Class: CASClient::Client

Inherits:
Object
  • Object
show all
Defined in:
lib/casclient/client.rb

Overview

The client brokers all HTTP transactions with the CAS server.

Instance Attribute Summary collapse

Instance Method Summary collapse

Constructor Details

#initialize(conf = nil) ⇒ Client

Returns a new instance of Client.



9
10
11
# File 'lib/casclient/client.rb', line 9

def initialize(conf = nil)
  configure(conf) if conf
end

Instance Attribute Details

#cas_base_urlObject (readonly)

Returns the value of attribute cas_base_url.



4
5
6
# File 'lib/casclient/client.rb', line 4

def cas_base_url
  @cas_base_url
end

#extra_attributes_session_keyObject (readonly)

Returns the value of attribute extra_attributes_session_key.



5
6
7
# File 'lib/casclient/client.rb', line 5

def extra_attributes_session_key
  @extra_attributes_session_key
end

#logObject (readonly)

Returns the value of attribute log.



5
6
7
# File 'lib/casclient/client.rb', line 5

def log
  @log
end

#login_urlObject



35
36
37
# File 'lib/casclient/client.rb', line 35

def 
  @login_url || (cas_base_url + "/login")
end

#logout_url(destination_url = nil, follow_url = nil) ⇒ Object

Returns the CAS server’s logout url.

If a logout_url has not been explicitly configured, the default is cas_base_url + “/logout”.

destination_url

Set this if you want the user to be able to immediately log back in. Generally you’ll want to use something like request.referer. Note that the above behaviour describes RubyCAS-Server – other CAS server implementations might use this parameter differently (or not at all).

follow_url

This satisfies section 2.3.1 of the CAS protocol spec. See www.ja-sig.org/products/cas/overview/protocol



56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
# File 'lib/casclient/client.rb', line 56

def logout_url(destination_url = nil, follow_url = nil)
  url = @logout_url || (cas_base_url + "/logout")
  
  if destination_url
    # if present, remove the 'ticket' parameter from the destination_url
    duri = URI.parse(destination_url)
    h = duri.query ? query_to_hash(duri.query) : {}
    h.delete('ticket')
    duri.query = hash_to_query(h)
    destination_url = duri.to_s.gsub(/\?$/, '')
  end
  
  if destination_url || follow_url
    uri = URI.parse(url)
    h = uri.query ? query_to_hash(uri.query) : {}
    h['destination'] = destination_url if destination_url
    h['url'] = follow_url if follow_url
    uri.query = hash_to_query(h)
    uri.to_s
  else
    url
  end
end

#proxy_callback_urlObject

Returns the value of attribute proxy_callback_url.



7
8
9
# File 'lib/casclient/client.rb', line 7

def proxy_callback_url
  @proxy_callback_url
end

#proxy_retrieval_urlObject

Returns the value of attribute proxy_retrieval_url.



7
8
9
# File 'lib/casclient/client.rb', line 7

def proxy_retrieval_url
  @proxy_retrieval_url
end

#proxy_urlObject



80
81
82
# File 'lib/casclient/client.rb', line 80

def proxy_url
  @proxy_url || (cas_base_url + "/proxy")
end

#service_url=(value) ⇒ Object (writeonly)

Sets the attribute service_url

Parameters:

  • value

    the value to set the attribute service_url to.



6
7
8
# File 'lib/casclient/client.rb', line 6

def service_url=(value)
  @service_url = value
end

#username_session_keyObject (readonly)

Returns the value of attribute username_session_key.



5
6
7
# File 'lib/casclient/client.rb', line 5

def username_session_key
  @username_session_key
end

#validate_urlObject



39
40
41
# File 'lib/casclient/client.rb', line 39

def validate_url
  @validate_url || (cas_base_url + "/proxyValidate")
end

Instance Method Details

#add_service_to_login_url(service_url) ⇒ Object



197
198
199
200
201
# File 'lib/casclient/client.rb', line 197

def (service_url)
  uri = URI.parse()
  uri.query = (uri.query ? uri.query + "&" : "") + "service=#{CGI.escape(service_url)}"
  uri.to_s
end

#cas_server_is_up?Boolean

Returns true if the configured CAS server is up and responding; false otherwise.

