Permalink
Browse files

Expand param names.

  • Loading branch information...
1 parent 8577718 commit 2760b2ef493ed7d8a0db8519996ca028c8935b64 beawesomeinstead committed Feb 14, 2011
Showing with 26 additions and 35 deletions.
  1. +12 −14 lib/authentication.rb
  2. +13 −20 test/protocol/server_test.rb
  3. +1 −1 views/login.erb
View
@@ -53,10 +53,10 @@ class Server < Sinatra::Base
end
get "/serviceLogin" do
- @service = params[:s]
+ @service = params[:service]
@service_url = service_url(@service)
- @renew = [ true, "true", "1", 1 ].include?(params[:r])
- @gateway = [ true, "true", "1", 1 ].include?(params[:g])
+ @renew = [ true, "true", "1", 1 ].include?(params[:renew])
+ @gateway = [ true, "true", "1", 1 ].include?(params[:gateway])
if @renew
@login_ticket = LoginTicket.create!(settings.redis)
@@ -68,9 +68,9 @@ class Server < Sinatra::Base
st.save!(settings.redis)
redirect_url = @service_url.clone
if @service_url.query_values.nil?
- redirect_url.query_values = @service_url.query_values = { :t => st.ticket }
+ redirect_url.query_values = @service_url.query_values = { :ticket => st.ticket }
else
- redirect_url.query_values = @service_url.query_values.merge(:t => st.ticket)
+ redirect_url.query_values = @service_url.query_values.merge(:ticket => st.ticket)
end
redirect redirect_url.to_s, 303
else
@@ -87,9 +87,9 @@ class Server < Sinatra::Base
st.save!(settings.redis)
redirect_url = @service_url.clone
if @service_url.query_values.nil?
- redirect_url.query_values = @service_url.query_values = { :t => st.ticket }
+ redirect_url.query_values = @service_url.query_values = { :ticket => st.ticket }
else
- redirect_url.query_values = @service_url.query_values.merge(:t => st.ticket)
+ redirect_url.query_values = @service_url.query_values.merge(:ticket => st.ticket)
end
redirect redirect_url.to_s, 303
else
@@ -105,12 +105,10 @@ class Server < Sinatra::Base
post "/serviceLogin" do
username = params[:username]
password = params[:password]
- service = params[:s]
-
- # raise [ username, password, service, login_ticket ].inspect
+ service = params[:service]
# Redirecting to credential requestor if we don't have these params
- # redirect "/serviceLogin" + "?s=account", 303 unless username && password && service && login_ticket
+ # redirect "/serviceLogin" + "?service=account", 303 unless username && password && service && login_ticket
# Failures will throw back to self, which we've registered with Warden to handle login failures
warden.authenticate!(:scope => :remote, :action => "unauthenticated")
@@ -122,14 +120,14 @@ class Server < Sinatra::Base
if service_url(service)
st = ServiceTicket.new(service, username)
st.save!(settings.redis)
- redirect service_url(service) + "?t=#{st.ticket}", 303
+ redirect service_url(service) + "?ticket=#{st.ticket}", 303
else
erb(:logged_in)
end
end
get %r{(proxy|service)Validate} do
- service, ticket = params[:s], params[:t]
+ service, ticket = params[:service], params[:ticket]
result = if service_url(service) && ticket
if service_ticket
@@ -179,7 +177,7 @@ def login_ticket
end
def service_ticket
- @service_ticket ||= ServiceTicket.find!(params[:t], settings.redis)
+ @service_ticket ||= ServiceTicket.find!(params[:ticket], settings.redis)
end
def service_url(service)
@@ -57,7 +57,6 @@ def assert_invalid_service_json_response(last_response)
assert_equal("application/json", last_response.content_type)
json = Yajl::Parser.parse(last_response.body)
- # assert !json["status"].empty?, "Expected authentication failure status code in #{json}"
assert_equal(101, json["status"])
end
@@ -88,29 +87,26 @@ def assert_invalid_service_json_response(last_response)
end
end
- context "with a 's' parameter" do
+ context "with a 'service' parameter" do
should "be url-encoded" do
- get "/serviceLogin?s=#{@parser.escape(@test_service_url)}"
+ get "/serviceLogin?service=#{@parser.escape(@test_service_url)}"
assert last_response.ok?
- assert_raise(URI::InvalidURIError) { get "/serviceLogin?s=#{@test_service_url}" }
+ assert_raise(URI::InvalidURIError) { get "/serviceLogin?service=#{@test_service_url}" }
end
context "a single sign-on session already exists" do
