Class: Maestrano::SSO::Session

Inherits:

Object

• Object
• Maestrano::SSO::Session

Includes:

Preset

Defined in:

lib/maestrano/sso/session.rb

Instance Attribute Summary

• #group_uid ⇒ Object

  Returns the value of attribute group_uid.

• #preset ⇒ Object

  Returns the value of attribute preset.

• #recheck ⇒ Object

  Returns the value of attribute recheck.

• #session ⇒ Object

  Returns the value of attribute session.

• #session_token ⇒ Object

  Returns the value of attribute session_token.

• #uid ⇒ Object

  Returns the value of attribute uid.

Class Method Summary

• .from_user_auth_hash(session, auth) ⇒ Object

  Load a Maestrano::SSO::Session object from a hash generated by Maestrano::SSO::BaseUser#to_hash.

Instance Method Summary

• #initialize(session) ⇒ Session constructor

  A new instance of Session.

• #perform_remote_check ⇒ Object

  Check remote maestrano session and update the recheck attribute if the session is still valid Return true if the session is still valid and false otherwise.

• #remote_check_required? ⇒ Boolean
• #save ⇒ Object
• #valid?(opts = {}) ⇒ Boolean

  Check whether this mno session is valid or not Return true if SLO is disabled (via sso.slo_enabled config param) Return false if no session defined — opts: if_session: if true then the session will be considered valid if the http session is nil or does not have a maestrano key.

Methods included from Preset

included

Constructor Details

#initialize(session) ⇒ Session

Returns a new instance of Session.

# File 'lib/maestrano/sso/session.rb', line 25

def initialize(session)
  self.session = session
  if (self.session = session)
    begin
      if mno_session = (self.session[:maestrano] || self.session['maestrano'])
        decrypted_session = JSON.parse(Base64.decode64(mno_session))
        self.uid = decrypted_session['uid']
        self.session_token = decrypted_session['session']
        self.recheck = Time.iso8601(decrypted_session['session_recheck'])
        self.group_uid = decrypted_session['group_uid']
        self.preset = decrypted_session['preset']
      end
    rescue
    end
  end
end

Instance Attribute Details

#group_uid ⇒ Object

Returns the value of attribute group_uid.

# File 'lib/maestrano/sso/session.rb', line 5

def group_uid
  @group_uid
end

#preset ⇒ Object

Returns the value of attribute preset.

# File 'lib/maestrano/sso/session.rb', line 5

def preset
  @preset
end

#recheck ⇒ Object

Returns the value of attribute recheck.

# File 'lib/maestrano/sso/session.rb', line 5

def recheck
  @recheck
end

#session ⇒ Object

Returns the value of attribute session.

# File 'lib/maestrano/sso/session.rb', line 5

def session
  @session
end

#session_token ⇒ Object

Returns the value of attribute session_token.

# File 'lib/maestrano/sso/session.rb', line 5

def session_token
  @session_token
end

#uid ⇒ Object

Returns the value of attribute uid.

# File 'lib/maestrano/sso/session.rb', line 5

def uid
  @uid
end

Class Method Details

.from_user_auth_hash(session, auth) ⇒ Object

Load a Maestrano::SSO::Session object from a hash generated by Maestrano::SSO::BaseUser#to_hash

# File 'lib/maestrano/sso/session.rb', line 9

def self.from_user_auth_hash(session, auth)
  instance = self.new({})
  instance.session = session

  if (extra = (auth[:extra] || auth['extra'])) && (sso_session = (extra[:session] || extra['session']))
    instance.uid = (sso_session[:uid] || sso_session['uid'])
    instance.session_token = (sso_session[:token] || sso_session['token'])
    instance.group_uid = (sso_session[:group_uid] || sso_session['group_uid'])
    instance.preset = self.preset
    if recheck = (sso_session[:recheck] || sso_session['recheck'])
      instance.recheck = recheck
    end
  end
  return instance
end

Instance Method Details

#perform_remote_check ⇒ Object

Check remote maestrano session and update the recheck attribute if the session is still valid Return true if the session is still valid and false otherwise

# File 'lib/maestrano/sso/session.rb', line 53

def perform_remote_check
  # Get remote session info
  url = Maestrano::SSO[self.preset].session_check_url(self.uid, self.session_token)
  begin
    response = RestClient.get(url)
    response = JSON.parse(response)
  rescue Exception => e
    response = {}
  end

  # Process response
  if response['valid'] && response['recheck']
    self.recheck = Time.iso8601(response['recheck'])
    return true
  end

  return false
end

#remote_check_required? ⇒ Boolean

Returns:

• (Boolean)

# File 'lib/maestrano/sso/session.rb', line 42

def remote_check_required?
  if self.uid && self.session_token && self.recheck
    return (self.recheck <= Time.now)
  end
  return true
end

#save ⇒ Object

# File 'lib/maestrano/sso/session.rb', line 99

def save
  self.session[:maestrano] = Base64.encode64({
    uid: self.uid,
    session: self.session_token,
    session_recheck: self.recheck.utc.iso8601,
    group_uid: self.group_uid,
    preset: self.preset
  }.to_json)
end

#valid?(opts = {}) ⇒ Boolean

Check whether this mno session is valid or not Return true if SLO is disabled (via sso.slo_enabled config param) Return false if no session defined

---

opts: if_session: if true then the session will be considered valid if the http session is nil or does not have a maestrano key. Useful when the validity of a session should be restricted to maestrano users only within an application

Returns:

• (Boolean)

# File 'lib/maestrano/sso/session.rb', line 83

def valid?(opts = {})
  return true unless Maestrano[self.class.preset].param('sso.slo_enabled')
  return true if opts[:if_session] && (!self.session || (!self.session[:maestrano] && !self.session['maestrano']))
  return false unless self.session

  if self.remote_check_required?
    if perform_remote_check
      self.save
      return true
    else
      return false
    end
  end
  return true
end