Class: Rack::CAS

Inherits:
Object
  • Object
show all
Defined in:
lib/rack/cas.rb

Instance Attribute Summary collapse

Instance Method Summary collapse

Constructor Details

#initialize(app, config = {}) ⇒ CAS

Returns a new instance of CAS.



9
10
11
12
13
# File 'lib/rack/cas.rb', line 9

def initialize(app, config={})
  @app = app

  RackCAS.config.update config
end

Instance Attribute Details

#server_urlObject

Returns the value of attribute server_url.



7
8
9
# File 'lib/rack/cas.rb', line 7

def server_url
  @server_url
end

Instance Method Details

#call(env) ⇒ Object



15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
# File 'lib/rack/cas.rb', line 15

def call(env)
  request = Rack::Request.new(env)
  cas_request = CASRequest.new(request)

  return @app.call(env) if exclude_request?(cas_request)

  if cas_request.ticket_validation?
    log env, 'rack-cas: Intercepting ticket validation request.'

    begin
      user, extra_attrs = get_user(request.url, cas_request.ticket)
    rescue RackCAS::ServiceValidationResponse::TicketInvalidError, RackCAS::SAMLValidationResponse::TicketInvalidError
      log env, 'rack-cas: Invalid ticket. Redirecting to CAS login.'

      return redirect_to server.(cas_request.service_url).to_s
    end

    store_session request, user, cas_request.ticket, extra_attrs
    return redirect_to cas_request.service_url
  end

  if cas_request.logout?
    log env, 'rack-cas: Intercepting logout request.'

    request.session.send (request.session.respond_to?(:destroy) ? :destroy : :clear)
    return redirect_to server.logout_url(request.params).to_s
  end

  if cas_request.single_sign_out? && RackCAS.config.session_store?
    log env, 'rack-cas: Intercepting single-sign-out request.'

    RackCAS.config.session_store.destroy_session_by_cas_ticket(cas_request.ticket)
    return [200, {'Content-Type' => 'text/plain'}, ['CAS Single-Sign-Out request intercepted.']]
  end

  response = @app.call(env)

  if response[0] == 401 && !ignore_intercept?(request) # access denied
    log env, 'rack-cas: Intercepting 401 access denied response. Redirecting to CAS login.'

    redirect_to server.(request.url).to_s
  else
    response
  end
end