Class: Aker::Cas::Authority

Inherits:
Object
  • Object
show all
Includes:
ConfigurationHelper, Castanet::Client
Defined in:
lib/aker/cas/authority.rb

Overview

An authority which verifies CAS tickets with an actual CAS server.

See Also:

Instance Attribute Summary collapse

Instance Method Summary collapse

Methods included from ConfigurationHelper

#cas_login_url, #cas_logout_url, #cas_url, #proxy_callback_url, #proxy_retrieval_url

Constructor Details

#initialize(configuration) ⇒ Authority

Creates a new instance of this authority. It reads parameters from the :cas parameters section of the given configuration. See ConfigurationHelper for information about the meanings of these parameters.


21
22
23
24
25
26
27
# File 'lib/aker/cas/authority.rb', line 21

def initialize(configuration)
  @configuration = configuration

  unless cas_url
    raise ":base_url parameter is required for CAS"
  end
end

Instance Attribute Details

#configurationObject (readonly)

Returns the value of attribute configuration


14
15
16
# File 'lib/aker/cas/authority.rb', line 14

def configuration
  @configuration
end

Instance Method Details

#valid_credentials?(kind, *credentials) ⇒ Aker::User, ...

Verifies the given credentials with the CAS server. The :cas and :cas_proxy kinds are supported. Both kinds require two credentials in the following order:

  • The ticket (either a service ticket or proxy ticket)
  • The service URL associated with the ticket

The returned user will be extended with CasUser.

If CAS proxying is enabled, then this method also retrieves the proxy-granting ticket for the user.


47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
# File 'lib/aker/cas/authority.rb', line 47

def valid_credentials?(kind, *credentials)
  return :unsupported unless [:cas, :cas_proxy].include?(kind)

  ticket = ticket_for(kind, *credentials)
  ticket.present!

  return nil unless ticket.ok?

  Aker::User.new(ticket.username).tap do |u|
    u.extend Aker::Cas::UserExt

    u.cas_url = cas_url
    u.proxy_callback_url = proxy_callback_url
    u.proxy_retrieval_url = proxy_retrieval_url

    if ticket.pgt_iou
      ticket.retrieve_pgt!

      u.pgt = ticket.pgt
    end
  end
end