Class: CASClient::Client

Inherits:
Object
  • Object
show all
Defined in:
lib/casclient/client.rb

Overview

The client brokers all HTTP transactions with the CAS server.

Instance Attribute Summary collapse

Instance Method Summary collapse

Constructor Details

#initialize(conf = nil) ⇒ Client

Returns a new instance of Client.



9
10
11
 
# File 'lib/casclient/client.rb', line 9

def initialize(conf = nil)
  configure(conf) if conf
end

Instance Attribute Details

#cas_base_urlObject (readonly)

Returns the value of attribute cas_base_url.



4
5
6
 
# File 'lib/casclient/client.rb', line 4

def cas_base_url
  @cas_base_url
end

#extra_attributes_session_keyObject (readonly)

Returns the value of attribute extra_attributes_session_key.



5
6
7
 
# File 'lib/casclient/client.rb', line 5

def extra_attributes_session_key
  @extra_attributes_session_key
end

#logObject (readonly)

Returns the value of attribute log.



5
6
7
 
# File 'lib/casclient/client.rb', line 5

def log
  @log
end

#login_urlObject 



33
34
35
 
# File 'lib/casclient/client.rb', line 33

def 
  @login_url || (cas_base_url + "/login")
end

#logout_url(service_url = nil, back_url = nil) ⇒ Object

Returns the CAS server’s logout url.

If a logout_url has not been explicitly configured, the default is cas_base_url + “/logout”.

service_url

Set this if you want the user to be able to immediately log back in. Generally you’ll want to use something like request.referer. Note that this only works with RubyCAS-Server.

back_url

This satisfies section 2.3.1 of the CAS protocol spec. See www.ja-sig.org/products/cas/overview/protocol



52
53
54
55
56
57
58
59
60
61
62
63
64
65
 
# File 'lib/casclient/client.rb', line 52

def logout_url(service_url = nil, back_url = nil)
  url = @logout_url || (cas_base_url + "/logout")
  
  if service_url || back_url
    uri = URI.parse(url)
    h = uri.query ? query_to_hash(uri.query) : {}
    h['service'] = service_url if service_url
    h['url'] = back_url if back_url
    uri.query = hash_to_query(h)
    uri.to_s
  else
    url
  end
end

#proxy_callback_urlObject

Returns the value of attribute proxy_callback_url.



7
8
9
 
# File 'lib/casclient/client.rb', line 7

def proxy_callback_url
  @proxy_callback_url
end

#proxy_retrieval_urlObject

Returns the value of attribute proxy_retrieval_url.



7
8
9
 
# File 'lib/casclient/client.rb', line 7

def proxy_retrieval_url
  @proxy_retrieval_url
end

#proxy_urlObject 



67
68
69
 
# File 'lib/casclient/client.rb', line 67

def proxy_url
  @proxy_url || (cas_base_url + "/proxy")
end

#service_url=(value) ⇒ Object (writeonly)

Sets the attribute service_url

Parameters:

  • value

    the value to set the attribute service_url to.



6
7
8
 
# File 'lib/casclient/client.rb', line 6

def service_url=(value)
  @service_url = value
end

#username_session_keyObject (readonly)

Returns the value of attribute username_session_key.



5
6
7
 
# File 'lib/casclient/client.rb', line 5

def username_session_key
  @username_session_key
end

#validate_urlObject 



37
38
39
 
# File 'lib/casclient/client.rb', line 37

def validate_url
  @validate_url || (cas_base_url + "/proxyValidate")
end

Instance Method Details

#add_service_to_login_url(service_url) ⇒ Object 



160
161
162
163
164
165
 
# File 'lib/casclient/client.rb', line 160

def (service_url)
  uri = URI.parse()
  # IU's CAS server can't deal with escaped redirects, and the param has to be named "casurl" not "service"
  uri.query = (uri.query ? uri.query + "&" : "") + "casurl=#{service_url}"
  uri.to_s
end

#configure(conf) ⇒ Object

Raises:

  • (ArgumentError) 


13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
 
# File 'lib/casclient/client.rb', line 13

def configure(conf)
  raise ArgumentError, "Missing :cas_base_url parameter!" unless conf[:cas_base_url]
  
  @cas_base_url      = conf[:cas_base_url].gsub(/\/$/, '')       
  
  @login_url    = conf[:login_url]
  @logout_url   = conf[:logout_url]
  @validate_url = conf[:validate_url]
  @proxy_url    = conf[:proxy_url]
  @service_url  = conf[:service_url]
  @proxy_callback_url  = conf[:proxy_callback_url]
  @proxy_retrieval_url = conf[:proxy_retrieval_url]
  
  @username_session_key         = conf[:username_session_key] || :cas_user
  @extra_attributes_session_key = conf[:extra_attributes_session_key] || :cas_extra_attributes
  
  @log = CASClient::LoggerWrapper.new
  @log.set_real_logger(conf[:logger]) if conf[:logger]
end

#login_to_service(credentials, service) ⇒ Object

Requests a login using the given credentials for the given service; returns a LoginResponse object.



88
89
90
91
92
93
94
95
96
97
98
 
# File 'lib/casclient/client.rb', line 88

def (credentials, service)
  lt = 
  
  data = credentials.merge(
    :lt => lt,
    :service => service 
  )
  
  res = submit_data_to_cas(, data)
  CASClient::LoginResponse.new(res)
end

#request_login_ticketObject

Requests a login ticket from the CAS server for use in a login request; returns a LoginTicket object.

This only works with RubyCAS-Server, since obtaining login tickets in this manner is not part of the official CAS spec.

Raises:



105
106
107
108
109
110
111
112
113
114
 
# File 'lib/casclient/client.rb', line 105

def 
  uri = URI.parse(+'Ticket')
  https = Net::HTTP.new(uri.host, uri.port)
  https.use_ssl = (uri.scheme == 'https')
  res = https.post(uri.path, ';')
  
  raise CASException, res.body unless res.kind_of? Net::HTTPSuccess
  
  res.body.strip
end

#request_proxy_ticket(pgt, target_service) ⇒ Object

Requests a proxy ticket from the CAS server for the given service using the given pgt (proxy granting ticket); returns a ProxyTicket object.

The pgt required to request a proxy ticket is obtained as part of a ValidationResponse.



122
123
124
125
126
127
128
129
130
131
132
133
134
135
 
# File 'lib/casclient/client.rb', line 122

def request_proxy_ticket(pgt, target_service)
  uri = URI.parse(proxy_url)
  h = uri.query ? query_to_hash(uri.query) : {}
  h['pgt'] = pgt.ticket
  h['targetService'] = target_service
  uri.query = hash_to_query(h)
  
  pr = request_cas_response(uri, ProxyResponse)
  
  pt = ProxyTicket.new(pr.proxy_ticket, target_service)
  pt.response = pr
  
  return pt
end

#retrieve_proxy_granting_ticket(pgt_iou) ⇒ Object

Raises:



137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
 
# File 'lib/casclient/client.rb', line 137

def retrieve_proxy_granting_ticket(pgt_iou)
  uri = URI.parse(proxy_retrieval_url)
  uri.query = (uri.query ? uri.query + "&" : "") + "pgtIou=#{CGI.escape(pgt_iou)}"
  retrieve_url = uri.to_s
  
  log.debug "Retrieving PGT for PGT IOU #{pgt_iou.inspect} from #{retrieve_url.inspect}"
  
#      https = Net::HTTP.new(uri.host, uri.port)
#      https.use_ssl = (uri.scheme == 'https')
#      res = https.post(uri.path, ';')
  uri = URI.parse(uri) unless uri.kind_of? URI
  https = Net::HTTP.new(uri.host, uri.port)
  https.use_ssl = (uri.scheme == 'https')
  res = https.start do |conn|
    conn.get("#{uri.path}?#{uri.query}")
  end
  
  
  raise CASException, res.body unless res.kind_of? Net::HTTPSuccess
  
  ProxyGrantingTicket.new(res.body.strip, pgt_iou)
end

#validate_service_ticket(st) ⇒ Object Also known as: validate_proxy_ticket 



71
72
73
74
75
76
77
78
79
80
81
82
83
 
# File 'lib/casclient/client.rb', line 71

def validate_service_ticket(st)
  uri = URI.parse(validate_url)
  h = uri.query ? query_to_hash(uri.query) : {}
  h['casurl'] = st.service
  h['casticket'] = st.ticket
  h['renew'] = 1 if st.renew
  h['pgtUrl'] = proxy_callback_url if proxy_callback_url
  uri.query = hash_to_query(h)
  
  st.response = request_cas_response(uri, ValidationResponse)
  
  return st
end