Merge pull request #1099 from uofu-ccts/release/uofu-master-cas

Release/uofu master cas

.gitignore

@@ -47,6 +47,7 @@ config/ldap.yml
 config/application.yml
 config/ldap.yml
 config/epic.yml
+config/cas.yml
 config/initializers/abstract_mysql_adapter.rb
 public/portal
 public/catalog_manager

Gemfile

@@ -67,13 +67,14 @@ gem 'sass'
 gem 'sass-rails'
 gem 'savon', '~> 2.2.0'
 gem 'simplecov', require: false, group: :test
-gem 'therubyracer', '0.10.2', :platforms => :ruby, group: :production
+gem 'therubyracer', '0.12.3', :platforms => :ruby, group: :production
 gem 'twitter-typeahead-rails'
 gem 'uglifier', '>= 1.0.3'
 gem 'whenever', require: false
 gem 'will_paginate'
 gem 'will_paginate-bootstrap'
 gem 'x-editable-rails'
+gem 'omniauth-cas'
 
 group :development, :test, :profile do
   gem 'addressable', '~> 2.3.6'

Gemfile.lock

@@ -1,15 +1,15 @@
 GIT
   remote: git://github.com/rails/rails-observers.git
-  revision: 206cb17bc14f4f5ac6f83da4204013a69549b9dc
+  revision: c569dc1525259f5ab82cddf90958777473499997
   specs:
-    rails-observers (0.1.4)
-      activemodel (>= 4.0)
+    rails-observers (0.2.0)
+      activemodel (>= 4.2)
 
 GIT
   remote: git://github.com/swanandp/acts_as_list.git
-  revision: 0adb6e806e1da03f1645e5aa251c40882d0a579d
+  revision: 0a42fe6f9a7ecd5e0ccd8b7f949184fd9a27b15b
   specs:
-    acts_as_list (0.9.5)
+    acts_as_list (0.9.7)
       activerecord (>= 3.0)
 
