Added a URL parameter that is automatically set to the referrer so that the...

Added a URL parameter that is automatically set to the referrer so that the user will be automatically redirected to the page that triggered the need for authentication.

lib/omniauth/strategies/cas.rb

 require 'omniauth/strategy'
+require 'addressable/uri'
 
 module OmniAuth
   module Strategies
@@ -44,7 +45,7 @@ module OmniAuth
         [
           302,
           {
-            'Location' => login_url(callback_url),
+            'Location' => login_url( append_params(callback_url, :url => request.referer) ),
             'Content-Type' => 'text/plain'
           },
           ["You are being redirected to CAS for sign-in."]
@@ -72,10 +73,11 @@ module OmniAuth
       # @param [String] ticket the ticket to validate
       #
       # @return [String] a URL like `http://cas.mycompany.com/serviceValidate?service=...&ticket=...`
-      def service_validate_url(service, ticket)
-        service = service.sub(/[?&]ticket=[^?&]+/, '')
-        url = cas_host + append_service(@options.service_validate_url, service)
-        url << '&ticket=' << Rack::Utils.escape(ticket)
+      def service_validate_url(service_url, ticket)
+        service_url = Addressable::URI.parse( service_url )
+        service_url.query_values = service_url.query_values.tap { |qs| qs.delete('ticket') }
+
+        cas_host + append_params(@options.service_validate_url, { :service => service_url.to_s, :ticket => ticket })
       end
 
       # Build a CAS login URL from +service+.
@@ -84,7 +86,13 @@ module OmniAuth
       #
       # @return [String] a URL like `http://cas.mycompany.com/login?service=...`
       def login_url(service)
-        cas_host + append_service( @options.login_url, service )
+        cas_host + append_params( @options.login_url, { :service => Rack::Utils.unescape(service) })
+      end
+
+      def append_params(base, params)
+        Addressable::URI.parse(base).tap do |base_uri|
+          base_uri.query_values = (base_uri.query_values || {}).merge( params )
+        end.to_s
       end
 
       # Adds +service+ as an URL-escaped parameter to +base+.
@@ -93,16 +101,12 @@ module OmniAuth
       # @param [String] service the service (a.k.a. return-to) URL.
       #
       # @return [String] the new joined URL.
-      def append_service(base, service)
-        result = base.dup
-        result << (result.include?('?') ? '&' : '?')
-        result << 'service='
-        result << Rack::Utils.escape(service)
+      # TODO: Deprecate this
+      def append_service( base, service )
+        append_params( base, :service => service )
       end
 
 
-
-
       # def cas_url( path )
       #   "#{cas_protocol}://#{@options.host}#{@options.port}#{path}"
       # end

omniauth-cas.gemspec

@@ -17,6 +17,7 @@ Gem::Specification.new do |gem|
 
   gem.add_dependency 'omniauth', '~> 1.0'
   gem.add_dependency 'nokogiri', '~> 1.5'
+  gem.add_dependency 'addressable', '~> 2.2'
 
   gem.add_development_dependency 'rake', '~> 0.9'
   gem.add_development_dependency 'webmock', '~> 1.7'

spec/omniauth/strategies/cas_spec.rb

@@ -12,20 +12,17 @@ describe OmniAuth::Strategies::CAS, :type => :strategy do
     }.to_app
   end
 
-  # def session
-  #   last_request.env['rack.session']
-  # end
-
   describe 'GET /auth/cas' do
     before do
-      get '/auth/cas'
+      get '/auth/cas', nil, { 'HTTP_REFERER' => 'http://myapp.com/admin/foo'}
     end
 
+    let(:redirect_params) { "service=" + CGI.escape("http://example.org/auth/cas/callback?url=http://myapp.com/admin/foo") }
     subject { last_response }
 
     it { should be_redirect }
     it "should redirect to the CAS server" do
-      subject.headers['Location'].should == "https://cas.example.org/login?service=" + CGI.escape("http://example.org/auth/cas/callback")
+      subject.headers['Location'].should == "https://cas.example.org/login?" + redirect_params
     end
   end