Skip to content

Commit

Permalink
Multi domain session cookie behavior works for 2.3 now
Browse files Browse the repository at this point in the history
  • Loading branch information
Justin Knowlden committed Mar 5, 2009
1 parent 15d4e2f commit 81ad4b4
Show file tree
Hide file tree
Showing 4 changed files with 63 additions and 84 deletions.
44 changes: 15 additions & 29 deletions lib/centro/base_host.rb
View file
@@ -1,33 +1,19 @@
# SsoWhat
module Centro
module BaseHost
module CgiRequestExtensions

def self.included(base)
base.instance_eval do
alias_method_chain :session_options_with_string_keys, :overridden_domain
end
end

def default_session_domain
return @session_options[:session_domain] unless @session_options[:session_domain] == :base_host
@default_session_domain ||= base_host_for_requested_host
end

def base_host_for_requested_host
md = host.match(/([^.]+\.)?([^.]+)$/)
md[1].nil? ? nil : md[0]
module AbstractStore
module MultiDomain
def self.included(klass)
klass.alias_method_chain :call, :domain_override
end

private
def session_options_with_string_keys_with_overridden_domain
opts = session_options_with_string_keys_without_overridden_domain
opts['session_domain'] = default_session_domain
opts

def call_with_domain_override(env)
if @default_options[:multi_domain]
base_host = env["HTTP_HOST"].scan(/[0-9a-z-]+\.[0-9a-z-]+(?=:|$)/i).first
@default_options[:domain] = base_host ? ".#{base_host}" : base_host
end
call_without_domain_override(env)
end
end # MultiDomain
end # AbstractStore
end # Centro

end
end
end

ActionController::CgiRequest.instance_eval { include Centro::BaseHost::CgiRequestExtensions }
ActionController::Session::AbstractStore.instance_eval { include Centro::AbstractStore::MultiDomain }
100 changes: 47 additions & 53 deletions test/base_host_test.rb
View file
@@ -1,66 +1,60 @@
require File.join(File.dirname(__FILE__), 'test_helper')

class BaseHostTest < Test::Unit::TestCase
# Macros

context "with session_domain option set to :base_host" do
setup do
cgi, opts = CGI.new, {:session_domain => :base_host}
@request = ActionController::CgiRequest.new(cgi, opts)
def self.store_with_multi_domain(multi_domain_option, &block)
context "session store with multi-domain set to #{multi_domain_option.inspect}" do
setup do
@response = [nil, {"Set-Cookie" => nil}] # second element is the header
@app = stub(:call => @response)
options = {:multi_domain => multi_domain_option, :expire_after => 3600}
@store = TestSessionStore.new(@app, options)
end
yield if block_given?
end
end

should "nil the cookie domain when host consists of one part" do
@request.expects(:host).returns('foohost')
assert_nil @request.default_session_domain
end

should "wildcard the cookie domain to the entire domain when host consists of two parts" do
@request.expects(:host).returns('foohost.bar')
assert_equal 'foohost.bar', @request.default_session_domain
end

should "wildcard the cookie domain to the base domain when host consists of three parts" do
@request.expects(:host).returns('gah.foohost.bar')
assert_equal 'foohost.bar', @request.default_session_domain
def self.should_expect_cookie_domain_for_http_host(http_host, cookie_domain)
should "return #{cookie_domain} for #{http_host}" do
env = {"HTTP_HOST" => http_host}
@store.call(env)
expected = cookie_domain.nil? ? nil : "domain=#{cookie_domain}"
assert_equal expected, domain_for_the_first_cookie_found
end

should "wildcard the cookie domain to the base domain when host consists of four parts" do
@request.expects(:host).returns('publisher.gah.foohost.bar')
assert_equal 'foohost.bar', @request.default_session_domain
end

should "have session_options_with_string_keys insert the expected session domain into the hash" do
@request.expects(:host).returns('weird.biscotti.eating.habits')
generated_opts = @request.send(:session_options_with_string_keys)
assert_equal 'eating.habits', generated_opts['session_domain']
end

end

context "with session_domain option set to nil" do
setup do
cgi, opts = CGI.new, {:session_domain => nil}
@request = ActionController::CgiRequest.new(cgi, opts)
end

should "return nil for default session domain" do
@request.stubs(:host).returns('gah.foohost.bar')
assert_nil @request.default_session_domain
end

def domain_for_the_first_cookie_found
set_cookie = @response[1]["Set-Cookie"]
set_cookie && set_cookie.scan(/domain=[a-z0-9.-]+/i).first
end

context "with session_domain option set to a custom domain" do
setup do
cgi, opts = CGI.new, {:session_domain => 'biscotti.com'}
@request = ActionController::CgiRequest.new(cgi, opts)
end

should "return the manually set session domain" do
@request.stubs(:host).returns('gah.foohost.bar')
assert_equal 'biscotti.com', @request.default_session_domain
end


# Tests

store_with_multi_domain(true) do
should_expect_cookie_domain_for_http_host "foohost", nil
should_expect_cookie_domain_for_http_host "foohost.bar", ".foohost.bar"
should_expect_cookie_domain_for_http_host "gah.foohost.bar", ".foohost.bar"
should_expect_cookie_domain_for_http_host "publisher.gah.foohost.bar", ".foohost.bar"
should_expect_cookie_domain_for_http_host "gah.foohost.bar:3000", ".foohost.bar"
end


store_with_multi_domain(false) do
should_expect_cookie_domain_for_http_host "gah.foohost.bar", nil
end

store_with_multi_domain(nil) do
should_expect_cookie_domain_for_http_host "gah.foohost.bar", nil
end

end

class TestSessionStore < ActionController::Session::AbstractStore
def get_session(env, sid)
[sid, {:foo => "bar"}]
end

def set_session(env, sid, session_data)
true
end
end
2 changes: 1 addition & 1 deletion test/domain_override_test.rb
View file
Expand Up @@ -45,6 +45,6 @@ def setup
end

def domain_for_the_first_cookie_found
@response["Set-Cookie"].scan(/domain=[a-z0-9-.]+/i).first
@response["Set-Cookie"].scan(/domain=[a-z0-9.-]+/i).first
end
end
1 change: 0 additions & 1 deletion test/test_helper.rb
View file
Expand Up @@ -4,6 +4,5 @@
require 'shoulda'
require 'mocha'
require 'action_controller'
require 'rack'

require 'sso_what'

0 comments on commit 81ad4b4

Please sign in to comment.