Class: Aker::Cas::ServiceMode

Inherits:
Modes::Base
  • Object
show all
Includes:
ConfigurationHelper, ServiceUrl, Modes::Support::AttemptedPath, Rack::Utils
Defined in:
lib/aker/cas/service_mode.rb

Overview

An interactive mode that provides CAS authentication conformant to CAS 2.

This mode does not handle non-interactive CAS proxying. See ProxyMode for that.

See Also:

Author:

Class Method Summary (collapse)

Instance Method Summary (collapse)

Methods included from ServiceUrl

#service_url, service_url

Methods included from Modes::Support::AttemptedPath

#attempted_path

Methods included from ConfigurationHelper

#cas_login_url, #cas_logout_url, #cas_url, #proxy_callback_url, #proxy_retrieval_url

Methods inherited from Modes::Base

#authenticate!, #authority, #configuration, #interactive?, #store?

Methods included from Rack::EnvironmentHelper

#authority, #configuration, #interactive?

Class Method Details

+ (Object) append_middleware(builder)

Appends the logout responder and the ticket remover to the Rack middleware stack.



34
35
36
37
# File 'lib/aker/cas/service_mode.rb', line 34

def self.append_middleware(builder)
  builder.use(Middleware::LogoutResponder)
  builder.use(Middleware::TicketRemover)
end

+ (Symbol) key

A key that refers to this mode; used for configuration convenience.

Returns:

  • (Symbol)


26
27
28
# File 'lib/aker/cas/service_mode.rb', line 26

def self.key
  :cas
end

Instance Method Details

- (Array<String>?) credentials

Extracts the service ticket from the request parameters.

The service ticket is assumed to be a parameter named ST in either GET or POST data.

Returns:

  • (Array<String>, nil)

    a two-item array containing the service ticket and the service URL to which the ticket (it is asserted) applies



56
57
58
59
60
# File 'lib/aker/cas/service_mode.rb', line 56

def credentials
  if request['ticket']
    [request['ticket'], service_url]
  end
end

- (Symbol) kind

The type of credentials supplied by this mode.

Returns:

  • (Symbol)


43
44
45
# File 'lib/aker/cas/service_mode.rb', line 43

def kind
  self.class.key
end

- (Rack::Response) on_ui_failure

Builds a Rack response that redirects to a CAS server's login page.

The constructed response uses the URL of the resource for which authentication failed as the CAS service URL.

Returns:

  • (Rack::Response)

See Also:



79
80
81
82
83
84
85
# File 'lib/aker/cas/service_mode.rb', line 79

def on_ui_failure
  ::Rack::Response.new do |resp|
     = URI.parse()
    .query = "service=#{escape(service_url)}"
    resp.redirect(.to_s)
  end
end

- (Boolean) valid?

Returns true if a service ticket is present in the query string, false otherwise.

Returns:

  • (Boolean)


65
66
67
# File 'lib/aker/cas/service_mode.rb', line 65

def valid?
  credentials
end