Class: OmniAuth::Strategies::Casport

Inherits:

Object

• Object
• OmniAuth::Strategies::Casport

Includes:

HTTParty, OmniAuth::Strategy

Defined in:

lib/omniauth/strategies/casport.rb

Overview

Authentication to CASPORT

Examples:

Basic Usage

use OmniAuth::Strategies::Casport, {
      :setup       => true
    }

Full Options Usage

use OmniAuth::Strategies::Casport, {
      :setup         => true,
      :cas_server    => 'http://cas.slkdemos.com/users/',
      :format        => 'xml',
      :format_header => 'application/xml',
      :ssl_ca_file   => 'path/to/ca_file.crt',
      :pem_cert      => '/path/to/cert.pem',
      :pem_cert_pass => 'keep it secret, keep it safe.'
    }

Class Method Summary

• .setup_httparty(opts) ⇒ Object

  Set HTTParty params that we need to set after initialize is called These params come from @options within initialize and include the following: :ssl_ca_file - SSL CA File for SSL connections :format - ‘json’, ‘xml’, ‘html’, etc.

Instance Method Summary

• #auth_hash ⇒ Object
• #callback_phase ⇒ Object
• #initialize(app, options) ⇒ Casport constructor

  A new instance of Casport.

• #request_phase ⇒ Object
• #user ⇒ Object
• #user_empty? ⇒ Boolean

  Investigate user_obj to see if it’s empty (or anti-pattern data).

Constructor Details

#initialize(app, options) ⇒ Casport

Returns a new instance of Casport.

# File 'lib/omniauth/strategies/casport.rb', line 32

def initialize(app, options)
  super(app, :casport)
  @options = options
  @options[:cas_server]    ||= 'http://cas.dev/users'
  @options[:format]        ||= 'xml'
  @options[:format_header] ||= 'application/xml'
end

Class Method Details

.setup_httparty(opts) ⇒ Object

Set HTTParty params that we need to set after initialize is called These params come from @options within initialize and include the following: :ssl_ca_file - SSL CA File for SSL connections :format - ‘json’, ‘xml’, ‘html’, etc. || Defaults to ‘xml’ :format_header - :format Header string || Defaults to ‘application/xml’ :pem_cert - /path/to/a/pem_formatted_certificate.pem for SSL connections :pem_cert_pass - plaintext password, not recommended!

# File 'lib/omniauth/strategies/casport.rb', line 84

def self.setup_httparty(opts)
  format opts[:format].to_sym
  headers 'Accept' => opts[:format_header]
  if opts[:ssl_ca_file]
    ssl_ca_file opts[:ssl_ca_file]
    if opts[:pem_cert_pass]
      pem File.read(opts[:pem_cert]), opts[:pem_cert_pass]
    else
      pem File.read(opts[:pem_cert])
    end
  end
end

Instance Method Details

#auth_hash ⇒ Object

# File 'lib/omniauth/strategies/casport.rb', line 58

def auth_hash
  # store user in a local var to avoid new method calls for each attribute
  user_obj = user
  begin
    # convert all Java camelCase keys to Ruby snake_case, it just feels right!
    user_obj = user_obj['userinfo'].inject({}){|memo, (k,v)| memo[k.gsub(/[A-Z]/){|c| '_'+c.downcase}] = v; memo}
  rescue => e
    fail!(:invalid_user, e)
  end
  OmniAuth::Utils.deep_merge(super, {
    'uid'       => user_obj['uid'],
    'user_info' => {
                    'name' => user_obj['full_name'],
                    'email' => user_obj['email']
                   },
    'extra'     => {'user_hash' => user_obj}
  })
end

#callback_phase ⇒ Object

# File 'lib/omniauth/strategies/casport.rb', line 47

def callback_phase
  begin
    raise 'We seemed to have misplaced your credentials... O_o' if user.nil?
    super
  rescue => e
    redirect(request_path)
#          fail!(:invalid_credentials, e)
  end
  call_app!
end

#request_phase ⇒ Object

# File 'lib/omniauth/strategies/casport.rb', line 40

def request_phase
  # Can't get user data without their UID for the CASPORT server 
  raise "No UID set in request.env['omniauth.strategy'].options[:uid]" if @options[:uid].nil?
  Casport.setup_httparty(@options)
  redirect(callback_path)
end

#user ⇒ Object

# File 'lib/omniauth/strategies/casport.rb', line 97

def user
  # Can't get user data without a UID from the application
  begin
    raise "No UID set in request.env['omniauth.strategy'].options[:uid]" if @options[:uid].nil?
    @options[:uid] = @options[:uid].to_s
  rescue => e
    fail!(:uid_not_found, e)
  end

  url = URI.escape("#{@options[:cas_server]}/#{@options[:uid]}.#{@options[:format]}")
  begin
    raise Errno::ECONNREFUSED if @options[:redis_options] == 'disabled'
    cache = @options[:redis_options].nil? ? Redis.new : Redis.new(@options[:redis_options])
    unless @user = (cache.get @options[:uid])
      # User is not in the cache
      # Retrieving the user data from CASPORT
      # {'userinfo' => {{'uid' => UID}, {'fullName' => NAME},...}},
      @user = Casport.get(url).parsed_response
      cache.set @options[:uid], @user
      # CASPORT expiration time for user (24 hours => 1440 seconds)
      cache.expire @options[:uid], 1440
    end
  # If we can't connect to Redis...
  rescue Errno::ECONNREFUSED => e
    @user ||= Casport.get(url).parsed_response
  end
  @user = nil if user_empty?
  @user
end

#user_empty? ⇒ Boolean

Investigate user_obj to see if it’s empty (or anti-pattern data)

Returns:

• (Boolean)

# File 'lib/omniauth/strategies/casport.rb', line 128

def user_empty?
  is_empty = false
  is_empty = true if @user.nil?
  is_empty = true if @user.empty?
  # If it isn't empty yet, let's convert it into a Hash object for easy parsing via eval
  unless @user.class == Hash
    is_empty = true
    raise "String returned when a Hash was expected."
  end
  is_empty == true ? true : nil
end