 GIT
@@ -61,7 +61,7 @@ GEM
       activemodel (= 5.1.4)
       activesupport (= 5.1.4)
       arel (~> 8.0)
-    activerecord-import (0.19.0)
+    activerecord-import (0.19.1)
       activerecord (>= 3.2)
     activerecord-session_store (1.1.0)
       actionpack (>= 4.0, < 5.2)
@@ -78,15 +78,15 @@ GEM
       activerecord (>= 4.2.8)
     addressable (2.3.8)
     afm (0.2.2)
-    airbrussh (1.2.0)
+    airbrussh (1.3.0)
       sshkit (>= 1.6.1, != 1.7.0)
     akami (1.2.2)
       gyoku (>= 0.4.0)
       nokogiri
     arel (8.0.0)
     audited (4.5.0)
       activerecord (>= 4.0, < 5.2)
-    autoprefixer-rails (7.1.1.2)
+    autoprefixer-rails (7.1.3)
       execjs
     axiom-types (0.1.1)
       descendants_tracker (~> 0.0.4)
@@ -108,10 +108,10 @@ GEM
     bootstrap3-datetimepicker-rails (4.17.47)
       momentjs-rails (>= 2.8.1)
     builder (3.2.3)
-    bullet (5.5.1)
+    bullet (5.6.1)
       activesupport (>= 3.0.0)
       uniform_notifier (~> 1.10.0)
-    capistrano (3.8.1)
+    capistrano (3.9.0)
       airbrussh (>= 1.0.0)
       i18n
       rake (>= 10.0.0)
@@ -157,19 +157,20 @@ GEM
     coffee-script-source (1.12.2)
     concurrent-ruby (1.0.5)
     connection_pool (2.2.1)
-    countries (2.0.8)
-      i18n_data (~> 0.7.0)
-      money (~> 6.7)
+    countries (2.1.2)
+      i18n_data (~> 0.8.0)
+      money (~> 6.9)
       sixarm_ruby_unaccent (~> 1.1)
       unicode_utils (~> 1.4)
-    country_select (3.0.0)
+    country_select (3.1.0)
       countries (~> 2.0)
       sort_alphabetical (~> 1.0)
     crack (0.4.3)
       safe_yaml (~> 1.0.0)
+    crass (1.0.2)
     css_parser (1.5.0)
       addressable
-    curb (0.9.3)
+    curb (0.9.4)
     daemons (1.2.4)
     database_cleaner (1.6.1)
     delayed_job (4.1.3)
@@ -198,7 +199,7 @@ GEM
     equivalent-xml (0.6.0)
       nokogiri (>= 1.4.3)
     erubi (1.6.1)
-    exception_notification (4.2.1)
+    exception_notification (4.2.2)
       actionmailer (>= 4.0, < 6)
       activesupport (>= 4.0, < 6)
     execjs (2.7.0)
@@ -207,8 +208,9 @@ GEM
     factory_girl_rails (4.8.0)
       factory_girl (~> 4.8.0)
       railties (>= 3.0.0)
-    faker (1.7.3)
+    faker (1.8.4)
       i18n (~> 0.5)
+    ffi (1.9.18)
     globalid (0.4.0)
       activesupport (>= 4.2.0)
     gon (6.1.0)
@@ -231,12 +233,12 @@ GEM
       multi_json (>= 1.3.2)
     gyoku (1.0.0)
       builder (>= 2.1.2)
-    haml (5.0.1)
+    haml (5.0.2)
       temple (>= 0.8.0)
       tilt
-    hashdiff (0.3.4)
+    hashdiff (0.3.6)
     hashery (2.1.2)
-    hashie (3.5.5)
+    hashie (3.5.6)
     hashie-forbidden_attributes (0.1.1)
       hashie (>= 3.0)
     highline (1.7.8)
@@ -249,7 +251,7 @@ GEM
     httpi (2.0.2)
       rack
     i18n (0.8.6)
-    i18n_data (0.7.0)
+    i18n_data (0.8.0)
     icalendar (2.4.1)
     ice_nine (0.11.2)
     jbuilder (2.7.0)
@@ -265,8 +267,9 @@ GEM
       addressable (~> 2.3)
     letter_opener (1.4.1)
       launchy (~> 2.2)
-    libv8 (3.3.10.4)
-    loofah (2.0.3)
+    libv8 (3.16.14.19)
+    loofah (2.1.1)
+      crass (~> 1.0.2)
       nokogiri (>= 1.5.9)
     mail (2.6.6)
       mime-types (>= 1.16, < 4)
@@ -275,7 +278,7 @@ GEM
       mime-types-data (~> 3.2015)
     mime-types-data (3.2016.0521)
     mimemagic (0.3.0)
-    mini_portile2 (2.2.0)
+    mini_portile2 (2.3.0)
     minitest (5.10.3)
     momentjs-rails (2.17.1)
       railties (>= 3.1)
@@ -285,7 +288,7 @@ GEM
     multi_xml (0.6.0)
     mysql2 (0.3.21)
     nested_form (0.3.2)
-    nested_form_fields (0.8)
+    nested_form_fields (0.8.1)
       coffee-rails (>= 3.2.1)
       jquery-rails
       rails (>= 3.2.0)
@@ -294,15 +297,19 @@ GEM
       net-ssh (>= 2.6.5)
     net-ssh (4.1.0)
     netrc (0.11.0)
