Created
August 27, 2014 11:41
-
-
Save vparihar01/0fb5d08a328bad550c1c to your computer and use it in GitHub Desktop.
This particular gist it to make sure your CAS backed application is intercepting the Sign Out request for all your Rails applications which been using devise+CAS Authenticable Module for sign in and sign out. To use this We first need to place the single_sign_out.rb file in our lib folder. And then just include this SingleSignOut in your applica…
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
class ApplicationController < ActionController::Base | |
require "single_sign_out" | |
before_filter :authenticate_user! | |
include SingleSignOut | |
#NOTE: Define this will inspect logger info of paramenter,controller name and action | |
def print_logger_info parameter | |
logger.info "######{" Controller : "+params[:controller]+" "}#################{" Action : "+params[:action]+" "}###########{" Parameters : "+parameter.inspect+" "}#############}" if Rails.env.development? | |
logger.info "###=>>>>>>>>>>>>>>>>>>session['cas_last_valid_ticket']###{session['cas_last_valid_ticket'].inspect}" | |
logger.info "######=>>>>>>>>>>>>>>>>>>session inspect###{session.inspect}" | |
logger.info "######=>>>>>>>>>>>>>>>>>>current_user.inspect ###{current_user.inspect}" | |
end | |
end |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
module SingleSignOut | |
def self.included(base) | |
base.send(:before_filter, :check_url) | |
#base.send(:after_filter, :another_method) | |
end | |
def check_url | |
logger.debug "!!!!!!!!!=>>>>>>>> request.session_options[:id] <<<<<<< #{request.session_options[:id]} " | |
logger.debug "Intercepted check_url request for CAS session #{params.inspect}. #{session.inspect}" | |
logger.debug "Intercepted Devise CasSessions get/post request for CAS session #{params.inspect}." | |
ticket = read_ticket(session) | |
session_id = read_session_id | |
logger.debug "Intercepted Devise CasSessions get/post request for CAS session session_id =>>>>#{session_id} ticket =>>>>> #{ticket}." | |
if ticket | |
store_session_id_for_index(ticket, session_id) | |
end | |
end | |
def store_session_id_for_index(session_index, session_id) | |
logger.debug("Storing #{session_id} for index #{session_index}") | |
cache = Rails.cache.write(cache_key(session_index), session_id) #unless session_index_exist(session_index) | |
logger.debug("Stored #{cache.inspect} for index #{session_index}") | |
end | |
#NOTE:define This method returns the session_id of the application for the user stored in Rails cache by devise. | |
def find_session_id_by_index(session_index) | |
sid = Rails.cache.read(cache_key(session_index)) | |
logger.debug("Found session id #{sid} for index #{session_index}") | |
sid | |
end | |
#NOTE:define This method destroys the cas and devise session for the current user. | |
def destroy_cas_session(session_id, session_index) | |
if session = Rails.application.config.session_store.session_class.where(:_id => session_id) | |
logger.debug("Deleting session #{session.inspect}") | |
session.destroy | |
end | |
logger.debug("Deleting index #{session_index}") | |
delete_session_index(session_index) | |
end | |
#NOTE:define This methods accepts the params from the request and return the SessionIndex value(name of cas ticket). | |
def read_session_index | |
if request.headers['CONTENT_TYPE'] =~ %r{^multipart/} | |
false | |
elsif request.post? && params['logoutRequest'] =~ | |
%r{^<samlp:LogoutRequest.*?<samlp:SessionIndex>(.*)</samlp:SessionIndex>}m | |
$~[1] | |
else | |
false | |
end | |
end | |
private | |
#NOTE:define This method destroys Rails cache current user. | |
def delete_session_index(session_index) | |
logger.debug("Deleting index 2 #{session_index}") | |
Rails.cache.delete(cache_key(session_index)) | |
end | |
#NOTE:define This method returns the present mongoid session for the app from mongoid-store. | |
def read_session_id | |
session_id = request.session_options[:id] | |
end | |
#NOTE:define This method checks the cas and devise session is already present/created. | |
def session_index_exist(session_index) | |
logger.debug("Searching index #{session_index}") | |
Rails.cache.exist?(cache_key(session_index)) | |
end | |
#NOTE:define this method prepare and return the cas session filename, | |
# in which session_id is stored for that cas ticket. | |
def cache_key(session_index) | |
"devise_cas_authenticatable:#{session_index}" | |
end | |
#NOTE:define This methods accepts the params from the request and return the SessionIndex value(name of cas ticket). | |
def read_ticket(params) | |
logger.debug("read_ticket #{params.inspect}") | |
ticket = params[:cas_last_valid_ticket] | |
end | |
end |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment