Class: Casablanca::Rails::Filter

Inherits:

Object

• Object
• Casablanca::Rails::Filter

Defined in:

lib/casablanca/rails/filter.rb

Direct Known Subclasses

GatewayFilter, RenewFilter

Class Method Summary

• .authenticate_ticket(controller) ⇒ Object
• .authentication_required?(controller) ⇒ Boolean

  Has the user already talked to the Cas server?.

• .filter(controller) ⇒ Object

  Require a authenticated user to the CAS server otherwise redirect to the CAS server login url.

• .get_credentials(controller) ⇒ Object
• .logger ⇒ Object
• .login_url(controller, params = {}) ⇒ Object

  The login url of the Cas server.

• .logout(controller) ⇒ Object

  Logs out of the Cas server.

• .logout_url(controller, params = {}) ⇒ Object

  The logout url of the Cas server.

• .redirect_to_cas_login(controller) ⇒ Object

Class Method Details

.authenticate_ticket(controller) ⇒ Object

# File 'lib/casablanca/rails/filter.rb', line 87

def authenticate_ticket(controller)
  client = Casablanca::Client.new(:cas_server_url => Config.cas_server_url, :service_url => service_url(controller))
  ticket = Casablanca::Ticket.new(controller.params[:ticket], client.service_url, controller.session[:cas_renew])
  if client.authenticate_ticket(ticket)
    logger.debug "Ticket authenticated"
    controller.session[:cas_user] = ticket.user
    controller.session[:cas_renew] = nil
    return true
  else          
    logger.debug "Ticket authentication failed: #{ticket.failure_message}"
    logout(controller)
    logger.debug "Renew login credentials"
    redirect_to_cas_login(controller)
    return false
  end
end

.authentication_required?(controller) ⇒ Boolean

Has the user already talked to the Cas server?

Returns:

• (Boolean)

# File 'lib/casablanca/rails/filter.rb', line 73

def authentication_required?(controller)
  controller.session[:cas_user].nil? && controller.params[:ticket].nil?
end

.filter(controller) ⇒ Object

Require a authenticated user to the CAS server otherwise redirect to the CAS server login url. Set session to the authenticated CAS user if authenticated

# File 'lib/casablanca/rails/filter.rb', line 38

def filter(controller)        
  if authentication_required?(controller)
    return get_credentials(controller)
  elsif controller.params[:ticket]
    return authenticate_ticket(controller)
  else
    return true
  end
end

.get_credentials(controller) ⇒ Object

# File 'lib/casablanca/rails/filter.rb', line 81

def get_credentials(controller)
  logger.debug "Not authenticated yet. Ticket parameter required"
  redirect_to_cas_login(controller)
  return false
end

.logger ⇒ Object

# File 'lib/casablanca/rails/filter.rb', line 68

def logger
  Casablanca::Client.logger
end

.login_url(controller, params = {}) ⇒ Object

The login url of the Cas server. This page has the login form.

# File 'lib/casablanca/rails/filter.rb', line 50

def login_url(controller, params={})
  client = Casablanca::Client.new(:cas_server_url => Config.cas_server_url, :service_url => service_url(controller))        
  client.login_url(params)
end

.logout(controller) ⇒ Object

Logs out of the Cas server.

# File 'lib/casablanca/rails/filter.rb', line 64

def logout(controller)
  controller.session[:cas_user] = nil
end

.logout_url(controller, params = {}) ⇒ Object

The logout url of the Cas server.

# File 'lib/casablanca/rails/filter.rb', line 57

def logout_url(controller, params={})
  client = Casablanca::Client.new(:cas_server_url => Config.cas_server_url, :service_url => service_url(controller))
  client.logout_url(params)
end

.redirect_to_cas_login(controller) ⇒ Object

# File 'lib/casablanca/rails/filter.rb', line 77

def redirect_to_cas_login(controller)
  controller.send(:redirect_to, login_url(controller))
end