Module: CASinoCore::Helper::ServiceTickets

Includes:
Logger, ProxyTickets, Tickets
Included in:
Processor::API::LoginCredentialAcceptor, Processor::API::ServiceTicketProvider, Processor::LegacyValidator, Processor::LoginCredentialAcceptor, Processor::LoginCredentialRequestor, Processor::SecondFactorAuthenticationAcceptor, Processor::ServiceTicketValidator
Defined in:
lib/casino_core/helper/service_tickets.rb

Defined Under Namespace

Classes: ServiceNotAllowedError

Constant Summary collapse

RESERVED_CAS_PARAMETER_KEYS = 
['service', 'ticket', 'gateway', 'renew']

Constants included from Tickets

Tickets::ALLOWED_TICKET_STRING_CHARACTERS

Instance Method Summary collapse

Methods included from ProxyTickets

#acquire_proxy_ticket, #ticket_valid_for_service?, #validate_ticket_for_service

Methods included from Tickets

#random_ticket_string

Methods included from Logger

#logger

Instance Method Details

#acquire_service_ticket(ticket_granting_ticket, service, credentials_supplied = nil) ⇒ Object 



14
15
16
17
18
19
20
21
22
23
24
25
26
 
# File 'lib/casino_core/helper/service_tickets.rb', line 14

def acquire_service_ticket(ticket_granting_ticket, service, credentials_supplied = nil)
  service_url = clean_service_url(service)
  unless CASinoCore::Model::ServiceRule.allowed?(service_url)
    message = "#{service_url} is not in the list of allowed URLs"
    logger.error message
    raise ServiceNotAllowedError, message
  end
  ticket_granting_ticket.service_tickets.create!({
    ticket: random_ticket_string('ST'),
    service: service_url,
    issued_from_credentials: !!credentials_supplied
  })
end

#clean_service_url(dirty_service) ⇒ Object 



28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
 
# File 'lib/casino_core/helper/service_tickets.rb', line 28

def clean_service_url(dirty_service)
  return dirty_service if dirty_service.blank?
  service_uri = Addressable::URI.parse dirty_service
  unless service_uri.query_values.nil?
    service_uri.query_values = service_uri.query_values(Array).select { |k,v| !RESERVED_CAS_PARAMETER_KEYS.include?(k) }
  end
  if service_uri.query_values.blank?
    service_uri.query_values = nil
  end

  service_uri.path = (service_uri.path || '').gsub(/\/+\z/, '')
  service_uri.path = '/' if service_uri.path.blank?

  clean_service = service_uri.to_s

  logger.debug("Cleaned dirty service URL '#{dirty_service}' to '#{clean_service}'") if dirty_service != clean_service

  clean_service
end