Class: Casablanca::Rails::Filter
- Inherits:
-
Object
- Object
- Casablanca::Rails::Filter
- Defined in:
- lib/casablanca/rails/filter.rb
Direct Known Subclasses
Class Method Summary collapse
- .authenticate_ticket(controller) ⇒ Object
-
.authentication_required?(controller) ⇒ Boolean
Has the user already talked to the Cas server?.
-
.filter(controller) ⇒ Object
Require a authenticated user to the CAS server otherwise redirect to the CAS server login url.
- .get_credentials(controller) ⇒ Object
- .logger ⇒ Object
-
.login_url(controller, params = {}) ⇒ Object
The login url of the Cas server.
-
.logout(controller) ⇒ Object
Logs out of the Cas server.
-
.logout_url(controller, params = {}) ⇒ Object
The logout url of the Cas server.
- .redirect_to_cas_login(controller, renew) ⇒ Object
-
.renew? ⇒ Boolean
Always require new credentials for authentication?.
Class Method Details
.authenticate_ticket(controller) ⇒ Object
102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 |
# File 'lib/casablanca/rails/filter.rb', line 102 def authenticate_ticket(controller) client = Casablanca::Client.new(:cas_server_url => Config.cas_server_url, :service_url => service_url(controller)) ticket = Casablanca::Ticket.new(controller.params[:ticket], client.service_url, controller.session[:cas_renew]) if client.authenticate_ticket(ticket) logger.debug "Ticket authenticated" controller.session[:cas_user] = ticket.user controller.session[:cas_renew] = nil return true else logger.debug "Ticket authentication failed: #{ticket.}" logout(controller) logger.debug "Renew login credentials" redirect_to_cas_login(controller, renew?) return false end end |
.authentication_required?(controller) ⇒ Boolean
Has the user already talked to the Cas server?
83 84 85 |
# File 'lib/casablanca/rails/filter.rb', line 83 def authentication_required?(controller) (controller.session[:cas_user].nil? || renew?) && controller.params[:ticket].nil? end |
.filter(controller) ⇒ Object
Require a authenticated user to the CAS server otherwise redirect to the CAS server login url. Set session to the authenticated CAS user if authenticated
43 44 45 46 47 48 49 50 51 |
# File 'lib/casablanca/rails/filter.rb', line 43 def filter(controller) if authentication_required?(controller) return get_credentials(controller) elsif controller.params[:ticket] return authenticate_ticket(controller) else return true end end |
.get_credentials(controller) ⇒ Object
92 93 94 95 96 97 98 99 100 |
# File 'lib/casablanca/rails/filter.rb', line 92 def get_credentials(controller) if renew? logger.debug "Always require credentials for authentication" else logger.debug "Not authenticated yet. Ticket parameter required" end redirect_to_cas_login(controller, renew?) return false end |
.logger ⇒ Object
73 74 75 |
# File 'lib/casablanca/rails/filter.rb', line 73 def logger Casablanca::Client.logger end |
.login_url(controller, params = {}) ⇒ Object
The login url of the Cas server. This page has the login form.
55 56 57 58 |
# File 'lib/casablanca/rails/filter.rb', line 55 def login_url(controller, params={}) client = Casablanca::Client.new(:cas_server_url => Config.cas_server_url, :service_url => service_url(controller)) client.login_url(params) end |
.logout(controller) ⇒ Object
Logs out of the Cas server.
69 70 71 |
# File 'lib/casablanca/rails/filter.rb', line 69 def logout(controller) controller.session[:cas_user] = nil end |
.logout_url(controller, params = {}) ⇒ Object
The logout url of the Cas server.
62 63 64 65 |
# File 'lib/casablanca/rails/filter.rb', line 62 def logout_url(controller, params={}) client = Casablanca::Client.new(:cas_server_url => Config.cas_server_url, :service_url => service_url(controller)) client.logout_url(params) end |
.redirect_to_cas_login(controller, renew) ⇒ Object
87 88 89 90 |
# File 'lib/casablanca/rails/filter.rb', line 87 def redirect_to_cas_login(controller, renew) controller.session[:cas_renew] = renew controller.send(:redirect_to, login_url(controller, :renew => renew)) end |