Class: CASClient::Client

Inherits:
Object
  • Object
show all
Defined in:
lib/casclient/client.rb

Overview

The client brokers all HTTP transactions with the CAS server.

Instance Attribute Summary (collapse)

Instance Method Summary (collapse)

Constructor Details

- (Client) initialize(conf = nil)

A new instance of Client



11
12
13
 
# File 'lib/casclient/client.rb', line 11

def initialize(conf = nil)
  configure(conf) if conf
end

Instance Attribute Details

- (Object) cas_base_url (readonly)

Returns the value of attribute cas_base_url



4
5
6
 
# File 'lib/casclient/client.rb', line 4

def cas_base_url
  @cas_base_url
end

- (Object) cas_destination_logout_param_name (readonly)

Returns the value of attribute cas_destination_logout_param_name



4
5
6
 
# File 'lib/casclient/client.rb', line 4

def cas_destination_logout_param_name
  @cas_destination_logout_param_name
end

- (Object) extra_attributes_session_key (readonly)

Returns the value of attribute extra_attributes_session_key



5
6
7
 
# File 'lib/casclient/client.rb', line 5

def extra_attributes_session_key
  @extra_attributes_session_key
end

- (Object) log (readonly)

Returns the value of attribute log



5
6
7
 
# File 'lib/casclient/client.rb', line 5

def log
  @log
end

- (Object) login_url 



65
66
67
 
# File 'lib/casclient/client.rb', line 65

def 
  @login_url || (cas_base_url + "/login")
end

- (Object) logout_url(destination_url = nil, follow_url = nil, service_url = nil)

Returns the CAS server's logout url.

If a logout_url has not been explicitly configured, the default is cas_base_url + “/logout”.

destination_url

Set this if you want the user to be able to immediately log back in. Generally you'll want to use something like request.referer. Note that the above behaviour describes RubyCAS-Server – other CAS server implementations might use this parameter differently (or not at all).

follow_url

This satisfies section 2.3.1 of the CAS protocol spec. See www.ja-sig.org/products/cas/overview/protocol



86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
 
# File 'lib/casclient/client.rb', line 86

def logout_url(destination_url = nil, follow_url = nil, service_url = nil)
  url = @logout_url || (cas_base_url + "/logout")
  uri = URI.parse(url)
  service_url = (service_url if service_url) || @service_url
  h = uri.query ? query_to_hash(uri.query) : {}

  if destination_url
    # if present, remove the 'ticket' parameter from the destination_url
    duri = URI.parse(destination_url)
    dh = duri.query ? query_to_hash(duri.query) : {}
    dh.delete('ticket')
    duri.query = hash_to_query(dh)
    destination_url = duri.to_s.gsub(/\?$/, '')
    h[cas_destination_logout_param_name] = destination_url if destination_url
    h['gateway'] = 'true'
  elsif follow_url
    h['url'] = follow_url if follow_url
    h['service'] = service_url
  else
    h['service'] = service_url
  end
  uri.query = hash_to_query(h)
  uri.to_s
end

- (Object) proxy_callback_url

Returns the value of attribute proxy_callback_url



9
10
11
 
# File 'lib/casclient/client.rb', line 9

def proxy_callback_url
  @proxy_callback_url
end

- (Object) proxy_host (readonly)

Returns the value of attribute proxy_host



7
8
9
 
# File 'lib/casclient/client.rb', line 7

def proxy_host
  @proxy_host
end

- (Object) proxy_port (readonly)

Returns the value of attribute proxy_port



7
8
9
 
# File 'lib/casclient/client.rb', line 7

def proxy_port
  @proxy_port
end

- (Object) proxy_retrieval_url

Returns the value of attribute proxy_retrieval_url



9
10
11
 
# File 'lib/casclient/client.rb', line 9

def proxy_retrieval_url
  @proxy_retrieval_url
end

- (Object) proxy_url 



111
112
113
 
# File 'lib/casclient/client.rb', line 111

def proxy_url
  @proxy_url || (cas_base_url + "/proxy")
end

- (Object) service_url=(value) (writeonly)

Sets the attribute service_url

Parameters:

  • value

    the value to set the attribute service_url to.



8
9
10
 
# File 'lib/casclient/client.rb', line 8

def service_url=(value)
  @service_url = value
end

- (Object) ticket_store (readonly)

Returns the value of attribute ticket_store



6
7
8
 
# File 'lib/casclient/client.rb', line 6

def ticket_store
  @ticket_store
end

- (Object) username_session_key (readonly)

Returns the value of attribute username_session_key



5
6
7
 
# File 'lib/casclient/client.rb', line 5

def username_session_key
  @username_session_key
end

- (Object) validate_url 



69
70
71
 
# File 'lib/casclient/client.rb', line 69

def validate_url
  @validate_url || (cas_base_url + "/proxyValidate")
end

Instance Method Details

- (Object) add_service_to_login_url(service_url) 



225
226
227
228
229
 
# File 'lib/casclient/client.rb', line 225

def (service_url)
  uri = URI.parse()
  uri.query = (uri.query ? uri.query + "&" : "") + "service=#{CGI.escape(service_url)}"
  uri.to_s
end

- (Boolean) cas_server_is_up?

Returns true if the configured CAS server is up and responding; false otherwise.