-    newrelic_rpm (4.2.0.334)
+    newrelic_rpm (4.3.0.335)
     nio4r (2.1.0)
-    nokogiri (1.8.0)
-      mini_portile2 (~> 2.2.0)
+    nokogiri (1.8.1)
+      mini_portile2 (~> 2.3.0)
     nori (2.1.0)
     nprogress-rails (0.2.0.2)
     omniauth (1.6.1)
       hashie (>= 3.4.6, < 3.6.0)
       rack (>= 1.6.2, < 3)
+    omniauth-cas (1.1.1)
+      addressable (~> 2.3)
+      nokogiri (~> 1.5)
+      omniauth (~> 1.2)
     omniauth-shibboleth (1.2.1)
       omniauth (>= 1.0.0)
     options (2.3.2)
@@ -313,8 +320,8 @@ GEM
       cocaine (~> 0.5.5)
       mime-types
       mimemagic (= 0.3.0)
-    parallel (1.11.2)
-    parallel_tests (2.14.1)
+    parallel (1.12.0)
+    parallel_tests (2.14.3)
       parallel
     pdf-reader (2.0.0)
       Ascii85 (~> 1.0.0)
@@ -330,7 +337,7 @@ GEM
       addressable
       css_parser (>= 1.4.10)
       htmlentities (>= 4.0.0)
-    premailer-rails (1.9.6)
+    premailer-rails (1.9.7)
       actionmailer (>= 3, < 6)
       premailer (~> 1.7, >= 1.7.9)
     progress_bar (1.1.0)
@@ -340,7 +347,7 @@ GEM
       coderay (~> 1.1.0)
       method_source (~> 0.8.1)
       slop (~> 3.4)
-    puma (3.9.1)
+    puma (3.10.0)
     rack (2.0.3)
     rack-accept (0.4.5)
       rack (>= 0.4)
@@ -383,7 +390,11 @@ GEM
       rake (>= 0.8.7)
       thor (>= 0.18.1, < 2.0)
     rake (12.1.0)
+    rb-fsevent (0.10.2)
+    rb-inotify (0.9.10)
+      ffi (>= 0.5.0, < 2)
     redcarpet (3.4.0)
+    ref (2.0.0)
     remotipart (1.3.1)
     request_store (1.3.2)
     responders (2.4.0)
@@ -412,7 +423,7 @@ GEM
     rspec-mocks (3.6.0)
       diff-lcs (>= 1.2.0, < 2.0)
       rspec-support (~> 3.6.0)
-    rspec-rails (3.6.0)
+    rspec-rails (3.6.1)
       actionpack (>= 3.0)
       activesupport (>= 3.0)
       railties (>= 3.0)
@@ -426,7 +437,11 @@ GEM
     ruby-rc4 (0.1.5)
     rubyzip (1.0.0)
     safe_yaml (1.0.4)
-    sass (3.4.24)
+    sass (3.5.1)
+      sass-listen (~> 4.0.0)
+    sass-listen (4.0.0)
+      rb-fsevent (~> 0.9, >= 0.9.4)
+      rb-inotify (~> 0.9, >= 0.9.7)
     sass-rails (5.0.6)
       railties (>= 4.0.0, < 6)
       sass (~> 3.1)
@@ -443,17 +458,17 @@ GEM
       wasabi (~> 3.1.0)
     shoulda-callback-matchers (1.1.4)
       activesupport (>= 3)
-    shoulda-matchers (3.1.1)
+    shoulda-matchers (3.1.2)
       activesupport (>= 4.0.0)
-    simplecov (0.14.1)
+    simplecov (0.15.0)
       docile (~> 1.1.0)
       json (>= 1.8, < 3)
       simplecov-html (~> 0.10.0)
-    simplecov-html (0.10.1)
+    simplecov-html (0.10.2)
     site_prism (2.9)
       addressable (>= 2.3.3, < 3.0)
       capybara (>= 2.1, < 3.0)
-    sixarm_ruby_unaccent (1.1.2)
+    sixarm_ruby_unaccent (1.2.0)
     slop (3.6.0)
     sort_alphabetical (1.1.0)
       unicode_utils (>= 1.2.2)
@@ -469,16 +484,17 @@ GEM
       activesupport (>= 4.0)
       sprockets (>= 3.0.0)
     sqlite3 (1.3.13)
-    sshkit (1.13.1)
+    sshkit (1.14.0)
       net-scp (>= 1.1.2)
       net-ssh (>= 2.8.0)
     temple (0.8.0)
-    therubyracer (0.10.2)
-      libv8 (~> 3.3.10)
+    therubyracer (0.12.3)
+      libv8 (~> 3.16.14.15)
+      ref
     thor (0.20.0)
     thread_safe (0.3.6)
-    tilt (2.0.7)
-    timecop (0.8.1)
+    tilt (2.0.8)
+    timecop (0.9.1)
     traceroute (0.5.0)
       rails (>= 3.0.0)
     ttfunk (1.0.3)
@@ -587,6 +603,7 @@ DEPENDENCIES
   nori
   nprogress-rails
   omniauth
+  omniauth-cas
   omniauth-shibboleth
   paperclip (~> 4.3, >= 4.3.7)
   parallel_tests
@@ -619,7 +636,7 @@ DEPENDENCIES
   spring
   spring-commands-rspec
   sqlite3
-  therubyracer (= 0.10.2)
+  therubyracer (= 0.12.3)
   timecop
   traceroute
   twitter-typeahead-rails
@@ -631,4 +648,4 @@ DEPENDENCIES
   x-editable-rails
 
