Module: CASino::ProcessorConcern::ServiceTickets

Includes:
ProxyTickets, Tickets
Included in:
API::LoginCredentialAcceptorProcessor, API::ServiceTicketProviderProcessor, LegacyValidatorProcessor, LoginCredentialAcceptorProcessor, LoginCredentialRequestorProcessor, SecondFactorAuthenticationAcceptorProcessor, ServiceTicketValidatorProcessor
Defined in:
app/processors/casino/processor_concern/service_tickets.rb

Defined Under Namespace

Classes: ServiceNotAllowedError

Constant Summary collapse

RESERVED_CAS_PARAMETER_KEYS = 
['service', 'ticket', 'gateway', 'renew']

Constants included from Tickets

Tickets::ALLOWED_TICKET_STRING_CHARACTERS

Instance Method Summary collapse

Methods included from ProxyTickets

#acquire_proxy_ticket, #ticket_valid_for_service?, #validate_ticket_for_service

Methods included from Tickets

#random_ticket_string

Instance Method Details

#acquire_service_ticket(ticket_granting_ticket, service, credentials_supplied = nil) ⇒ Object 



13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
 
# File 'app/processors/casino/processor_concern/service_tickets.rb', line 13

def acquire_service_ticket(ticket_granting_ticket, service, credentials_supplied = nil)
  service_url = clean_service_url(service)
  unless CASino::ServiceRule.allowed?(service_url)
    message = "#{service_url} is not in the list of allowed URLs"
    Rails.logger.error message
    raise ServiceNotAllowedError, message
  end
  service_tickets = ticket_granting_ticket.service_tickets
  service_tickets.where(service: service_url).destroy_all
  service_tickets.create!({
    ticket: random_ticket_string('ST'),
    service: service_url,
    issued_from_credentials: !!credentials_supplied
  })
end

#clean_service_url(dirty_service) ⇒ Object 



29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
 
# File 'app/processors/casino/processor_concern/service_tickets.rb', line 29

def clean_service_url(dirty_service)
  return dirty_service if dirty_service.blank?
  service_uri = Addressable::URI.parse dirty_service
  unless service_uri.query_values.nil?
    service_uri.query_values = service_uri.query_values(Array).select { |k,v| !RESERVED_CAS_PARAMETER_KEYS.include?(k) }
  end
  if service_uri.query_values.blank?
    service_uri.query_values = nil
  end

  service_uri.path = (service_uri.path || '').gsub(/\/+\z/, '')
  service_uri.path = '/' if service_uri.path.blank?

  clean_service = service_uri.normalize.to_s

  Rails.logger.debug("Cleaned dirty service URL '#{dirty_service}' to '#{clean_service}'") if dirty_service != clean_service

  clean_service
end