Module: CASino::ProcessorConcern::TicketGrantingTickets

Includes:
Browser
Included in:
API::LoginCredentialAcceptorProcessor, API::ServiceTicketProviderProcessor, LoginCredentialAcceptorProcessor, LoginCredentialRequestorProcessor, LogoutProcessor, OtherSessionsDestroyerProcessor, SecondFactorAuthenticationAcceptorProcessor, SessionOverviewProcessor, TwoFactorAuthenticatorActivatorProcessor, TwoFactorAuthenticatorDestroyerProcessor, TwoFactorAuthenticatorOverviewProcessor, TwoFactorAuthenticatorRegistratorProcessor
Defined in:
app/processors/casino/processor_concern/ticket_granting_tickets.rb

Instance Method Summary collapse

Methods included from Browser

#browser_info, #same_browser?

Instance Method Details

#acquire_ticket_granting_ticket(authentication_result, user_agent = nil, long_term = nil) ⇒ Object 



31
32
33
34
35
36
37
38
39
40
41
 
# File 'app/processors/casino/processor_concern/ticket_granting_tickets.rb', line 31

def acquire_ticket_granting_ticket(authentication_result, user_agent = nil, long_term = nil)
  user_data = authentication_result[:user_data]
  user = load_or_initialize_user(authentication_result[:authenticator], user_data[:username], user_data[:extra_attributes])
  cleanup_expired_ticket_granting_tickets(user)
  user.ticket_granting_tickets.create!({
    ticket: random_ticket_string('TGC'),
    awaiting_two_factor_authentication: !user.active_two_factor_authenticator.nil?,
    user_agent: user_agent,
    long_term: !!long_term
  })
end

#cleanup_expired_ticket_granting_tickets(user) ⇒ Object 



59
60
61
 
# File 'app/processors/casino/processor_concern/ticket_granting_tickets.rb', line 59

def cleanup_expired_ticket_granting_tickets(user)
  CASino::TicketGrantingTicket.cleanup(user)
end

#find_valid_ticket_granting_ticket(tgt, user_agent, ignore_two_factor = false) ⇒ Object 



9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
 
# File 'app/processors/casino/processor_concern/ticket_granting_tickets.rb', line 9

def find_valid_ticket_granting_ticket(tgt, user_agent, ignore_two_factor = false)
  ticket_granting_ticket = CASino::TicketGrantingTicket.where(ticket: tgt).first
  unless ticket_granting_ticket.nil?
    if ticket_granting_ticket.expired?
      Rails.logger.info "Ticket-granting ticket expired (Created: #{ticket_granting_ticket.created_at})"
      ticket_granting_ticket.destroy
      nil
    elsif !ignore_two_factor && ticket_granting_ticket.awaiting_two_factor_authentication?
      Rails.logger.info 'Ticket-granting ticket is valid, but two-factor authentication is pending'
      nil
    elsif same_browser?(ticket_granting_ticket.user_agent, user_agent)
      ticket_granting_ticket.user_agent = user_agent
      ticket_granting_ticket.touch
      ticket_granting_ticket.save!
      ticket_granting_ticket
    else
      Rails.logger.info 'User-Agent changed: ticket-granting ticket not valid for this browser'
      nil
    end
  end
end

#load_or_initialize_user(authenticator, username, extra_attributes) ⇒ Object 



43
44
45
46
47
48
49
50
 
# File 'app/processors/casino/processor_concern/ticket_granting_tickets.rb', line 43

def load_or_initialize_user(authenticator, username, extra_attributes)
  user = CASino::User.where(
    authenticator: authenticator,
    username: username).first_or_initialize
  user.extra_attributes = extra_attributes
  user.save!
  return user
end

#remove_ticket_granting_ticket(ticket_granting_ticket, user_agent = nil) ⇒ Object 



52
53
54
55
56
57
 
# File 'app/processors/casino/processor_concern/ticket_granting_tickets.rb', line 52

def remove_ticket_granting_ticket(ticket_granting_ticket, user_agent = nil)
  tgt = find_valid_ticket_granting_ticket(ticket_granting_ticket, user_agent)
  unless tgt.nil?
    tgt.destroy
  end
end