_options = conf
     end
     

data/lib/casclient/frameworks/rails/filter.rb

@@ -78,8 +78,7 @@ module CASClient
                   controller.session[:casfilteruser] = vr.user
                   
                   if config[:enable_single_sign_out]
-                    f = @@client.ticket_store.store_service_session_lookup(st, controller.request.session_options[:id] || controller.session.session_id)
-                    log.debug("Wrote service session lookup file to #{f.inspect} with session id #{controller.request.session_options[:id] || controller.session.session_id.inspect}.")
+                    @@client.ticket_store.store_service_session_lookup(st, controller)
                   end
                 end
               
@@ -218,7 +217,7 @@ module CASClient
           def logout(controller, service = nil)
             referer = service || controller.request.referer
             st = controller.session[:cas_last_valid_ticket]
-            @@client.ticket_store.delete_service_session_lookup(st) if st
+            @@client.ticket_store.cleanup_service_session_lookup(st) if st
             controller.send(:reset_session)
             controller.send(:redirect_to, client.logout_url(referer))
           end
@@ -297,38 +296,8 @@ module CASClient
               end
               
               log.debug "Intercepted single-sign-out request for CAS session #{si.inspect}."
-              
-              begin
-                required_sess_store = ActiveRecord::SessionStore
-                current_sess_store  = ActionController::Base.session_store
-              rescue NameError
-                # for older versions of Rails (prior to 2.3)
-                required_sess_store = CGI::Session::ActiveRecordStore
-                current_sess_store  = ActionController::Base.session_options[:database_manager]
-              end
-
 
-              if current_sess_store == required_sess_store
-                session_id = @@client.ticket_store.read_service_session_lookup(si)
-
-                if session_id
-                  session = current_sess_store::Session.find_by_session_id(session_id)
-                  if session
-                    session.destroy
-                    log.debug("Destroyed #{session.inspect} for session #{session_id.inspect} corresponding to service ticket #{si.inspect}.")
-                  else
-                    log.debug("Data for session #{session_id.inspect} was not found. It may have already been cleared by a local CAS logout request.")
-                  end
-                  
-                  log.info("Single-sign-out for session #{session_id.inspect} completed successfuly.")
-                else
-                  log.warn("Couldn't destroy session with SessionIndex #{si} because no corresponding session id could be looked up.")
-                end
-              else
-                log.error "Cannot process logout request because this Rails application's session store is "+
-                  " #{current_sess_store.name.inspect}. Single Sign-Out only works with the "+
-                  " #{required_sess_store.name.inspect} session store."
-              end
+              @@client.ticket_store.process_single_sign_out(si)             
               
               # Return true to indicate that a single-sign-out request was detected
               # and that further processing of the request is unnecessary.

data/lib/casclient/responses.rb

@@ -32,15 +32,13 @@ module CASClient
     attr_reader :protocol, :user, :pgt_iou, :proxies, :extra_attributes
     
     def initialize(raw_text, options={})
-      conf_options = options
-      parse(raw_text)
+      parse(raw_text, options)
     end
     
-    def parse(raw_text)
+    def parse(raw_text, options)
       raise BadResponseException, 
         "CAS response is empty/blank." if raw_text.blank?
       @parse_datetime = Time.now
-      
       if raw_text =~ /^(yes|no)\n(.*?)\n$/m
         @protocol = 1.0
         @valid = $~[1] == 'yes'
@@ -77,12 +75,22 @@ module CASClient
         @extra_attributes.each do |k, v|
           if v.blank?
             @extra_attributes[k] = nil
-          #elsif v.kind_of?(String)
-          #  @extra_attributes[k] = v
-          #elsif conf.has_key?('encode_extra_attributes_as') && conf_options[:encode_extra_attributes_as] == :json 
-          #  @extra_attributes[k] = JSON.parse(v)
-          else
-            @extra_attributes[k] = YAML.load(v)
+          elsif !options[:encode_extra_attributes_as]
+            begin
+                @extra_attributes[k] = YAML.load(v)
+              rescue ArgumentError
+                raise ArgumentError, "Did not find :encode_extra_attributes_as config parameter, hence default encoding scheme is YAML but CAS response recieved in encoded differently "
+              end
+          else 
+            if options[:encode_extra_attributes_as] == :json
+              begin
+                @extra_attributes[k] = JSON.parse(v)
+              rescue JSON::ParserError
+                @extra_attributes[k] = YAML.load(v)
+              end
+            else
+              @extra_attributes[k] = YAML.load(v)
+            end
           end
         end
       elsif is_failure?

