From 3ece66d9f00c7b4a9bf575470a49812b2dd26a08 Mon Sep 17 00:00:00 2001 From: Raffael Schmid Date: Sun, 30 Dec 2012 17:19:44 +0100 Subject: [PATCH 1/6] add test and code for the first api processor --- lib/casino_core/processor.rb | 2 + lib/casino_core/processor/api.rb | 7 ++ .../api/login_credential_acceptor.rb | 72 +++++++++++++++++++ .../api/login_credential_acceptor_spec.rb | 37 ++++++++++ 4 files changed, 118 insertions(+) create mode 100644 lib/casino_core/processor/api.rb create mode 100644 lib/casino_core/processor/api/login_credential_acceptor.rb create mode 100644 spec/processor/api/login_credential_acceptor_spec.rb diff --git a/lib/casino_core/processor.rb b/lib/casino_core/processor.rb index cfef69d7..199c8ea4 100644 --- a/lib/casino_core/processor.rb +++ b/lib/casino_core/processor.rb @@ -12,6 +12,8 @@ class Processor autoload :SessionDestroyer, 'casino_core/processor/session_destroyer.rb' autoload :SessionOverview, 'casino_core/processor/session_overview.rb' + autoload :API, 'casino_core/processor/api.rb' + def initialize(listener) @listener = listener end diff --git a/lib/casino_core/processor/api.rb b/lib/casino_core/processor/api.rb new file mode 100644 index 00000000..5a532f88 --- /dev/null +++ b/lib/casino_core/processor/api.rb @@ -0,0 +1,7 @@ +module CASinoCore + class Processor + module API + autoload :LoginCredentialAcceptor, 'casino_core/processor/api/login_credential_acceptor.rb' + end + end +end diff --git a/lib/casino_core/processor/api/login_credential_acceptor.rb b/lib/casino_core/processor/api/login_credential_acceptor.rb new file mode 100644 index 00000000..f3a7e8e6 --- /dev/null +++ b/lib/casino_core/processor/api/login_credential_acceptor.rb @@ -0,0 +1,72 @@ +require 'casino_core/processor/api' +require 'casino_core/helper' + +# This processor should be used for API calls: POST /cas/v1/tickets +class CASinoCore::Processor::API::LoginCredentialAcceptor < CASinoCore::Processor + include CASinoCore::Helper::Logger + include CASinoCore::Helper::ServiceTickets + + # Use this method to process the request. It expects the username in the parameter "username" and the password + # in "password". + # + # The method will call one of the following methods on the listener: + # * `#api_user_logged_in`: + # * `#api_invalid_login_credentials`: + # + # @param [Hash] params parameters supplied by user + # @param [Hash] cookies cookies supplied by user + # @param [String] user_agent user-agent delivered by the client + def process(login_data) + @login_data = login_data + + validate_login_data + + unless @authentication_result.nil? + generate_ticket_granting_ticket + callback_user_logged_in + else + callback_invalid_login_credentials + end + end + + private + def validate_login_data + @authentication_result = validate_login_credentials(@login_data[:username], @login_data[:password]) + end + + def callback_user_logged_in + @listener.user_logged_in_via_api @ticket_granting_ticket.ticket + end + + def generate_ticket_granting_ticket + @ticket_granting_ticket = acquire_ticket_granting_ticket(@authentication_result) + end + + def callback_invalid_login_credentials + @listener.invalid_login_credentials_via_api + end + + def validate_login_credentials(username, password) + authentication_result = nil + CASinoCore::Settings.authenticators.each do |authenticator_name, authenticator| + data = authenticator.validate(username, password) + if data + authentication_result = { authenticator: authenticator_name, user_data: data } + logger.info("Credentials for username '#{data[:username]}' successfully validated using authenticator '#{authenticator_name}' (#{authenticator.class})") + break + end + end + authentication_result + end + + def acquire_ticket_granting_ticket(authentication_result, user_agent = nil) + user_data = authentication_result[:user_data] + CASinoCore::Model::TicketGrantingTicket.create!