Merge pull request #50 from locaweb/feat/cas-extra-attributes

Make all other cas attributes avaliable in user object
locaweb · Jul 12, 2023 · 9175a36 · 9175a36
2 parents 4e825e2 + e61356b
commit 9175a36
Show file tree

Hide file tree

Showing 12 changed files with 67 additions and 20 deletions.
diff --git a/.gitignore b/.gitignore
@@ -7,3 +7,5 @@ coverage/
 /spec/support/last_execution_examples_result.txt
 .tags_sorted_by_file
 /Gemfile.lock
+/vendor/bundle
+/.bundle
diff --git a/CHANGELOG.md b/CHANGELOG.md
@@ -4,6 +4,9 @@ This project adheres to [Semantic Versioning](http://semver.org/).
 
 ## UNRELEASED
 
+### Added
+- Make CAS extra attributes available in `Cas::Authentication::User`
+
 ## [1.6.0] - 2020-11-26
 ### Changed
 - Make `cas_extra_attributes` accessible as strings or symbols when restoring

diff --git a/cassette.gemspec b/cassette.gemspec
@@ -15,6 +15,7 @@ Gem::Specification.new do |gem|
   gem.add_development_dependency 'rspec', '~> 3.0'
   gem.add_development_dependency 'rspec-its'
   gem.add_development_dependency 'rake'
+
   if RUBY_VERSION >= '2.3.0'
     gem.add_development_dependency 'pry-byebug'
   else

diff --git a/lib/cassette/authentication.rb b/lib/cassette/authentication.rb
@@ -36,13 +36,16 @@ def ticket_user(ticket, service = config.service)
 
           logger.info("Validation resut: #{response.inspect}")
 
+          return nil unless ticket_response.login
+
           Cassette::Authentication::User.new(
             login: ticket_response.login,
             name: ticket_response.name,
             authorities: ticket_response.authorities,
+            extra_attributes: ticket_response.extra_attributes,
             ticket: ticket,
             config: config
-          ) if ticket_response.login
+          )
         rescue => exception
           logger.error "Error while authenticating ticket #{ticket}: #{exception.message}"
           raise Cassette::Errors::Forbidden, exception.message

diff --git a/lib/cassette/authentication/user.rb b/lib/cassette/authentication/user.rb
@@ -9,18 +9,22 @@ class Authentication
     class User
       extend Forwardable
 
-      attr_accessor :login, :name, :authorities, :email, :ticket, :type
+      attr_accessor :login, :name, :authorities, :email, :ticket, :type,
+                    :extra_attributes
+
       def_delegators :@authorities, :has_role?, :has_raw_role?
 
       def initialize(attrs = {})
-        config       = attrs[:config]
-        @login       = attrs[:login]
-        @name        = attrs[:name]
-        @type        = attrs[:type]
-        @email       = attrs[:email]
-        @ticket      = attrs[:ticket]
-        @authorities = Cassette::Authentication::Authorities
-                       .parse(attrs.fetch(:authorities, '[]'), config && config.base_authority)
+        config            = attrs[:config]
+        @login            = attrs[:login]
+        @name             = attrs[:name]
+        @type             = attrs[:type]
+        @email            = attrs[:email]
+        @ticket           = attrs[:ticket]
+        @extra_attributes = attrs[:extra_attributes]
+        @authorities      = Cassette::Authentication::Authorities
+                            .parse(attrs.fetch(:authorities, '[]'),
+                                   config&.base_authority)
       end
 
       %w(customer employee).each do |type|

diff --git a/lib/cassette/cache.rb b/lib/cassette/cache.rb
@@ -1,6 +1,7 @@
 # encoding: UTF-8
 
 begin
+  require 'active_support'
   require 'active_support/cache'
 rescue LoadError
   require 'cassette/cache/null_store'

diff --git a/lib/cassette/http/ticket_response.rb b/lib/cassette/http/ticket_response.rb
@@ -4,7 +4,7 @@
 module Cassette
   module Http
     class TicketResponse
-      attr_reader :login, :name, :authorities
+      attr_reader :login, :name, :extra_attributes, :authorities
 
       def initialize(response)
         namespaces = { "cas" => "http://www.yale.edu/tp/cas" }
@@ -22,8 +22,9 @@ def initialize(response)
             elements.
             map { |e| [e.name, e.text] }]
 