Returns:

  • (Boolean)


101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
# File 'lib/casclient/client.rb', line 101

def cas_server_is_up?
  uri = URI.parse()
  
  log.debug "Checking if CAS server at URI '#{uri}' is up..."
  
  https = Net::HTTP.new(uri.host, uri.port)
  https.use_ssl = (uri.scheme == 'https')
  
  begin
    raw_res = https.start do |conn|
      conn.get("#{uri.path}?#{uri.query}")
    end
  rescue Errno::ECONNREFUSED => e
    log.warn "CAS server did not respond! (#{e.inspect})"
    return false
  end
  
  log.debug "CAS server responded with #{raw_res.inspect}:\n#{raw_res.body}"
  
  return raw_res.kind_of?(Net::HTTPSuccess)
end

#configure(conf) ⇒ Object

Raises:

  • (ArgumentError)


13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
# File 'lib/casclient/client.rb', line 13

def configure(conf)
  #TODO: raise error if conf contains unrecognized cas options (this would help detect user typos in the config)

  raise ArgumentError, "Missing :cas_base_url parameter!" unless conf[:cas_base_url]
  
  @cas_base_url      = conf[:cas_base_url].gsub(/\/$/, '')       
  
  @login_url    = conf[:login_url]
  @logout_url   = conf[:logout_url]
  @validate_url = conf[:validate_url]
  @proxy_url    = conf[:proxy_url]
  @service_url  = conf[:service_url]
  @proxy_callback_url  = conf[:proxy_callback_url]
  @proxy_retrieval_url = conf[:proxy_retrieval_url]
  
  @username_session_key         = conf[:username_session_key] || :cas_user
  @extra_attributes_session_key = conf[:extra_attributes_session_key] || :cas_extra_attributes
  
  @log = CASClient::LoggerWrapper.new
  @log.set_real_logger(conf[:logger]) if conf[:logger]
end

#login_to_service(credentials, service) ⇒ Object

Requests a login using the given credentials for the given service; returns a LoginResponse object.



125
126
127
128
129
130
131
132
133
134
135
# File 'lib/casclient/client.rb', line 125

def (credentials, service)
  lt = 
  
  data = credentials.merge(
    :lt => lt,
    :service => service 
  )
  
  res = submit_data_to_cas(, data)
  CASClient::LoginResponse.new(res)
end

#request_login_ticketObject

Requests a login ticket from the CAS server for use in a login request; returns a LoginTicket object.

This only works with RubyCAS-Server, since obtaining login tickets in this manner is not part of the official CAS spec.

Raises:



142
143
144
145
146
147
148
149
150
151
# File 'lib/casclient/client.rb', line 142

def 
  uri = URI.parse(+'Ticket')
  https = Net::HTTP.new(uri.host, uri.port)
  https.use_ssl = (uri.scheme == 'https')
  res = https.post(uri.path, ';')
  
  raise CASException, res.body unless res.kind_of? Net::HTTPSuccess
  
  res.body.strip
end

#request_proxy_ticket(pgt, target_service) ⇒ Object

Requests a proxy ticket from the CAS server for the given service using the given pgt (proxy granting ticket); returns a ProxyTicket object.

The pgt required to request a proxy ticket is obtained as part of a ValidationResponse.



159
160
161
162
163
164
165
166
167
168
169
170
171
172
# File 'lib/casclient/client.rb', line 159

def request_proxy_ticket(pgt, target_service)
  uri = URI.parse(proxy_url)
  h = uri.query ? query_to_hash(uri.query) : {}
  h['pgt'] = pgt.ticket
  h['targetService'] = target_service
  uri.query = hash_to_query(h)
  
  pr = request_cas_response(uri, ProxyResponse)
  
  pt = ProxyTicket.new(pr.proxy_ticket, target_service)
  pt.response = pr
  
  return pt
end

#retrieve_proxy_granting_ticket(pgt_iou) ⇒ Object

Raises:



174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
# File 'lib/casclient/client.rb', line 174

def retrieve_proxy_granting_ticket(pgt_iou)
  uri = URI.parse(proxy_retrieval_url)
  uri.query = (uri.query ? uri.query + "&" : "") + "pgtIou=#{CGI.escape(pgt_iou)}"
  retrieve_url = uri.to_s
  
  log.debug "Retrieving PGT for PGT IOU #{pgt_iou.inspect} from #{retrieve_url.inspect}"
  
#      https = Net::HTTP.new(uri.host, uri.port)
#      https.use_ssl = (uri.scheme == 'https')
#      res = https.post(uri.path, ';')
  uri = URI.parse(uri) unless uri.kind_of? URI
  https = Net::HTTP.new(uri.host, uri.port)
  https.use_ssl = (uri.scheme == 'https')
  res = https.start do |conn|
    conn.get("#{uri.path}?#{uri.query}")
  end
  
  
  raise CASException, res.body unless res.kind_of? Net::HTTPSuccess
  
  ProxyGrantingTicket.new(res.body.strip, pgt_iou)
end

#validate_service_ticket(st) ⇒ Object Also known as: validate_proxy_ticket



84
85
86
87
88
89
90
91
92
93
94
95
96
# File 'lib/casclient/client.rb', line 84

def validate_service_ticket(st)
  uri = URI.parse(validate_url)
  h = uri.query ? query_to_hash(uri.query) : {}
  h['service'] = st.service
  h['ticket'] = st.ticket
  h['renew'] = 1 if st.renew
  h['pgtUrl'] = proxy_callback_url if proxy_callback_url
  uri.query = hash_to_query(h)
  
  st.response = request_cas_response(uri, ValidationResponse)
  
  return st
end