Class: OmniAuth::Strategies::Casport
- Inherits:
-
Object
- Object
- OmniAuth::Strategies::Casport
- Includes:
- HTTParty, OmniAuth::Strategy
- Defined in:
- lib/omniauth/strategies/casport.rb
Overview
Authentication to CASPORT
Class Method Summary collapse
-
.setup_httparty(opts) ⇒ Object
Set HTTParty params that we need to set after initialize is called These params come from @options within initialize and include the following: :ssl_ca_file - SSL CA File for SSL connections :format - ‘json’, ‘xml’, ‘html’, etc.
Instance Method Summary collapse
- #auth_hash ⇒ Object
- #callback_phase ⇒ Object
-
#get_user ⇒ Object
Query for the user against CASPORT, return as nil or parsed object.
-
#initialize(app, options) ⇒ Casport
constructor
A new instance of Casport.
- #request_phase ⇒ Object
- #user ⇒ Object
Constructor Details
#initialize(app, options) ⇒ Casport
Returns a new instance of Casport.
34 35 36 37 38 39 40 |
# File 'lib/omniauth/strategies/casport.rb', line 34 def initialize(app, ) super(app, :casport) @options = @options[:cas_server] ||= 'http://cas.dev/users' @options[:format] ||= 'xml' @options[:format_header] ||= 'application/xml' end |
Class Method Details
.setup_httparty(opts) ⇒ Object
Set HTTParty params that we need to set after initialize is called These params come from @options within initialize and include the following: :ssl_ca_file - SSL CA File for SSL connections :format - ‘json’, ‘xml’, ‘html’, etc. || Defaults to ‘xml’ :format_header - :format Header string || Defaults to ‘application/xml’ :pem_cert - /path/to/a/pem_formatted_certificate.pem for SSL connections :pem_cert_pass - plaintext password, not recommended!
86 87 88 89 90 91 92 93 94 95 96 97 98 99 |
# File 'lib/omniauth/strategies/casport.rb', line 86 def self.setup_httparty(opts) format opts[:format].to_sym headers 'Accept' => opts[:format_header] headers 'Content-Type' => opts[:format_header] headers 'X-XSRF-UseProtection' => 'false' if opts[:format] == 'json' if opts[:ssl_ca_file] ssl_ca_file opts[:ssl_ca_file] if opts[:pem_cert_pass] pem File.read(opts[:pem_cert]), opts[:pem_cert_pass] else pem File.read(opts[:pem_cert]) end end end |
Instance Method Details
#auth_hash ⇒ Object
60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 |
# File 'lib/omniauth/strategies/casport.rb', line 60 def auth_hash # store user in a local var to avoid new method calls for each attribute user_obj = user begin # convert all Java camelCase keys to Ruby snake_case, it just feels right! user_obj = user_obj['userinfo'].inject({}){|memo, (k,v)| memo[k.gsub(/[A-Z]/){|c| '_'+c.downcase}] = v; memo} rescue => e fail!(:invalid_user, e) end OmniAuth::Utils.deep_merge(super, { 'uid' => user_obj['dn'], 'user_info' => { 'name' => user_obj['full_name'], 'email' => user_obj['email'] }, 'extra' => {'user_hash' => user_obj} }) end |
#callback_phase ⇒ Object
49 50 51 52 53 54 55 56 57 58 |
# File 'lib/omniauth/strategies/casport.rb', line 49 def callback_phase begin raise 'We seemed to have misplaced your credentials... O_o' if user.nil? super rescue => e redirect(request_path) # fail!(:invalid_credentials, e) end call_app! end |
#get_user ⇒ Object
Query for the user against CASPORT, return as nil or parsed object
143 144 145 146 147 148 149 150 151 152 |
# File 'lib/omniauth/strategies/casport.rb', line 143 def get_user return if @user # no extra http calls url = URI.escape("#{@options[:cas_server]}/#{@options[:uid]}.#{@options[:format]}") response = Casport.get(url) if response.success? @user = response.parsed_response else @user = nil end end |
#request_phase ⇒ Object
42 43 44 45 46 47 |
# File 'lib/omniauth/strategies/casport.rb', line 42 def request_phase # Can't get user data without their UID for the CASPORT server raise "No UID set in request.env['omniauth.strategy'].options[:uid]" if @options[:uid].nil? Casport.setup_httparty(@options) redirect(callback_path) end |
#user ⇒ Object
101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132 133 134 135 136 137 138 139 140 |
# File 'lib/omniauth/strategies/casport.rb', line 101 def user # Can't get user data without a UID from the application begin raise "No UID set in request.env['omniauth.strategy'].options[:uid]" if @options[:uid].nil? # Fix DN order (if we have a DN) for CASPORT to work properly if @options[:uid].include?('/') or @options[:uid].include?(',') # Convert '/' to ',' and split on ',' @options[:uid] = @options[:uid].gsub('/',',').split(',').reject{|array| array.all? {|el| el.nil? || el.strip.empty? }} # See if the DN is in the order CASPORT expects (and fix it if needed) @options[:uid] = @options[:uid].reverse if @options[:uid].first.downcase.include? 'c=' # Join our array of DN elements back together with a comma as expected by CASPORT @options[:uid] = @options.join ',' end rescue => e fail!(:uid_not_found, e) end begin raise Errno::ECONNREFUSED if @options[:redis_options] == 'disabled' cache = @options[:redis_options].nil? ? Redis.new : Redis.new(@options[:redis_options]) unless @user = (cache.get @options[:uid]) # User is not in the cache # Retrieving the user data from CASPORT # {'userinfo' => {{'uid' => UID}, {'fullName' => NAME},...}}, get_user if @user # Set Redis object for the user, and expire after 24 hours cache.set @options[:uid], @user.to_yaml cache.expire @options[:uid], 1440 end else # We found our user in the cache, let's parse it into a Ruby object @user = YAML::load(@user) end # If we can't connect to Redis... rescue Errno::ECONNREFUSED => e get_user end @user end |