 BUNDLED WITH
-   1.14.6
+   1.15.0

app/controllers/identities/omniauth_callbacks_controller.rb

@@ -35,4 +35,23 @@ def shibboleth
       redirect_to new_identity_registration_url(service_request_id: params[:service_request_id])
     end
   end
+
+  def cas
+    @identity = Identity.find_for_cas_oauth(request.env['omniauth.auth'], current_identity)
+
+    if @identity.persisted?
+      if params[:service_request_id]
+        # redirect back to catalog page
+        store_location_for @identity, catalog_service_request_path(params[:service_request_id])
+      end
+
+      sign_in_and_redirect @identity, :event => :authentication #this will throw if @identity is not activated
+      set_flash_message(:notice, :success, :kind => "CAS") if is_navigational_format?
+    else
+      session["devise.cas_data"] = request.env["omniauth.auth"]
+      redirect_to new_identity_registration_url(service_request_id: params[:service_request_id])
+    end
+
+  end
+
 end

app/lib/directory.rb

@@ -186,7 +186,18 @@ def self.create_or_update_database_from_ldap(ldap_results, db_results)
       end
     end
   end
-
+
+  def self.find_for_cas_oauth(cas_uid)
+    # first check if the identity already exists, ldap_uid is cas_uid@utah.edu
+    ldap_uid = "#{cas_uid}@#{DOMAIN}"
+    db_result = Identity.find_by_ldap_uid(ldap_uid)
+    return db_result unless db_result.nil?
+    # if this is the first time, the user tries to login via cas, create an identity for it
+    ldap_results = Directory.search_ldap(cas_uid)
+    Directory.create_or_update_database_from_ldap(ldap_results, [])
+    Identity.find_by_ldap_uid(ldap_uid)
+  end
+
   # search and merge results but don't change the database
   # this assumes USE_LDAP = true, otherwise you wouldn't use this function
   def self.search_and_merge_ldap_and_database_results(term)
@@ -202,11 +213,11 @@ def self.search_and_merge_ldap_and_database_results(term)
       uid = "#{ldap_result[LDAP_UID].try(:first).try(:downcase)}@#{DOMAIN}"
       if identities[uid]
         results << identities[uid]
-      else 
+      else
         email = ldap_result[LDAP_EMAIL].try(:first)
         if email && email.strip.length > 0 # all SPARC users must have an email, this filters out some of the inactive LDAP users.
           results << Identity.new(ldap_uid: uid, first_name: ldap_result[LDAP_FIRST_NAME].try(:first), last_name: ldap_result[LDAP_LAST_NAME].try(:first), email: email)
-        end  
+        end
       end
     end
     results