({ + ticket: random_ticket_string('TGC'), + authenticator: authentication_result[:authenticator], + username: user_data[:username], + extra_attributes: user_data[:extra_attributes], + user_agent: user_agent + }) + end +end diff --git a/spec/processor/api/login_credential_acceptor_spec.rb b/spec/processor/api/login_credential_acceptor_spec.rb new file mode 100644 index 00000000..88cfd049 --- /dev/null +++ b/spec/processor/api/login_credential_acceptor_spec.rb @@ -0,0 +1,37 @@ +require 'spec_helper' + +describe CASinoCore::Processor::API::LoginCredentialAcceptor do + describe '#process' do + let(:listener) { Object.new } + let(:processor) { described_class.new(listener) } + + context 'with invalid credentials' do + let(:login_data) { {username: 'testuser', password: 'wrong'} } + + it 'calls the #invalid_login_credentials method on the listener' do + listener.should_receive(:invalid_login_credentials_via_api) + processor.process(login_data).should be_false + end + end + + context 'with valid credentials' do + let(:login_data) { {username: 'testuser', password: 'foobar123'} } + + before(:each) do + listener.stub(:user_logged_in) + end + + it 'calls the #user_logged_in method on the listener' do + listener.should_receive(:user_logged_in_via_api).with(/^TGC\-/) + processor.process(login_data) + end + + it 'generates a ticket-granting ticket' do + listener.should_receive(:user_logged_in_via_api).with(/^TGC\-/) + expect { + processor.process(login_data) + }.to change(CASinoCore::Model::TicketGrantingTicket, :count).by(1) + end + end + end +end From 0d7dd01e4ce2221c36494b132e969f669fcc9986 Mon Sep 17 00:00:00 2001 From: Raffael Schmid Date: Sun, 30 Dec 2012 17:29:32 +0100 Subject: [PATCH 2/6] move the authentiction method and the tgt create method into a helper --- lib/casino_core/helper/authentication.rb | 20 +++++++++++++++++++ .../helper/ticket_granting_tickets.rb | 13 ++++++++++++ 2 files changed, 33 insertions(+) create mode 100644 lib/casino_core/helper/authentication.rb diff --git a/lib/casino_core/helper/authentication.rb b/lib/casino_core/helper/authentication.rb new file mode 100644 index 00000000..95233b72 --- /dev/null +++ b/lib/casino_core/helper/authentication.rb @@ -0,0 +1,20 @@ +module CASinoCore + module Helper + module Authentication + + def validate_login_credentials(username, password) + authentication_result = nil + CASinoCore::Settings.authenticators.each do |authenticator_name, authenticator| + data = authenticator.validate(username, password) + if data + authentication_result = { authenticator: authenticator_name, user_data: data } + logger.info("Credentials for username '#{data[:username]}' successfully validated using authenticator '#{authenticator_name}' (#{authenticator.class})") + break + end + end + authentication_result + end + + end + end +end diff --git a/lib/casino_core/helper/ticket_granting_tickets.rb b/lib/casino_core/helper/ticket_granting_tickets.rb index b0b5eb44..acfd020d 100644 --- a/lib/casino_core/helper/ticket_granting_tickets.rb +++ b/lib/casino_core/helper/ticket_granting_tickets.rb @@ -3,6 +3,7 @@ module CASinoCore module Helper module TicketGrantingTickets + include CASinoCore::Helper::Browser include CASinoCore::Helper::Logger @@ -19,6 +20,18 @@ def find_valid_ticket_granting_ticket(tgt, user_agent) end end end + + def acquire_ticket_granting_ticket(authentication_result, user_agent = nil) + user_data = authentication_result[:user_data] + CASinoCore::Model::TicketGrantingTicket.create!({ + ticket: random_ticket_string('TGC'), + authenticator: authentication_result[:authenticator], + username: user_data[:username], + extra_attributes: user_data[:extra_attributes], + user_agent: user_agent + }) + end + end end end From 1f6eb7ca34f4f51c5f98c56d815e0ee7de224ce2 Mon Sep 17 00:00:00 2001 From: Raffael Schmid Date: Sun, 30 Dec 2012 17:30:07 +0100 Subject: [PATCH 3/6] configure autoload --- lib/casino_core/helper.rb | 1 + 1 file changed, 1 insertion(+) diff --git a/lib/casino_core/helper.rb b/lib/casino_core/helper.rb index 8614b56f..b07719bc 100644 --- a/lib/casino_core/helper.rb +++ b/lib/casino_core/helper.rb @@ -3,6 +3,7 @@ module CASinoCore module Helper + autoload :Authentication, 'casino_core/helper/authentication.rb' autoload :Browser, 'casino_core/helper/browser.rb' autoload :Logger, 'casino_core/helper/logger.rb' autoload :LoginTickets, 'casino_core/helper/login_tickets.rb' From 5d7e3825dd39c0c622af924bce87ea83a66a5e76 Mon Sep 17 00:00:00 2001 From: Raffael Schmid Date: Sun, 30 Dec 2012 17:30:15 +0100 Subject: [PATCH 4/6] use the "new" helper methods --- .../api/login_credential_acceptor.rb | 25 ++----------------- 1 file changed, 2 insertions(+), 23 deletions(-) diff --git a/lib/casino_core/processor/api/login_credential_acceptor.rb b/lib/casino_core/processor/api/login_credential_acceptor.rb index f3a7e8e6..3f82a3db 100644 --- a/lib/casino_core/processor/api/login_credential_acceptor.rb +++ b/lib/casino_core/processor/api/login_credential_acceptor.rb @@ -5,6 +5,8 @@ class CASinoCore::Processor::API::LoginCredentialAcceptor < CASinoCore::Processor include CASinoCore::Helper::Logger include CASinoCore::Helper::ServiceTickets + include