app/helpers/casino/sessions_helper.rb in casino-3.0.4 vs app/helpers/casino/sessions_helper.rb in casino-4.0.0.pre.1

@@ -1,5 +1,80 @@
+require 'addressable/uri'
+
 module CASino::SessionsHelper
+  include CASino::TicketGrantingTicketProcessor
+  include CASino::ServiceTicketProcessor
+
   def current_ticket_granting_ticket?(ticket_granting_ticket)
     ticket_granting_ticket.ticket == cookies[:tgt]
+  end
+
+  def current_ticket_granting_ticket
+    return nil unless cookies[:tgt]
+    return @current_ticket_granting_ticket unless @current_ticket_granting_ticket.nil?
+    find_valid_ticket_granting_ticket(cookies[:tgt], request.user_agent).tap do |tgt|
+      cookies.delete :tgt if tgt.nil?
+      @current_ticket_granting_ticket = tgt
+    end
+  end
+
+  def current_user
+    tgt = current_ticket_granting_ticket
+    return nil if tgt.nil?
+    tgt.user
+  end
+
+  def ensure_signed_in
+    redirect_to login_path unless signed_in?
+  end
+
+  def signed_in?
+    !current_ticket_granting_ticket.nil?
+  end
+
+  def sign_in(authentication_result, options = {})
+    tgt = acquire_ticket_granting_ticket(authentication_result, request.user_agent, options)
+    set_tgt_cookie(tgt)
+    handle_signed_in(tgt, options)
+  end
+
+  def set_tgt_cookie(tgt)
+    cookies[:tgt] = { value: tgt.ticket }.tap do |cookie|
+      if tgt.long_term?
+        cookie[:expires] = CASino.config.ticket_granting_ticket[:lifetime_long_term].seconds.from_now
+      end
+    end
+  end
+
+  def sign_out
+    remove_ticket_granting_ticket(cookies[:tgt], request.user_agent)
+    cookies.delete :tgt
+  end
+
+  private
+  def handle_signed_in(tgt, options = {})
+    if tgt.awaiting_two_factor_authentication?
+      @ticket_granting_ticket = tgt
+      render 'casino/sessions/validate_otp'
+    else
+      if params[:service].present?
+        begin
+          handle_signed_in_with_service(tgt, options)
+          return
+        rescue Addressable::URI::InvalidURIError => e
+          Rails.logger.warn "Service #{params[:service]} not valid: #{e}"
+        end
+      end
+      redirect_to sessions_path, status: :see_other
+    end
+  end
+
+  def handle_signed_in_with_service(tgt, options)
+    if !service_allowed?(params[:service])
+      @service = params[:service]
+      render 'casino/sessions/service_not_allowed', status: 403
+    else
+      url = acquire_service_ticket(tgt, params[:service], options).service_with_ticket_url
+      redirect_to url, status: :see_other
+    end
   end
 end