Class: Castanet::ServiceTicket
- Inherits:
-
Object
- Object
- Castanet::ServiceTicket
- Extended by:
- Forwardable
- Includes:
- QueryBuilding, Responses
- Defined in:
- lib/castanet/service_ticket.rb
Direct Known Subclasses
Instance Attribute Summary collapse
-
#https_required ⇒ Boolean
Set this to
false
to allow plain HTTP for CAS server communication. -
#pgt ⇒ String?
The PGT associated with this service ticket.
-
#proxy_callback_url ⇒ String?
The proxy callback URL to use for service validation.
-
#proxy_retrieval_url ⇒ String?
The URL of the service to use for retrieving PGTs.
-
#response ⇒ #ok?, #pgt_iou
The response from the CAS server.
-
#service ⇒ String?
readonly
The wrapped service URL.
-
#service_validate_url ⇒ String?
The URL of the CAS server's serviceValidate service.
-
#ticket ⇒ String?
readonly
The wrapped service ticket.
Instance Method Summary collapse
-
#initialize(ticket, service) ⇒ ServiceTicket
constructor
A new instance of ServiceTicket.
-
#present! ⇒ Object
Validates
ticket
for the service URL given inservice
. -
#retrieve_pgt! ⇒ Object
Retrieves a PGT from #proxy_retrieval_url using the PGT IOU.
Methods included from QueryBuilding
Methods included from Responses
#parsed_proxy_response, #parsed_ticket_validate_response
Constructor Details
#initialize(ticket, service) ⇒ ServiceTicket
Returns a new instance of ServiceTicket.
77 78 79 80 81 |
# File 'lib/castanet/service_ticket.rb', line 77 def initialize(ticket, service) @https_required = true @service = service @ticket = ticket end |
Instance Attribute Details
#https_required ⇒ Boolean
Set this to false
to allow plain HTTP for CAS server communication.
In almost all cases where CAS is used, there is no good reason to avoid HTTPS. However, if you
- need to have access to CAS server messages and
- are in an isolated development environment
then it may make sense to disable HTTPS.
This is usually set by Client.
26 27 28 |
# File 'lib/castanet/service_ticket.rb', line 26 def https_required @https_required end |
#pgt ⇒ String?
The PGT associated with this service ticket.
This is set after a successful invocation of #retrieve_pgt!.
75 76 77 |
# File 'lib/castanet/service_ticket.rb', line 75 def pgt @pgt end |
#proxy_callback_url ⇒ String?
The proxy callback URL to use for service validation.
32 33 34 |
# File 'lib/castanet/service_ticket.rb', line 32 def proxy_callback_url @proxy_callback_url end |
#proxy_retrieval_url ⇒ String?
The URL of the service to use for retrieving PGTs.
38 39 40 |
# File 'lib/castanet/service_ticket.rb', line 38 def proxy_retrieval_url @proxy_retrieval_url end |
#response ⇒ #ok?, #pgt_iou
The response from the CAS server.
Castanet::ServiceTicket sets this attribute whilst executing #present!, but it can be manually set for e.g. testing purposes.
65 66 67 |
# File 'lib/castanet/service_ticket.rb', line 65 def response @response end |
#service ⇒ String? (readonly)
The wrapped service URL.
56 57 58 |
# File 'lib/castanet/service_ticket.rb', line 56 def service @service end |
#service_validate_url ⇒ String?
The URL of the CAS server's serviceValidate service.
44 45 46 |
# File 'lib/castanet/service_ticket.rb', line 44 def service_validate_url @service_validate_url end |
#ticket ⇒ String? (readonly)
The wrapped service ticket.
50 51 52 |
# File 'lib/castanet/service_ticket.rb', line 50 def ticket @ticket end |
Instance Method Details
#present! ⇒ Object
Validates ticket
for the service URL given in service
. If
#proxy_callback_url is not nil, also attempts to retrieve the PGTIOU
for this service ticket.
CAS service tickets are one-time-use only
This method checks ticket
against service
using the CAS server, so you
must take care to only validate a given ticket
once.
Since ServiceTicket does not maintain any state with regard to whether a ServiceTicket instance has already been presented, multiple presentations of the same ticket will result in behavior like this:
st = service_ticket(ticket, service)
st.present!
st.ok? # => true
st.present!
st.ok? # => false
111 112 113 114 115 116 117 118 119 120 121 |
# File 'lib/castanet/service_ticket.rb', line 111 def present! uri = URI.parse(validation_url).tap do |u| u.query = validation_parameters end net_http(uri).start do |h| cas_response = h.get(uri.to_s) self.response = parsed_ticket_validate_response(cas_response.body) end end |
#retrieve_pgt! ⇒ Object
Retrieves a PGT from #proxy_retrieval_url using the PGT IOU.
CAS 2.0 does not specify whether PGTIOUs are one-time-use only.
Therefore, Castanet does not prevent multiple invocations of
retrieve_pgt!
; however, it is safest to assume that PGTIOUs are
one-time-use only.
CAS 2.0 also does not specify the response format for proxy callbacks.
retrieve_pgt!
assumes that a 200
response from #proxy_retrieval_url
will contain the PGT and only the PGT.
The retrieved PGT will be written to #pgt if this method succeeds.
138 139 140 141 142 143 144 145 146 |
# File 'lib/castanet/service_ticket.rb', line 138 def retrieve_pgt! uri = URI.parse(proxy_retrieval_url).tap do |u| u.query = query(['pgtIou', pgt_iou]) end net_http(uri).start do |h| self.pgt = h.get(uri.to_s).body end end |