CASinoCore::Helper::Authentication + include CASinoCore::Helper::TicketGrantingTickets # Use this method to process the request. It expects the username in the parameter "username" and the password # in "password". @@ -46,27 +48,4 @@ def callback_invalid_login_credentials @listener.invalid_login_credentials_via_api end - def validate_login_credentials(username, password) - authentication_result = nil - CASinoCore::Settings.authenticators.each do |authenticator_name, authenticator| - data = authenticator.validate(username, password) - if data - authentication_result = { authenticator: authenticator_name, user_data: data } - logger.info("Credentials for username '#{data[:username]}' successfully validated using authenticator '#{authenticator_name}' (#{authenticator.class})") - break - end - end - authentication_result - end - - def acquire_ticket_granting_ticket(authentication_result, user_agent = nil) - user_data = authentication_result[:user_data] - CASinoCore::Model::TicketGrantingTicket.create!({ - ticket: random_ticket_string('TGC'), - authenticator: authentication_result[:authenticator], - username: user_data[:username], - extra_attributes: user_data[:extra_attributes], - user_agent: user_agent - }) - end end From a1f019133557859f61d3228b04a15df2bc07e36c Mon Sep 17 00:00:00 2001 From: Raffael Schmid Date: Sun, 30 Dec 2012 17:32:10 +0100 Subject: [PATCH 5/6] use the new helper methods also for normal logins --- .../processor/login_credential_acceptor.rb | 25 ++----------------- 1 file changed, 2 insertions(+), 23 deletions(-) diff --git a/lib/casino_core/processor/login_credential_acceptor.rb b/lib/casino_core/processor/login_credential_acceptor.rb index 6701684d..2db243ef 100644 --- a/lib/casino_core/processor/login_credential_acceptor.rb +++ b/lib/casino_core/processor/login_credential_acceptor.rb @@ -6,6 +6,8 @@ class CASinoCore::Processor::LoginCredentialAcceptor < CASinoCore::Processor include CASinoCore::Helper::Logger include CASinoCore::Helper::LoginTickets include CASinoCore::Helper::ServiceTickets + include CASinoCore::Helper::Authentication + include CASinoCore::Helper::TicketGrantingTickets # Use this method to process the request. It expects the username in the parameter "username" and the password # in "password". @@ -54,27 +56,4 @@ def login_ticket_valid?(lt) end end - def validate_login_credentials(username, password) - authentication_result = nil - CASinoCore::Settings.authenticators.each do |authenticator_name, authenticator| - data = authenticator.validate(username, password) - if data - authentication_result = { authenticator: authenticator_name, user_data: data } - logger.info("Credentials for username '#{data[:username]}' successfully validated using authenticator '#{authenticator_name}' (#{authenticator.class})") - break - end - end - authentication_result - end - - def acquire_ticket_granting_ticket(authentication_result, user_agent = nil) - user_data = authentication_result[:user_data] - CASinoCore::Model::TicketGrantingTicket.create!({ - ticket: random_ticket_string('TGC'), - authenticator: authentication_result[:authenticator], - username: user_data[:username], - extra_attributes: user_data[:extra_attributes], - user_agent: user_agent - }) - end end From e94bd23c7c1cf2a4c2e86950908c93dff54caab7 Mon Sep 17 00:00:00 2001 From: Raffael Schmid Date: Sun, 30 Dec 2012 17:38:33 +0100 Subject: [PATCH 6/6] document all the things! --- .../processor/api/login_credential_acceptor.rb | 8 +++----- 1 file changed, 3 insertions(+), 5 deletions(-) diff --git a/lib/casino_core/processor/api/login_credential_acceptor.rb b/lib/casino_core/processor/api/login_credential_acceptor.rb index 3f82a3db..daf486be 100644 --- a/lib/casino_core/processor/api/login_credential_acceptor.rb +++ b/lib/casino_core/processor/api/login_credential_acceptor.rb @@ -12,12 +12,10 @@ class CASinoCore::Processor::API::LoginCredentialAcceptor < CASinoCore::Processo # in "password". # # The method will call one of the following methods on the listener: - # * `#api_user_logged_in`: - # * `#api_invalid_login_credentials`: + # * `#user_logged_in_via_api`: First and only argument is a String with the TGT-id + # * `#invalid_login_credentials_via_api`: No argument # - # @param [Hash] params parameters supplied by user - # @param [Hash] cookies cookies supplied by user - # @param [String] user_agent user-agent delivered by the client + # @param [Hash] login_data parameters supplied by user (username and password) def process(login_data) @login_data = login_data