1) Add validation tests (+ error class in order to pass)

2) Fixed login ticket lifetime bug (maximum_unused_login_ticket_lifetime was not used in login ticket validation)
3) Add remember_me functionality in the core
4) Change how service tickets are generated. Now each service tickets inherits from TicketGrantingTicket
in a way to imitate activerecord's belongs_to/has_many.
5) Other minor improvements
6) Tested with rubycas-server-rails engine

Author: vasilakisfil

.gitignore

@@ -1,5 +1,6 @@
 *.gem
 *.rbc
+log
 .bundle
 .config
 .yardoc
@@ -16,3 +17,4 @@ test/tmp
 test/version_tmp
 tmp
 *.DS_Store
+*.db

Gemfile

@@ -1,20 +1,2 @@
 source 'https://rubygems.org'
 gemspec
-
-group :development do
-  # for gems that are nice in development
-  # but don't break the build when missing
-  # Example: debugger
-  gem 'debugger'
-  gem "guard"
-  gem "guard-rspec"
-
-  gem 'rb-inotify', :require => false
-  gem 'rb-fsevent', :require => false
-  gem 'rb-fchange', :require => false
-end
-
-group :test do
-  gem 'rake'
-  gem 'rspec'
-end

lib/rubycas-server-core.rb

@@ -1,6 +1,7 @@
 require "logger"
 require "r18n-core"
 require "rubycas-server-core/version"
+require "rubycas-server-core/error"
 require "rubycas-server-core/authenticator"
 require "rubycas-server-core/settings"
 require "rubycas-server-core/database"

lib/rubycas-server-core/adapters/in_memory/service_ticket.rb

@@ -2,7 +2,7 @@ module RubyCAS
   module Server
     module Core
       module Tickets
-        class ServiceTicket < Storage
+        class ServiceTicket < RubyCAS::Server::Core::Tickets::TicketGrantingTicket
 
           attr_accessor :id, :ticket, :consumed, :client_hostname,
                         :username, :created_at, :updated_at, :proxy_granting_ticket,

lib/rubycas-server-core/adapters/in_memory/storage.rb

@@ -16,6 +16,11 @@ def save
             return true
           end
 
+          def save!
+            self.class.storage[@id] = self
+            return true
+          end
+
         end
       end
     end

lib/rubycas-server-core/adapters/in_memory/ticket_granting_ticket.rb

@@ -5,7 +5,7 @@ module Tickets
         class TicketGrantingTicket < Storage
           attr_accessor :id, :ticket, :client_hostname, :username,
                         :extra_attributes, :service_tickets, :proxy_tickets,
-                        :created_at, :updated_at
+                        :remember_me, :created_at, :updated_at
 
           def initialize(tgt = {})
             @id = SecureRandom.uuid
@@ -15,6 +15,7 @@ def initialize(tgt = {})
             @extra_attributes = tgt[:extra_attributes]
             @service_tickets = tgt[:service_tickets]
             @proxy_tickets = tgt[:proxy_tickets]
+            @remember_me = tgt[:remember_me]
             @created_at = DateTime.now
             @updated_at = DateTime.now
             super()
@@ -31,6 +32,10 @@ def expired?(max_lifetime)
             lifetime = Time.now.to_i - created_at.to_time.to_i
             lifetime > max_lifetime
           end
+
+          def service_tickets
+            ServiceTicket
+          end
         end
       end
     end

lib/rubycas-server-core/error.rb

@@ -0,0 +1,18 @@
+module RubyCAS::Server::Core
+  # TODO: Add better dependency injection
+  # TODO: add predefined messages/errors
+  module Error
+    class Error
+      attr_reader :code, :message
+
+      def initialize(code, message)
+        @code = code
+        @message = message
+      end
+
+      def to_s
+        message
+      end
+    end
+  end
+end