setup { sso_session_for("quentin") }
should "generate a service ticket and redirect to the service" do
- get "/serviceLogin", { :s => @test_service_url }, "HTTP_COOKIE" => @cookie
+ get "/serviceLogin", { :service => @test_service_url }, "HTTP_COOKIE" => @cookie
assert last_response.redirect?
- # assert_equal Addressable::URI.parse(@test_service_url).path,
- # Addressable::URI.parse(last_response.headers["Location"]).path
assert_equal("/auth/remote/callback", Addressable::URI.parse(last_response.headers["Location"]).path)
end
should "persist the ticket for retrieval later" do
- get "/serviceLogin", { :s => @test_service_url }, "HTTP_COOKIE" => @cookie
- # post "/serviceLogin", @params
+ get "/serviceLogin", { :service => @test_service_url }, "HTTP_COOKIE" => @cookie
ticket_number = last_response.inspect[/ST-[A-Za-z0-9]+/]
st = ServiceTicket.find!(ticket_number, @redis)
assert_not_nil st
@@ -121,15 +117,15 @@ def assert_invalid_service_json_response(last_response)
# Not specified, but good sanity check
context "an invalid single sign-on session exists" do
should "not generate a service ticket and rediect" do
- get "/serviceLogin", { :s => @test_service_url }, "HTTP_COOKIE" => "tgt=TGC-1234567"
+ get "/serviceLogin", { :service => @test_service_url }, "HTTP_COOKIE" => "tgt=TGC-1234567"
assert !last_response.headers["Location"]
end
end
end
context "with a 'renew' parameter" do
- setup { @params = { :r => true } }
+ setup { @params = { :renew => true } }
context "a single sign-on session already exists" do
setup { sso_session_for("quentin") }
@@ -162,7 +158,7 @@ def assert_invalid_service_json_response(last_response)
end
context "with a 'service' parameter" do
- setup { @params[:s] = @test_service_url }
+ setup { @params[:service] = @test_service_url }
must "not ask for credentials" do
get "/serviceLogin", @params
@@ -185,14 +181,11 @@ def assert_invalid_service_json_response(last_response)
get "/serviceLogin", @params, "HTTP_COOKIE" => @cookie
assert last_response.redirect?
- # assert_equal Addressable::URI.parse(@test_service_url).path,
- # Addressable::URI.parse(last_response.headers["Location"]).path
assert_equal("/auth/remote/callback", Addressable::URI.parse(last_response.headers["Location"]).path)
end
should "persist the ticket for retrieval later" do
get "/serviceLogin", @params, "HTTP_COOKIE" => @cookie
- # post "/serviceLogin", @params
ticket_number = last_response.inspect[/ST-[A-Za-z0-9]+/]
st = ServiceTicket.find!(ticket_number, @redis)
assert_not_nil st
@@ -224,10 +217,10 @@ def assert_invalid_service_json_response(last_response)
context "with a 'service' parameter" do
must "include the parameter 'service' in the form" do
- get "/serviceLogin?s=#{@test_service_url}"
+ get "/serviceLogin?service=#{@test_service_url}"
- assert_have_selector "input[name='s']"
- assert field_named("s").value == @test_service_url
+ assert_have_selector "input[name='service']"
+ assert field_named("service").value == @test_service_url
end
end
@@ -316,7 +309,7 @@ def assert_invalid_service_json_response(last_response)
context "with a 'service' parameter" do
setup do
@service_param_url = /auth\/remote\/callback/ # FIXME: regex is not obvious
- @params[:s] = @test_service_url
+ @params[:service] = @test_service_url
end
must "redirect the client to the URL specified by the 'service' parameter" do
@@ -338,7 +331,7 @@ def assert_invalid_service_json_response(last_response)
must "include a valid service ticket, passed as the HTTP request parameter, 'ticket' with request" do
post "/serviceLogin", @params
- assert_match(/t/, last_response.inspect) # FIXME: too generic
+ assert_match(/ticket/, last_response.inspect)
assert_match(/ST-[0-9]+/, last_response.inspect)
end
View
@@ -11,7 +11,7 @@
</div>
<input name="lt" type="hidden" value="<%= @login_ticket.ticket %>">
<% if @service %>
- <input name="s" type="hidden" value="<%= @service %>">
+ <input name="service" type="hidden" value="<%= @service %>">
<% end %>
<div class="actions">
<input type="submit" value="<%= t("login_button") %>">

0 comments on commit 2760b2e

Please sign in to comment.