data/lib/casclient/tickets/storage.rb

@@ -2,15 +2,42 @@ module CASClient
   module Tickets
     module Storage
       class AbstractTicketStore
-        def store_service_session_lookup(st, sid)
-          raise 'Implement this in a subclass!'
+
+        attr_accessor :log
+        @log = CASClient::LoggerWrapper.new
+
+        def process_single_sign_out(si)
+
+          session_id, session = get_session_for_service_ticket(si)
+          if session
+            session.destroy
+            log.debug("Destroyed #{session.inspect} for session #{session_id.inspect} corresponding to service ticket #{si.inspect}.")
+          else
+            log.debug("Data for session #{session_id.inspect} was not found. It may have already been cleared by a local CAS logout request.")
+          end
+
+          if session_id
+            log.info("Single-sign-out for service ticket #{session_id.inspect} completed successfuly.")
+          else
+            log.debug("No session id found for CAS ticket #{si}")
+          end
         end
 
-        def read_servcie_session_lookup(st)
+        def get_session_for_service_ticket(st)
+          session_id = read_service_session_lookup(si)
+          if session_id
+            session = ActiveRecord::SessionStore::Session.find_by_session_id(session_id)
+          else
+            log.warn("Couldn't destroy session with SessionIndex #{si} because no corresponding session id could be looked up.")
+          end
+          session_id, session
+        end
+
+        def store_service_session_lookup(st, controller)
           raise 'Implement this in a subclass!'
         end
 
-        def delete_service_session_lookup(st)
+        def cleanup_service_session_lookup(st)
           raise 'Implement this in a subclass!'
         end
 
@@ -21,6 +48,11 @@ module CASClient
         def retrieve_pgt(pgt_iou)
           raise 'Implement this in a subclass!'
         end
+
+        protected
+        def read_service_session_lookup(st)
+          raise 'Implement this in a subclass!'
+        end
       end
 
       # A Ticket Store that keeps it's tickets in a directory on the local filesystem.
@@ -49,9 +81,11 @@ module CASClient
         # cas_sess.<session ticket> and its text contents is the corresponding 
         # Rails session id.
         # Returns the filename of the lookup file created.
-        def store_service_session_lookup(st, sid)
+        def store_service_session_lookup(st, controller)
           raise CASException, "No service_ticket specified." unless st
-          raise CASException, "No session_id specified." unless sid
+          raise CASException, "No controller specified." unless controller
+
+          sid = controller.request.session_options[:id] || controller.session.session_id
 
           st = st.ticket if st.kind_of? ServiceTicket
           f = File.new(filename_of_service_session_lookup(st), 'w')
@@ -77,7 +111,7 @@ module CASClient
         # closed.
         #
         # See #store_service_session_lookup.
-        def delete_service_session_lookup(st)
+        def cleanup_service_session_lookup(st)
           raise CASException, "No service_ticket specified." unless st
 
           st = st.ticket if st.kind_of? ServiceTicket

data/lib/casclient/tickets/storage/active_record_ticket_store.rb

@@ -0,0 +1,67 @@
+#require 'active_record'
+
+module CASClient
+  module Tickets
+    module Storage
+
+      # A Ticket Store that keeps it's ticket in database tables using ActiveRecord.
+      #
+      # Services Tickets are stored in an extra column add to the ActiveRecord sessions table.
+      # Proxy Granting Tickets and their IOUs are stored in the cas_pgtious table.
+      #
+      # This ticket store takes the following config parameters
+      # :pgtious_table_name - the name of the table 
+      class ActiveRecordTicketStore < AbstractTicketStore
+
+        def initialize(config={})
+          config ||= {}
+          if config[:pgtious_table_name]
+            CasPgtiou.set_table_name = config[:pgtious_table_name]
+          end
+        end
+
+        def store_service_session_lookup(st, controller)
+          #get the session from the rack env using ActiveRecord::SessionStore::SESSION_RECORD_KEY = 'rack.session.record'
+
+          st = st.ticket if st.kind_of? ServiceTicket
+          session = controller.request.env[ActiveRecord::SessionStore::SESSION_RECORD_KEY]
+          session.service_ticket = st
+        end
+
+        def get_session_for_service_ticket(st)
+          st = st.ticket if st.kind_of? ServiceTicket
+          ActiveRecord::SessionStore::Session.find_by_service_ticket(st)
+        end
+
+        def cleanup_service_session_lookup(st)
+          #no cleanup needed for this ticket store
+        end
+
+        def save_pgt_iou(pgt_iou, pgt)
+          pgtiou = CasPgtiou.create(:pgt_iou => pgt_iou, :pgt_id => pgt)
+        end
+
+        def retrieve_pgt(pgt_iou)
+          raise CASException, "No pgt_iou specified. Cannot retrieve the pgt." unless pgt_iou
+
+          pgtiou = CasPgtiou.find_by_pgt_iou(pgt_iou)
+          pgt = pgtiou.pgt_id
+
+          raise CASException, "Invalid pgt_iou specified. Perhaps this pgt has already been retrieved?" unless pgt
+
+          pgtiou.destroy
+
+          pgt
+
+        end
+
+      end
+
+      class CasPgtiou < ActiveRecord::Base
+        #t.string :pgt_iou, :null => false
+        #t.string :pgt_id, :null => false
+        #t.timestamps
+      end
+    end
+  end
+end

data/rails_generators/active_record_ticket_store/USAGE

@@ -0,0 +1,9 @@
+Description:
+  Create a migration to add the service_ticket column to the sessions
+  table and create the cas_pgtious table for proxy ticket storage.
+  Pass the migration name as an optional parameter. The migration name
+  defaults to CreateActiveRecordTicketStore.
+
+Requirements:
+  You need to already have created the ActiveRecord::SessionStore sessions
+  table.

data/rails_generators/active_record_ticket_store/active_record_ticket_store_generator.rb

@@ -0,0 +1,29 @@
+class ActiveRecordTicketStoreGenerator < Rails::Generator::NamedBase
+
+  def initialize(runtime_args, runtime_options = {})
+    runtime_args << 'create_active_record_ticket_store' if runtime_args.empty?
+    super
+  end
+
+  def manifest
+    record do |m|
+      m.migration_template 'migration.rb', 'db/migrate',
+        :assigns => { :session_table_name => default_session_table_name, :pgtiou_table_name => default_pgtiou_table_name }
+      m.readme "README"
+    end
+  end
+
+  protected
+  def banner
+    "Usage: #{$0} #{spec.name} [CreateActiveRecordTicketStore] [options]"
+  end
+
+  def default_session_table_name
+    ActiveRecord::Base.pluralize_table_names ? 'session'.pluralize : 'session'
+  end
+
+  def default_pgtiou_table_name
+    ActiveRecord::Base.pluralize_table_names ? 'cas_pgtiou'.pluralize : 'cas_pgtiou'
+  end
+
+end

data/rails_generators/active_record_ticket_store/templates/README

@@ -0,0 +1 @@
+You need to make sure you have already created the sessions table for the ActiveRecord::SessionStore

data/rails_generators/active_record_ticket_store/templates/migration.rb

@@ -0,0 +1,24 @@
+class <%= class_name %> < ActiveRecord::Migration
+  def self.up
+    add_column :<%= session_table_name %>, :service_ticket, :string
+
+    add_index :<%= session_table_name %>, :service_ticket
+    
+    create_table :<%= pgtiou_table_name %> do |t|
+      t.string :pgt_iou, :null => false
+      t.string :pgt_id, :null => false
+      t.timestamps
+    end
+
+    add_index :<%= pgtiou_table_name %>, :pgt_iou, :unique => true
+  end
+
+  def self.down
+    drop_table :<%= pgtiou_table_name %>
+
+    remove_index :<%= session_table_name %>, :service_ticket
+
+    remove_column :<%= session_table_name %>, :service_ticket
+  end
+end
+

data/vibes-rubycas-client.gemspec

@@ -5,18 +5,17 @@
 
 Gem::Specification.new do |s|
   s.name = %q{vibes-rubycas-client}
-  s.version = "2.3.0.alpha4"
+  s.version = "2.3.0.alpha5"
 
