Class: CASClient::Client
- Inherits:
-
Object
- Object
- CASClient::Client
- Defined in:
- lib/casclient/client.rb
Overview
The client brokers all HTTP transactions with the CAS server.
Instance Attribute Summary collapse
-
#cas_base_url ⇒ Object
readonly
Returns the value of attribute cas_base_url.
-
#extra_attributes_session_key ⇒ Object
readonly
Returns the value of attribute extra_attributes_session_key.
-
#log ⇒ Object
readonly
Returns the value of attribute log.
- #login_url ⇒ Object
-
#logout_url(destination_url = nil, follow_url = nil) ⇒ Object
Returns the CAS server’s logout url.
-
#proxy_callback_url ⇒ Object
Returns the value of attribute proxy_callback_url.
-
#proxy_retrieval_url ⇒ Object
Returns the value of attribute proxy_retrieval_url.
- #proxy_url ⇒ Object
-
#service_url ⇒ Object
writeonly
Sets the attribute service_url.
-
#username_session_key ⇒ Object
readonly
Returns the value of attribute username_session_key.
- #validate_url ⇒ Object
Instance Method Summary collapse
- #add_service_to_login_url(service_url) ⇒ Object
-
#cas_server_is_up? ⇒ Boolean
Returns true if the configured CAS server is up and responding; false otherwise.
- #configure(conf) ⇒ Object
-
#initialize(conf = nil) ⇒ Client
constructor
A new instance of Client.
-
#login_to_service(credentials, service) ⇒ Object
Requests a login using the given credentials for the given service; returns a LoginResponse object.
-
#request_login_ticket ⇒ Object
Requests a login ticket from the CAS server for use in a login request; returns a LoginTicket object.
-
#request_proxy_ticket(pgt, target_service) ⇒ Object
Requests a proxy ticket from the CAS server for the given service using the given pgt (proxy granting ticket); returns a ProxyTicket object.
- #retrieve_proxy_granting_ticket(pgt_iou) ⇒ Object
- #validate_service_ticket(st) ⇒ Object (also: #validate_proxy_ticket)
Constructor Details
#initialize(conf = nil) ⇒ Client
Returns a new instance of Client.
9 10 11 |
# File 'lib/casclient/client.rb', line 9 def initialize(conf = nil) configure(conf) if conf end |
Instance Attribute Details
#cas_base_url ⇒ Object (readonly)
Returns the value of attribute cas_base_url.
4 5 6 |
# File 'lib/casclient/client.rb', line 4 def cas_base_url @cas_base_url end |
#extra_attributes_session_key ⇒ Object (readonly)
Returns the value of attribute extra_attributes_session_key.
5 6 7 |
# File 'lib/casclient/client.rb', line 5 def extra_attributes_session_key @extra_attributes_session_key end |
#log ⇒ Object (readonly)
Returns the value of attribute log.
5 6 7 |
# File 'lib/casclient/client.rb', line 5 def log @log end |
#login_url ⇒ Object
35 36 37 |
# File 'lib/casclient/client.rb', line 35 def login_url @login_url || (cas_base_url + "/login") end |
#logout_url(destination_url = nil, follow_url = nil) ⇒ Object
Returns the CAS server’s logout url.
If a logout_url has not been explicitly configured, the default is cas_base_url + “/logout”.
- destination_url
-
Set this if you want the user to be able to immediately log back in. Generally you’ll want to use something like
request.referer
. Note that the above behaviour describes RubyCAS-Server – other CAS server implementations might use this parameter differently (or not at all). - follow_url
-
This satisfies section 2.3.1 of the CAS protocol spec. See www.ja-sig.org/products/cas/overview/protocol
56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 |
# File 'lib/casclient/client.rb', line 56 def logout_url(destination_url = nil, follow_url = nil) url = @logout_url || (cas_base_url + "/logout") if destination_url # if present, remove the 'ticket' parameter from the destination_url duri = URI.parse(destination_url) h = duri.query ? query_to_hash(duri.query) : {} h.delete('ticket') duri.query = hash_to_query(h) destination_url = duri.to_s.gsub(/\?$/, '') end if destination_url || follow_url uri = URI.parse(url) h = uri.query ? query_to_hash(uri.query) : {} h['destination'] = destination_url if destination_url h['url'] = follow_url if follow_url uri.query = hash_to_query(h) uri.to_s else url end end |
#proxy_callback_url ⇒ Object
Returns the value of attribute proxy_callback_url.
7 8 9 |
# File 'lib/casclient/client.rb', line 7 def proxy_callback_url @proxy_callback_url end |
#proxy_retrieval_url ⇒ Object
Returns the value of attribute proxy_retrieval_url.
7 8 9 |
# File 'lib/casclient/client.rb', line 7 def proxy_retrieval_url @proxy_retrieval_url end |
#proxy_url ⇒ Object
80 81 82 |
# File 'lib/casclient/client.rb', line 80 def proxy_url @proxy_url || (cas_base_url + "/proxy") end |
#service_url=(value) ⇒ Object (writeonly)
Sets the attribute service_url
6 7 8 |
# File 'lib/casclient/client.rb', line 6 def service_url=(value) @service_url = value end |
#username_session_key ⇒ Object (readonly)
Returns the value of attribute username_session_key.