Returns:

  • (Boolean) 


138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
 
# File 'lib/casclient/client.rb', line 138

def cas_server_is_up?
  uri = URI.parse()

  log.debug "Checking if CAS server at URI '#{uri}' is up..."

  https = https_connection(uri)

  begin
    raw_res = https.start do |conn|
      conn.get("#{uri.path}?#{uri.query}")
    end
  rescue Errno::ECONNREFUSED => e
    log.warn "CAS server did not respond! (#{e.inspect})"
    return false
  end

  log.debug "CAS server responded with #{raw_res.inspect}:\n#{raw_res.body}"

  return raw_res.kind_of?(Net::HTTPSuccess)
end

- (Object) configure(conf)

Raises:

  • (ArgumentError) 


15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
 
# File 'lib/casclient/client.rb', line 15

def configure(conf)
  #TODO: raise error if conf contains unrecognized cas options (this would help detect user typos in the config)

  raise ArgumentError, "Missing :cas_base_url parameter!" unless conf[:cas_base_url]

  if conf.has_key?("encode_extra_attributes_as")
    unless (conf[:encode_extra_attributes_as] == :json || conf[:encode_extra_attributes_as] == :yaml)
      raise ArgumentError, "Unkown Value for :encode_extra_attributes_as parameter! Allowed options are json or yaml - #{conf[:encode_extra_attributes_as]}"
    end
  end

  @cas_base_url      = conf[:cas_base_url].gsub(/\/$/, '')
  @cas_destination_logout_param_name = conf[:cas_destination_logout_param_name]

  @login_url    = conf[:login_url]
  @logout_url   = conf[:logout_url]
  @validate_url = conf[:validate_url]
  @proxy_url    = conf[:proxy_url]
  @service_url  = conf[:service_url]
  @force_ssl_verification  = conf[:force_ssl_verification]
  @proxy_callback_url  = conf[:proxy_callback_url]

  #proxy server settings
  @proxy_host = conf[:proxy_host]
  @proxy_port = conf[:proxy_port]

  @username_session_key         = conf[:username_session_key] || :cas_user
  @extra_attributes_session_key = conf[:extra_attributes_session_key] || :cas_extra_attributes
  @ticket_store_class = case conf[:ticket_store]
    when :local_dir_ticket_store, nil
      CASClient::Tickets::Storage::LocalDirTicketStore
    when :active_record_ticket_store
      require 'casclient/tickets/storage/active_record_ticket_store'
      CASClient::Tickets::Storage::ActiveRecordTicketStore
    else
      conf[:ticket_store]
  end
  @ticket_store = @ticket_store_class.new conf[:ticket_store_config]
  raise CASException, "The Ticket Store is not a subclass of AbstractTicketStore, it is a #{@ticket_store_class}" unless @ticket_store.kind_of? CASClient::Tickets::Storage::AbstractTicketStore

  @log = CASClient::LoggerWrapper.new
  @log.set_real_logger(conf[:logger]) if conf[:logger]
  @ticket_store.log = @log
  @conf_options = conf
end

- (Object) login_to_service(credentials, service)

Requests a login using the given credentials for the given service; returns a LoginResponse object.



161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
 
# File 'lib/casclient/client.rb', line 161

def (credentials, service)
  lt = 

  data = credentials.merge(
    :lt => lt,
    :service => service
  )

  res = submit_data_to_cas(, data)
  response = CASClient::LoginResponse.new(res)

  if response.is_success?
    log.info("Login was successful for ticket: #{response.ticket.inspect}.")
  end

  return response
end

- (Object) request_login_ticket

Requests a login ticket from the CAS server for use in a login request; returns a LoginTicket object.

This only works with RubyCAS-Server, since obtaining login tickets in this manner is not part of the official CAS spec.

Raises:



184
185
186
187
188
189
190
191
192
 
# File 'lib/casclient/client.rb', line 184

def 
  uri = URI.parse(+'Ticket')
  https = https_connection(uri)
  res = https.post(uri.path, ';')

  raise CASException, res.body unless res.kind_of? Net::HTTPSuccess

  res.body.strip
end

- (Object) request_proxy_ticket(pgt, target_service)

Requests a proxy ticket from the CAS server for the given service using the given pgt (proxy granting ticket); returns a ProxyTicket object.

The pgt required to request a proxy ticket is obtained as part of a ValidationResponse.



200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
 
# File 'lib/casclient/client.rb', line 200

def request_proxy_ticket(pgt, target_service)
  uri = URI.parse(proxy_url)
  h = uri.query ? query_to_hash(uri.query) : {}
  h['pgt'] = pgt.ticket
  h['targetService'] = target_service
  uri.query = hash_to_query(h)

  response = request_cas_response(uri, ProxyResponse)

  pt = ProxyTicket.new(response.proxy_ticket, target_service)
  pt.success = response.is_success?
  pt.failure_code = response.failure_code
  pt.failure_message = response.failure_message

  return pt
end

- (Object) retrieve_proxy_granting_ticket(pgt_iou)

Raises:



217
218
219
220
221
222
223
 
# File 'lib/casclient/client.rb', line 217

def retrieve_proxy_granting_ticket(pgt_iou)
  pgt = @ticket_store.retrieve_pgt(pgt_iou)

  raise CASException, "Couldn't find pgt for pgt_iou #{pgt_iou}" unless pgt

  ProxyGrantingTicket.new(pgt, pgt_iou)
end

- (Object) validate_service_ticket(st) Also known as: validate_proxy_ticket 



115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
 
# File 'lib/casclient/client.rb', line 115

def validate_service_ticket(st)
  uri = URI.parse(validate_url)
  h = uri.query ? query_to_hash(uri.query) : {}
  h['service'] = st.service
  h['ticket'] = st.ticket
  h['renew'] = "1" if st.renew
  h['pgtUrl'] = proxy_callback_url if proxy_callback_url
  uri.query = hash_to_query(h)

  response = request_cas_response(uri, ValidationResponse)
  st.user = response.user
  st.extra_attributes = response.extra_attributes
  st.pgt_iou = response.pgt_iou
  st.success = response.is_success?
  st.failure_code = response.failure_code
  st.failure_message = response.failure_message

  return st
end