-          @name = attributes['cn']
-          @authorities = attributes['authorities']
+          @name = attributes.delete('cn')
+          @authorities = attributes.delete('authorities')
+          @extra_attributes = attributes
         end
       end
     end

diff --git a/lib/cassette/rubycas/user_factory.rb b/lib/cassette/rubycas/user_factory.rb
@@ -5,10 +5,11 @@ def from_session(session)
         attributes = session[:cas_extra_attributes]
         attributes = attributes.with_indifferent_access if attributes.respond_to?(:with_indifferent_access)
         Cassette::Authentication::User.new(login: session[:cas_user],
-                                           name: attributes.try(:[], :cn),
-                                           email: attributes.try(:[], :email),
-                                           authorities: attributes.try(:[], :authorities),
-                                           type: attributes.try(:[], :type).try(:downcase))
+                                           name: attributes.try(:delete, :cn),
+                                           email: attributes.try(:delete, :email),
+                                           authorities: attributes.try(:delete, :authorities),
+                                           type: attributes.try(:delete, :type).try(:downcase),
+                                           extra_attributes: attributes)
       end
     end
   end

diff --git a/spec/cassette/authentication/user_factory_spec.rb b/spec/cassette/authentication/user_factory_spec.rb
@@ -17,7 +17,8 @@
         cas_extra_attributes: {
           email: Faker::Internet.email(name),
           type: 'Customer',
-          authorities: '[CASTEST_ADMIN]'
+          authorities: '[CASTEST_ADMIN]',
+          extra: 'some value'
         }
       }
     end
@@ -35,11 +36,15 @@
       its(:name) { is_expected.to eq(attributes[:name]) }
       its(:email) { is_expected.to eq(attributes[:email]) }
       its(:type) { is_expected.to eq(attributes[:type].downcase) }
+      its(:extra_attributes) do
+        is_expected
+          .to eq(attributes.except(:email, :type, :authorities).stringify_keys)
+      end
       it { is_expected.to be_customer }
       it { is_expected.not_to be_employee }
     end
 
-    context 'when key cas_extra_attributes is string' do
+    context 'when key authorities is a string' do
       let(:session) do
         name = Faker.name
 

diff --git a/spec/cassette/authentication/user_spec.rb b/spec/cassette/authentication/user_spec.rb
@@ -1,4 +1,4 @@
-
+require 'spec_helper'
 
 describe Cassette::Authentication::User do
   let(:base_authority) do

diff --git a/spec/cassette/http/ticket_response_spec.rb b/spec/cassette/http/ticket_response_spec.rb
@@ -38,4 +38,28 @@
       it { is_expected.to be_nil }
     end
   end
+
+  describe '#extra_attributes' do
+    it 'converts the nodes to a hash' do
+      expect(ticket_response.extra_attributes['extra']).to eq('value')
+    end
+
+    it 'does not change keys' do
+      expect(ticket_response.extra_attributes['camelKey']).to eq('camelValue')
+    end
+
+    it 'does not include login, name nor authorities' do
+      expect(ticket_response.extra_attributes).not_to have_key('login')
+      expect(ticket_response.extra_attributes).not_to have_key('name')
+      expect(ticket_response.extra_attributes).not_to have_key('authorities')
+    end
+
+    context "when response isn't successful"  do
+      let(:xml_response) { fixture('cas/fail.xml') }
+
+      it 'is nil' do
+        expect(ticket_response.extra_attributes).to be_nil
+      end
+    end
+  end
 end
diff --git a/spec/fixtures/cas/success.xml b/spec/fixtures/cas/success.xml
@@ -6,6 +6,8 @@
     <cas:attributes>
       <cas:authorities>[CUPOM, AUDITING,]</cas:authorities>
       <cas:cn>Test System</cas:cn>
+      <cas:extra>value</cas:extra>
+      <cas:camelKey>camelValue</cas:camelKey>
     </cas:attributes>
     <!-- End Ldap Attributes -->
     </cas:authenticationSuccess>