class Maestrano::SSO::Session

Attributes

group_uid[RW]
recheck[RW]
session[RW]
session_token[RW]
uid[RW]

Public Class Methods

from_user_auth_hash(session, auth) click to toggle source

Load a Maestrano::SSO::Session object from a hash generated by Maestrano::SSO::BaseUser#to_hash

# File lib/maestrano/sso/session.rb, line 8
def self.from_user_auth_hash(session, auth)
  instance = self.new({})
  instance.session = session
  
  if (extra = (auth[:extra] || auth['extra'])) && (sso_session = (extra[:session] || extra['session']))
    instance.uid = (sso_session[:uid] || sso_session['uid'])
    instance.session_token = (sso_session[:token] || sso_session['token'])
    instance.group_uid = (sso_session[:group_uid] || sso_session['group_uid'])
    if recheck = (sso_session[:recheck] || sso_session['recheck'])
      instance.recheck = recheck
    end
  end
  return instance
end
new(session) click to toggle source
# File lib/maestrano/sso/session.rb, line 23
def initialize(session)
  self.session = session
  if (self.session = session)
    begin
      if mno_session = (self.session[:maestrano] || self.session['maestrano'])
        decrypted_session = JSON.parse(Base64.decode64(mno_session))
        self.uid = decrypted_session['uid']
        self.session_token = decrypted_session['session']
        self.recheck = Time.iso8601(decrypted_session['session_recheck'])
        self.group_uid = decrypted_session['group_uid']
      end
    rescue
    end
  end
end

Public Instance Methods

perform_remote_check() click to toggle source

Check remote maestrano session and update the recheck attribute if the session is still valid Return true if the session is still valid and false otherwise

# File lib/maestrano/sso/session.rb, line 50
def perform_remote_check
  # Get remote session info
  url = Maestrano::SSO.session_check_url(self.uid, self.session_token)
  begin
    response = RestClient.get(url)
    response = JSON.parse(response)
  rescue Exception => e
    response = {}
  end
  
  # Process response
  if response['valid'] && response['recheck']
    self.recheck = Time.iso8601(response['recheck'])
    return true
  end
  
  return false
end
remote_check_required?() click to toggle source
# File lib/maestrano/sso/session.rb, line 39
def remote_check_required?
  if self.uid && self.session_token && self.recheck
    return (self.recheck <= Time.now)
  end
  return true
end
save() click to toggle source
# File lib/maestrano/sso/session.rb, line 96
def save
  self.session[:maestrano] = Base64.encode64({
    uid: self.uid,
    session: self.session_token,
    session_recheck: self.recheck.utc.iso8601,
    group_uid: self.group_uid
  }.to_json)
end
valid?(opts = {}) click to toggle source

Check whether this mno session is valid or not Return true if SLO is disabled (via sso.slo_enabled config param) Return false if no session defined


opts: if_session: if true then the session will be considered valid if the http session is nil or does not have a maestrano key. Useful when the validity of a session should be restricted to maestrano users only within an application

# File lib/maestrano/sso/session.rb, line 80
def valid?(opts = {})
  return true unless Maestrano.param('sso.slo_enabled')
  return true if opts[:if_session] && (!self.session || (!self.session[:maestrano] && !self.session['maestrano']))
  return false unless self.session 
  
  if self.remote_check_required?
    if perform_remote_check
      self.save
      return true
    else
      return false
    end
  end
  return true
end