5 6 7 |
# File 'lib/casclient/client.rb', line 5 def username_session_key @username_session_key end |
#validate_url ⇒ Object
39 40 41 |
# File 'lib/casclient/client.rb', line 39 def validate_url @validate_url || (cas_base_url + "/proxyValidate") end |
Instance Method Details
#add_service_to_login_url(service_url) ⇒ Object
197 198 199 200 201 |
# File 'lib/casclient/client.rb', line 197 def add_service_to_login_url(service_url) uri = URI.parse(login_url) uri.query = (uri.query ? uri.query + "&" : "") + "service=#{CGI.escape(service_url)}" uri.to_s end |
#cas_server_is_up? ⇒ Boolean
Returns true if the configured CAS server is up and responding; false otherwise.
101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 |
# File 'lib/casclient/client.rb', line 101 def cas_server_is_up? uri = URI.parse(login_url) log.debug "Checking if CAS server at URI '#{uri}' is up..." https = Net::HTTP.new(uri.host, uri.port) https.use_ssl = (uri.scheme == 'https') begin raw_res = https.start do |conn| conn.get("#{uri.path}?#{uri.query}") end rescue Errno::ECONNREFUSED => e log.warn "CAS server did not respond! (#{e.inspect})" return false end log.debug "CAS server responded with #{raw_res.inspect}:\n#{raw_res.body}" return raw_res.kind_of?(Net::HTTPSuccess) end |
#configure(conf) ⇒ Object
13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 |
# File 'lib/casclient/client.rb', line 13 def configure(conf) #TODO: raise error if conf contains unrecognized cas options (this would help detect user typos in the config) raise ArgumentError, "Missing :cas_base_url parameter!" unless conf[:cas_base_url] @cas_base_url = conf[:cas_base_url].gsub(/\/$/, '') @login_url = conf[:login_url] @logout_url = conf[:logout_url] @validate_url = conf[:validate_url] @proxy_url = conf[:proxy_url] @service_url = conf[:service_url] @proxy_callback_url = conf[:proxy_callback_url] @proxy_retrieval_url = conf[:proxy_retrieval_url] @username_session_key = conf[:username_session_key] || :cas_user @extra_attributes_session_key = conf[:extra_attributes_session_key] || :cas_extra_attributes @log = CASClient::LoggerWrapper.new @log.set_real_logger(conf[:logger]) if conf[:logger] end |
#login_to_service(credentials, service) ⇒ Object
Requests a login using the given credentials for the given service; returns a LoginResponse object.
125 126 127 128 129 130 131 132 133 134 135 |
# File 'lib/casclient/client.rb', line 125 def login_to_service(credentials, service) lt = request_login_ticket data = credentials.merge( :lt => lt, :service => service ) res = submit_data_to_cas(login_url, data) CASClient::LoginResponse.new(res) end |
#request_login_ticket ⇒ Object
Requests a login ticket from the CAS server for use in a login request; returns a LoginTicket object.
This only works with RubyCAS-Server, since obtaining login tickets in this manner is not part of the official CAS spec.
142 143 144 145 146 147 148 149 150 151 |
# File 'lib/casclient/client.rb', line 142 def request_login_ticket uri = URI.parse(login_url+'Ticket') https = Net::HTTP.new(uri.host, uri.port) https.use_ssl = (uri.scheme == 'https') res = https.post(uri.path, ';') raise CASException, res.body unless res.kind_of? Net::HTTPSuccess res.body.strip end |
#request_proxy_ticket(pgt, target_service) ⇒ Object
Requests a proxy ticket from the CAS server for the given service using the given pgt (proxy granting ticket); returns a ProxyTicket object.
The pgt required to request a proxy ticket is obtained as part of a ValidationResponse.
159 160 161 162 163 164 165 166 167 168 169 170 171 172 |
# File 'lib/casclient/client.rb', line 159 def request_proxy_ticket(pgt, target_service) uri = URI.parse(proxy_url) h = uri.query ? query_to_hash(uri.query) : {} h['pgt'] = pgt.ticket h['targetService'] = target_service uri.query = hash_to_query(h) pr = request_cas_response(uri, ProxyResponse) pt = ProxyTicket.new(pr.proxy_ticket, target_service) pt.response = pr return pt end |
#retrieve_proxy_granting_ticket(pgt_iou) ⇒ Object
174 175 176 177 178 179 180 181 182 183 184 185 186 187 188 189 190 191 192 193 194 195 |
# File 'lib/casclient/client.rb', line 174 def retrieve_proxy_granting_ticket(pgt_iou) uri = URI.parse(proxy_retrieval_url) uri.query = (uri.query ? uri.query + "&" : "") + "pgtIou=#{CGI.escape(pgt_iou)}" retrieve_url = uri.to_s log.debug "Retrieving PGT for PGT IOU #{pgt_iou.inspect} from #{retrieve_url.inspect}" # https = Net::HTTP.new(uri.host, uri.port) # https.use_ssl = (uri.scheme == 'https') # res = https.post(uri.path, ';') uri = URI.parse(uri) unless uri.kind_of? URI https = Net::HTTP.new(uri.host, uri.port) https.use_ssl = (uri.scheme == 'https') res = https.start do |conn| conn.get("#{uri.path}?#{uri.query}") end raise CASException, res.body unless res.kind_of? Net::HTTPSuccess ProxyGrantingTicket.new(res.body.strip, pgt_iou) end |
#validate_service_ticket(st) ⇒ Object Also known as: validate_proxy_ticket
84 85 86 87 88 89 90 91 92 93 94 95 96 |
# File 'lib/casclient/client.rb', line 84 def validate_service_ticket(st) uri = URI.parse(validate_url) h = uri.query ? query_to_hash(uri.query) : {} h['service'] = st.service h['ticket'] = st.ticket h['renew'] = 1 if st.renew h['pgtUrl'] = proxy_callback_url if proxy_callback_url uri.query = hash_to_query(h) st.response = request_cas_response(uri, ValidationResponse) return st end |