lib/casserver/controllers.rb in gunark-rubycas-server-0.8.0.20090213 vs lib/casserver/controllers.rb in gunark-rubycas-server-0.8.0.20090225
- old
+ new
@@ -9,32 +9,32 @@
class Login < R '/', '/login'
include CASServer::CAS
# 2.1.1
def get
- CASServer::Utils::log_controller_action(self.class, @input)
+ CASServer::Utils::log_controller_action(self.class, input)
# make sure there's no caching
headers['Pragma'] = 'no-cache'
headers['Cache-Control'] = 'no-store'
headers['Expires'] = (Time.now - 1.year).rfc2822
# optional params
- @service = clean_service_url(@input['service'])
- @renew = @input['renew']
- @gateway = @input['gateway'] == 'true' || @input['gateway'] == '1'
+ @service = clean_service_url(input['service'])
+ @renew = input['renew']
+ @gateway = input['gateway'] == 'true' || input['gateway'] == '1'
- if tgc = @cookies[:tgt]
+ if tgc = cookies['tgt']
tgt, tgt_error = validate_ticket_granting_ticket(tgc)
end
if tgt and !tgt_error
@message = {:type => 'notice',
:message => _("You are currently logged in as '%s'. If this is not you, please log in below.") % tgt.username }
end
- if @input['redirection_loop_intercepted']
+ if input['redirection_loop_intercepted']
@message = {:type => 'mistake',
:message => _("The client and server are unable to negotiate authentication. Please try logging in again later.")}
end
begin
@@ -70,18 +70,18 @@
# If the 'onlyLoginForm' parameter is specified, we will only return the
# login form part of the page. This is useful for when you want to
# embed the login form in some external page (as an IFRAME, or otherwise).
# The optional 'submitToURI' parameter can be given to explicitly set the
# action for the form, otherwise the server will try to guess this for you.
- if @input.has_key? 'onlyLoginForm'
+ if input.has_key? 'onlyLoginForm'
if @env['HTTP_HOST']
guessed_login_uri = "http#{@env['HTTPS'] && @env['HTTPS'] == 'on' ? 's' : ''}://#{@env['REQUEST_URI']}#{self / '/login'}"
else
guessed_login_uri = nil
end
- @form_action = @input['submitToURI'] || guessed_login_uri
+ @form_action = input['submitToURI'] || guessed_login_uri
if @form_action
render :login_form
else
@status = 500
@@ -92,19 +92,19 @@
end
end
# 2.2
def post
- CASServer::Utils::log_controller_action(self.class, @input)
+ CASServer::Utils::log_controller_action(self.class, input)
# 2.2.1 (optional)
- @service = clean_service_url(@input['service'])
+ @service = clean_service_url(input['service'])
# 2.2.2 (required)
- @username = @input['username']
- @password = @input['password']
- @lt = @input['lt']
+ @username = input['username']
+ @password = input['password']
+ @lt = input['lt']
# Remove leading and trailing widespace from username.
@username.strip! if @username
if @username && $CONF[:downcase_username]
@@ -167,19 +167,19 @@
else
expiry_info = " It will not expire."
end
if $CONF.expire_sessions
- @cookies[:tgt] = {
+ cookies['tgt'] = {
:value => tgt.to_s,
:expires => Time.now + $CONF.ticket_granting_ticket_expiry
}
else
- @cookies[:tgt] = tgt.to_s
+ cookies['tgt'] = tgt.to_s
end
- $LOG.debug("Ticket granting cookie '#{@cookies[:tgt].inspect}' granted to '#{@username.inspect}'. #{expiry_info}")
+ $LOG.debug("Ticket granting cookie '#{cookies['tgt'].inspect}' granted to '#{@username.inspect}'. #{expiry_info}")
if @service.blank?
$LOG.info("Successfully authenticated user '#{@username}' at '#{tgt.client_hostname}'. No service param was given, so we will not redirect.")
