Class: OmniAuth::Strategies::CAS

Inherits:
Object
  • Object
show all
Includes:
OmniAuth::Strategy
Defined in:
lib/omniauth/strategies/cas.rb,
lib/omniauth/strategies/cas/logout_request.rb,
lib/omniauth/strategies/cas/service_ticket_validator.rb

Defined Under Namespace

Classes: InvalidCASTicket, LogoutRequest, MissingCASTicket, ServiceTicketValidator

Constant Summary collapse

AuthHashSchemaKeys =
%w{name email nickname first_name last_name location image phone}

Instance Attribute Summary collapse

Instance Method Summary collapse

Instance Attribute Details

#raw_infoObject Also known as: user_info

Returns the value of attribute raw_info


16
17
18
# File 'lib/omniauth/strategies/cas.rb', line 16

def raw_info
  @raw_info
end

Instance Method Details

#append_params(base, params) ⇒ String

Adds URL-escaped parameters to base.

Parameters:

  • base (String)

    the base URL

  • params (String)

    the parameters to append to the URL

Returns:

  • (String)

    the new joined URL.


176
177
178
179
180
181
# File 'lib/omniauth/strategies/cas.rb', line 176

def append_params(base, params)
  params = params.each { |k,v| v = Rack::Utils.escape(v) }
  Addressable::URI.parse(base).tap do |base_uri|
    base_uri.query_values = (base_uri.query_values || {}).merge(params)
  end.to_s
end

#callback_phaseObject


78
79
80
81
82
83
84
85
86
87
88
# File 'lib/omniauth/strategies/cas.rb', line 78

def callback_phase
  if on_sso_path?
    single_sign_out_phase
  else
    @ticket = request.params['ticket']
    return fail!(:no_ticket, MissingCASTicket.new('No CAS Ticket')) unless @ticket
    fetch_raw_info(@ticket)
    return fail!(:invalid_ticket, InvalidCASTicket.new('Invalid CAS Ticket')) if raw_info.empty?
    super
  end
end

#cas_urlObject

Build a CAS host with protocol and port


114
115
116
117
118
119
120
121
122
123
124
125
# File 'lib/omniauth/strategies/cas.rb', line 114

def cas_url
  extract_url if options['url']
  validate_cas_setup
  @cas_url ||= begin
    uri = Addressable::URI.new
    uri.host = options.host
    uri.scheme = options.ssl ? 'https' : 'http'
    uri.port = options.port
    uri.path = options.path
    uri.to_s
  end
end

#extract_urlObject


127
128
129
130
131
132
133
134
135
# File 'lib/omniauth/strategies/cas.rb', line 127

def extract_url
  url = Addressable::URI.parse(options.delete('url'))
  options.merge!(
    'host' => url.host,
    'port' => url.port,
    'path' => url.path,
    'ssl' => url.scheme == 'https'
  )
end

#login_url(service) ⇒ String

Build a CAS login URL from service.

Parameters:

  • service (String)

    the service (a.k.a. return-to) URL

Returns:


166
167
168
# File 'lib/omniauth/strategies/cas.rb', line 166

def (service)
  cas_url + append_params(options., { service: service })
end

#on_sso_path?Boolean

Returns:

  • (Boolean)

103
104
105
# File 'lib/omniauth/strategies/cas.rb', line 103

def on_sso_path?
  request.post? && request.params.has_key?('logoutRequest')
end

#request_phaseObject


90
91
92
93
94
95
96
97
98
99
100
101
# File 'lib/omniauth/strategies/cas.rb', line 90

def request_phase
  service_url = append_params(callback_url, return_url)

  [
    302,
    {
      'Location' => (service_url),
      'Content-Type' => 'text/plain'
    },
    ["You are being redirected to CAS for sign-in."]
  ]
end

#service_validate_url(service_url, ticket) ⇒ String

Build a service-validation URL from service and ticket. If service has a ticket param, first remove it. URL-encode service and add it and the ticket as paraemters to the CAS serviceValidate URL.

Parameters:

  • service (String)

    the service (a.k.a. return-to) URL

  • ticket (String)

    the ticket to validate

Returns:


152
153
154
155
156
157
158
159
# File 'lib/omniauth/strategies/cas.rb', line 152

def service_validate_url(service_url, ticket)
  service_url = Addressable::URI.parse(service_url)
  service_url.query_values = service_url.query_values.tap { |qs| qs.delete('ticket') }
  cas_url + append_params(options.service_validate_url, {
    service: service_url.to_s,
    ticket: ticket
  })
end

#single_sign_out_phaseObject


107
108
109
# File 'lib/omniauth/strategies/cas.rb', line 107

def single_sign_out_phase
  logout_request_service.new(self, request).call(options)
end

#validate_cas_setupObject


137
138
139
140
141
# File 'lib/omniauth/strategies/cas.rb', line 137

def validate_cas_setup
  if options.host.nil? || options..nil?
    raise ArgumentError.new(":host and :login_url MUST be provided")
  end
end

#validate_service_ticket(ticket) ⇒ Object

Validate the Service Ticket

Returns:

  • (Object)

    the validated Service Ticket


185
186
187
# File 'lib/omniauth/strategies/cas.rb', line 185

def validate_service_ticket(ticket)
  ServiceTicketValidator.new(self, options, callback_url, ticket).call
end