lib/rubycas-server-core/tickets.rb

@@ -10,7 +10,7 @@ def self.generate_login_ticket(client)
           lt = LoginTicket.new
           lt.ticket = "LT-" + Util.random_string
           lt.client_hostname = client
-          if lt.save
+          if lt.save!
             $LOG.debug("Login ticket '#{lt.ticket} has been created for '#{lt.client_hostname}'")
             return lt
           else
@@ -24,13 +24,19 @@ def self.generate_login_ticket(client)
         # The optional 'extra_attributes' parameter takes a hash of additional attributes
         # that will be sent along with the username in the CAS response to subsequent
         # validation requests from clients.
-        def self.generate_ticket_granting_ticket(username, client, extra_attributes = {})
+        def self.generate_ticket_granting_ticket(
+          username,
+          client,
+          remember_me = false,
+          extra_attributes = {}
+        )
           tgt = TicketGrantingTicket.new
           tgt.ticket = "TGC-" + Util.random_string
           tgt.username = username
-          tgt.extra_attributes = extra_attributes
+          tgt.remember_me = remember_me
+          tgt.extra_attributes = extra_attributes.to_s
           tgt.client_hostname = client
-          if tgt.save
+          if tgt.save!
             $LOG.debug("Generated ticket granting ticket '#{tgt.ticket}' for user" +
               " '#{tgt.username}' at '#{tgt.client_hostname}'" +
               (extra_attributes.empty? ? "" : " with extra attributes #{extra_attributes.inspect}"))
@@ -41,7 +47,7 @@ def self.generate_ticket_granting_ticket(username, client, extra_attributes = {}
         end
 
         def self.generate_service_ticket(service, username, tgt, client)
-          st = ServiceTicket.new
+          st = tgt.service_tickets.new
           st.ticket = "ST-" + Util.random_string
           st.service = service
           st.username = username

lib/rubycas-server-core/tickets/validations.rb

@@ -1,6 +1,9 @@
+require "rubycas-server-core/error"
+
 module RubyCAS::Server::Core::Tickets
   module Validations
     include R18n::Helpers
+    include RubyCAS::Server::Core::Error
 
     # Validate login ticket
     #
@@ -17,11 +20,11 @@ def validate_login_ticket(ticket)
         if lt.consumed?
           error = t.error.login_ticket_already_used
           $LOG.warn "Login ticket '#{ticket}' already consumed!"
-        elsif not lt.expired?(RubyCAS::Server::Core::Settings.maximum_unused_service_ticket_lifetime)
+        elsif not lt.expired?(RubyCAS::Server::Core::Settings.maximum_unused_login_ticket_lifetime)
           $LOG.info "Login ticket '#{ticket}' successfully validated"
           lt.consume!
           success = true
-        elsif lt.expired?(RubyCAS::Server::Core::Settings.maximum_unused_service_ticket_lifetime)
+        elsif lt.expired?(RubyCAS::Server::Core::Settings.maximum_unused_login_ticket_lifetime)
           error = t.error.login_timeout
           $LOG.warn "Expired login ticket '#{ticket}'"
         end
@@ -38,7 +41,13 @@ def validate_ticket_granting_ticket(ticket)
       $LOG.debug "No ticket granting ticket given." if ticket.nil?
 
       if tgt = TicketGrantingTicket.find_by_ticket(ticket)
-        if tgt.expired?(RubyCAS::Server::Core::Settings.maximum_session_lifetime)
+        if tgt.remember_me
+          max_lifetime = RubyCAS::Server::Core::Settings.maximum_session_lifetime
+        else
+          max_lifetime = RubyCAS::Server::Core::Settings.maximum_remember_me_lifetime
+        end
+
+        if tgt.expired?(max_lifetime)
           tgt.destroy
           error = "Your session has expired. Please log in again."
           $LOG.info "Ticket granting ticket '#{ticket}' for user '#{tgt.username}' expired."

rubycas-server-core.gemspec

@@ -19,4 +19,8 @@ Gem::Specification.new do |gem|
 
   gem.add_dependency "r18n-core"
   gem.add_dependency "activesupport", ">= 3.0"
+
+  gem.add_development_dependency "rake"
+  gem.add_development_dependency "rspec"
+  gem.add_development_dependency "bundler"
 end