Class: Castanet::ServiceTicket

Inherits:
Object
  • Object
show all
Extended by:
Forwardable
Includes:
QueryBuilding, Responses
Defined in:
lib/castanet/service_ticket.rb

Direct Known Subclasses

ProxyTicket

Instance Attribute Summary collapse

Instance Method Summary collapse

Methods included from QueryBuilding

#query

Methods included from Responses

#parsed_proxy_response, #parsed_ticket_validate_response

Constructor Details

#initialize(ticket, service) ⇒ ServiceTicket

Returns a new instance of ServiceTicket.



77
78
79
80
81
# File 'lib/castanet/service_ticket.rb', line 77

def initialize(ticket, service)
  @https_required = true
  @service = service
  @ticket = ticket
end

Instance Attribute Details

#https_requiredBoolean

Set this to false to allow plain HTTP for CAS server communication.

In almost all cases where CAS is used, there is no good reason to avoid HTTPS. However, if you

  1. need to have access to CAS server messages and
  2. are in an isolated development environment

then it may make sense to disable HTTPS.

This is usually set by Client.

Returns:

  • (Boolean)


26
27
28
# File 'lib/castanet/service_ticket.rb', line 26

def https_required
  @https_required
end

#pgtString?

The PGT associated with this service ticket.

This is set after a successful invocation of #retrieve_pgt!.

Returns:

  • (String, nil)


75
76
77
# File 'lib/castanet/service_ticket.rb', line 75

def pgt
  @pgt
end

#proxy_callback_urlString?

The proxy callback URL to use for service validation.

Returns:

  • (String, nil)


32
33
34
# File 'lib/castanet/service_ticket.rb', line 32

def proxy_callback_url
  @proxy_callback_url
end

#proxy_retrieval_urlString?

The URL of the service to use for retrieving PGTs.

Returns:

  • (String, nil)


38
39
40
# File 'lib/castanet/service_ticket.rb', line 38

def proxy_retrieval_url
  @proxy_retrieval_url
end

#response#ok?, #pgt_iou

The response from the CAS server.

Castanet::ServiceTicket sets this attribute whilst executing #present!, but it can be manually set for e.g. testing purposes.

Returns:

  • (#ok?, #pgt_iou)


65
66
67
# File 'lib/castanet/service_ticket.rb', line 65

def response
  @response
end

#serviceString? (readonly)

The wrapped service URL.

Returns:

  • (String, nil)


56
57
58
# File 'lib/castanet/service_ticket.rb', line 56

def service
  @service
end

#service_validate_urlString?

The URL of the CAS server's serviceValidate service.

Returns:

  • (String, nil)


44
45
46
# File 'lib/castanet/service_ticket.rb', line 44

def service_validate_url
  @service_validate_url
end

#ticketString? (readonly)

The wrapped service ticket.

Returns:

  • (String, nil)


50
51
52
# File 'lib/castanet/service_ticket.rb', line 50

def ticket
  @ticket
end

Instance Method Details

#present!Object

Validates ticket for the service URL given in service. If #proxy_callback_url is not nil, also attempts to retrieve the PGTIOU for this service ticket.

CAS service tickets are one-time-use only

This method checks ticket against service using the CAS server, so you must take care to only validate a given ticket once.

Since ServiceTicket does not maintain any state with regard to whether a ServiceTicket instance has already been presented, multiple presentations of the same ticket will result in behavior like this:

st = service_ticket(ticket, service)
st.present!

st.ok? # => true

st.present!

st.ok? # => false


111
112
113
114
115
116
117
118
119
120
121
# File 'lib/castanet/service_ticket.rb', line 111

def present!
  uri = URI.parse(validation_url).tap do |u|
    u.query = validation_parameters
  end

  net_http(uri).start do |h|
    cas_response = h.get(uri.to_s)

    self.response = parsed_ticket_validate_response(cas_response.body)
  end
end

#retrieve_pgt!Object

Retrieves a PGT from #proxy_retrieval_url using the PGT IOU.

CAS 2.0 does not specify whether PGTIOUs are one-time-use only. Therefore, Castanet does not prevent multiple invocations of retrieve_pgt!; however, it is safest to assume that PGTIOUs are one-time-use only.

CAS 2.0 also does not specify the response format for proxy callbacks. retrieve_pgt! assumes that a 200 response from #proxy_retrieval_url will contain the PGT and only the PGT.

The retrieved PGT will be written to #pgt if this method succeeds.

Returns:

  • void



138
139
140
141
142
143
144
145
146
# File 'lib/castanet/service_ticket.rb', line 138

def retrieve_pgt!
  uri = URI.parse(proxy_retrieval_url).tap do |u|
    u.query = query(['pgtIou', pgt_iou])
  end

  net_http(uri).start do |h|
    self.pgt = h.get(uri.to_s).body
  end
end