@message = {:type => 'confirmation', :message => _("You have successfully logged in.")}
else
@@ -209,24 +209,24 @@
class Logout < R '/logout'
include CASServer::CAS
# 2.3.1
def get
- CASServer::Utils::log_controller_action(self.class, @input)
+ CASServer::Utils::log_controller_action(self.class, input)
# The behaviour here is somewhat non-standard. Rather than showing just a blank
# "logout" page, we take the user back to the login page with a "you have been logged out"
# message, allowing for an opportunity to immediately log back in. This makes it
# easier for the user to log out and log in as someone else.
- @service = clean_service_url(@input['service'] || @input['destination'])
- @continue_url = @input['url']
+ @service = clean_service_url(input['service'] || input['destination'])
+ @continue_url = input['url']
- @gateway = @input['gateway'] == 'true' || @input['gateway'] == '1'
+ @gateway = input['gateway'] == 'true' || input['gateway'] == '1'
- tgt = CASServer::Models::TicketGrantingTicket.find_by_ticket(@cookies[:tgt])
+ tgt = CASServer::Models::TicketGrantingTicket.find_by_ticket(cookies['tgt'])
- @cookies.delete :tgt
+ cookies.delete 'tgt'
if tgt
CASServer::Models::TicketGrantingTicket.transaction do
pgts = CASServer::Models::ProxyGrantingTicket.find(:all,
:conditions => [CASServer::Models::Base.connection.quote_table_name(CASServer::Models::ServiceTicket.table_name)+".username = ?", tgt.username],
@@ -277,17 +277,17 @@
class Validate < R '/validate'
include CASServer::CAS
# 2.4.1
def get
- CASServer::Utils::log_controller_action(self.class, @input)
+ CASServer::Utils::log_controller_action(self.class, input)
# required
- @service = clean_service_url(@input['service'])
- @ticket = @input['ticket']
+ @service = clean_service_url(input['service'])
+ @ticket = input['ticket']
# optional
- @renew = @input['renew']
+ @renew = input['renew']
st, @error = validate_service_ticket(@service, @ticket)
@success = st && !@error
@username = st.username if @success
@@ -302,18 +302,18 @@
class ServiceValidate < R '/serviceValidate'
include CASServer::CAS
# 2.5.1
def get
- CASServer::Utils::log_controller_action(self.class, @input)
+ CASServer::Utils::log_controller_action(self.class, input)
# required
- @service = clean_service_url(@input['service'])
- @ticket = @input['ticket']
+ @service = clean_service_url(input['service'])
+ @ticket = input['ticket']
# optional
- @pgt_url = @input['pgtUrl']
- @renew = @input['renew']
+ @pgt_url = input['pgtUrl']
+ @renew = input['renew']
st, @error = validate_service_ticket(@service, @ticket)
@success = st && !@error
if @success
@@ -335,18 +335,18 @@
class ProxyValidate < R '/proxyValidate'
include CASServer::CAS
# 2.6.1
def get
- CASServer::Utils::log_controller_action(self.class, @input)
+ CASServer::Utils::log_controller_action(self.class, input)
# required
- @service = clean_service_url(@input['service'])
- @ticket = @input['ticket']
+ @service = clean_service_url(input['service'])
+ @ticket = input['ticket']
# optional
- @pgt_url = @input['pgtUrl']
- @renew = @input['renew']
+ @pgt_url = input['pgtUrl']
+ @renew = input['renew']
@proxies = []
t, @error = validate_proxy_ticket(@service, @ticket)
@success = t && !@error
@@ -376,15 +376,15 @@
class Proxy < R '/proxy'
include CASServer::CAS
# 2.7
def get
- CASServer::Utils::log_controller_action(self.class, @input)
+ CASServer::Utils::log_controller_action(self.class, input)
# required
- @ticket = @input['pgt']
- @target_service = @input['targetService']
+ @ticket = input['pgt']
+ @target_service = input['targetService']
pgt, @error = validate_proxy_granting_ticket(@ticket)
@success = pgt && !@error
if @success
@@ -404,19 +404,19 @@
# POST method.
class LoginTicketDispenser < R '/loginTicket'
include CASServer::CAS
def get
- CASServer::Utils::log_controller_action(self.class, @input)
+ CASServer::Utils::log_controller_action(self.class, input)
$LOG.error("Tried to use login ticket dispenser with get method!")
@status = 422
_("To generate a login ticket, you must make a POST request.")
end
# Renders a page with a login ticket (and only the login ticket)
# in the response body.
def post
- CASServer::Utils::log_controller_action(self.class, @input)
+ CASServer::Utils::log_controller_action(self.class, input)
lt = generate_login_ticket
$LOG.debug("Dispensing login ticket #{lt} to host #{(@env['HTTP_X_FORWARDED_FOR'] || @env['REMOTE_HOST'] || @env['REMOTE_ADDR']).inspect}")
@lt = lt.ticket