   s.required_rubygems_version = Gem::Requirement.new("> 1.3.1") if s.respond_to? :required_rubygems_version=
   s.authors = ["Matt Campbell", "Rahul Joshi", "Matt Zukowski", "Matt Walker"]
-  s.date = %q{2011-06-13}
+  s.date = %q{2011-06-14}
   s.description = %q{We've taken the rubycas-client and added some enterprisey features and improved compatibility with JASIG's CAS server}
   s.extra_rdoc_files = [
     "LICENSE.txt",
     "README.rdoc"
   ]
   s.files = [
-    ".rvmrc",
     "CHANGELOG.txt",
     "Gemfile",
     "Gemfile.lock",
@@ -25,12 +24,6 @@ Gem::Specification.new do |s|
     "README.rdoc",
     "Rakefile",
     "VERSION",
-    "examples/merb/.gitignore",
-    "examples/merb/README.textile",
-    "examples/merb/Rakefile",
-    "examples/merb/merb.thor",
-    "examples/merb/merb_auth_cas.rb",
-    "examples/merb/spec/spec_helper.rb",
     "examples/rails/README",
     "examples/rails/app/controllers/advanced_example_controller.rb",
     "examples/rails/app/controllers/application.rb",
@@ -61,7 +54,12 @@ Gem::Specification.new do |s|
     "lib/casclient/responses.rb",
     "lib/casclient/tickets.rb",
     "lib/casclient/tickets/storage.rb",
+    "lib/casclient/tickets/storage/active_record_ticket_store.rb",
     "lib/vibes-rubycas-client.rb",
+    "rails_generators/active_record_ticket_store/USAGE",
+    "rails_generators/active_record_ticket_store/active_record_ticket_store_generator.rb",
+    "rails_generators/active_record_ticket_store/templates/README",
+    "rails_generators/active_record_ticket_store/templates/migration.rb",
     "test/teststrap.rb",
     "test/units/casclient/frameworks/rails/filter_test.rb",
     "vibes-rubycas-client.gemspec"

metadata

@@ -1,15 +1,15 @@
 --- !ruby/object:Gem::Specification 
 name: vibes-rubycas-client
 version: !ruby/object:Gem::Version 
-  hash: -3702664412
+  hash: -3702664410
   prerelease: 6
   segments: 
   - 2
   - 3
   - 0
   - alpha
-  - 4
-  version: 2.3.0.alpha4
+  - 5
+  version: 2.3.0.alpha5
 platform: ruby
 authors: 
 - Matt Campbell
@@ -20,7 +20,7 @@ autorequire:
 bindir: bin
 cert_chain: []
 
-date: 2011-06-13 00:00:00 -05:00
+date: 2011-06-14 00:00:00 -05:00
 default_executable: 
 dependencies: 
 - !ruby/object:Gem::Dependency 
@@ -123,7 +123,6 @@ extra_rdoc_files:
 - LICENSE.txt
 - README.rdoc
 files: 
-- .rvmrc
 - CHANGELOG.txt
 - Gemfile
 - Gemfile.lock
@@ -132,12 +131,6 @@ files:
 - README.rdoc
 - Rakefile
 - VERSION
-- examples/merb/.gitignore
-- examples/merb/README.textile
-- examples/merb/Rakefile
-- examples/merb/merb.thor
-- examples/merb/merb_auth_cas.rb
-- examples/merb/spec/spec_helper.rb
 - examples/rails/README
 - examples/rails/app/controllers/advanced_example_controller.rb
 - examples/rails/app/controllers/application.rb
@@ -168,7 +161,12 @@ files:
 - lib/casclient/responses.rb
 - lib/casclient/tickets.rb
 - lib/casclient/tickets/storage.rb
+- lib/casclient/tickets/storage/active_record_ticket_store.rb
 - lib/vibes-rubycas-client.rb
+- rails_generators/active_record_ticket_store/USAGE
+- rails_generators/active_record_ticket_store/active_record_ticket_store_generator.rb
+- rails_generators/active_record_ticket_store/templates/README
+- rails_generators/active_record_ticket_store/templates/migration.rb
 - test/teststrap.rb
 - test/units/casclient/frameworks/rails/filter_test.rb
 - vibes-rubycas-client.gemspec