Module: CASino::ServiceTicketProcessor
Defined Under Namespace
Classes: ServiceNotAllowedError, ValidationResult
Constant Summary
collapse
- RESERVED_CAS_PARAMETER_KEYS =
['service', 'ticket', 'gateway', 'renew']
Instance Method Summary
collapse
Instance Method Details
#acquire_service_ticket(ticket_granting_ticket, service, options = {}) ⇒ Object
15
16
17
18
19
20
21
22
23
24
25
26
27
28
|
# File 'app/processors/casino/service_ticket_processor.rb', line 15
def acquire_service_ticket(ticket_granting_ticket, service, options = {})
service_url = clean_service_url(service)
unless service_allowed?(service_url)
message = "#{service_url} is not in the list of allowed URLs"
Rails.logger.error message
raise ServiceNotAllowedError, message
end
service_tickets = ticket_granting_ticket.service_tickets
service_tickets.where(service: service_url).destroy_all
service_tickets.create!({
service: service_url,
issued_from_credentials: !!options[:credentials_supplied]
})
end
|
#clean_service_url(dirty_service) ⇒ Object
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
|
# File 'app/processors/casino/service_ticket_processor.rb', line 30
def clean_service_url(dirty_service)
return dirty_service if dirty_service.blank?
service_uri = Addressable::URI.parse dirty_service
unless service_uri.query_values.nil?
service_uri.query_values = service_uri.query_values(Array).select { |k,v| !RESERVED_CAS_PARAMETER_KEYS.include?(k) }
end
if service_uri.query_values.blank?
service_uri.query_values = nil
end
service_uri.path = (service_uri.path || '').gsub(/\/+\z/, '')
service_uri.path = '/' if service_uri.path.blank?
service_uri.normalize.to_s.tap do |clean_service|
Rails.logger.debug("Cleaned dirty service URL '#{dirty_service}' to '#{clean_service}'") if dirty_service != clean_service
end
end
|
#service_allowed?(service) ⇒ Boolean
11
12
13
|
# File 'app/processors/casino/service_ticket_processor.rb', line 11
def service_allowed?(service)
CASino::ServiceRule.allowed?(service)
end
|
#ticket_valid_for_service?(ticket, service, options = {}) ⇒ Boolean
48
49
50
|
# File 'app/processors/casino/service_ticket_processor.rb', line 48
def ticket_valid_for_service?(ticket, service, options = {})
validate_ticket_for_service(ticket, service, options).success?
end
|
#validate_ticket_for_service(ticket, service, options = {}) ⇒ Object
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
|
# File 'app/processors/casino/service_ticket_processor.rb', line 52
def validate_ticket_for_service(ticket, service, options = {})
if ticket.nil?
result = ValidationResult.new 'INVALID_TICKET', 'Invalid validate request: Ticket does not exist', :warn
else
result = validate_existing_ticket_for_service(ticket, service, options)
ticket.update_attribute(:consumed, true)
Rails.logger.debug "Consumed ticket '#{ticket.ticket}'"
end
if result.success?
Rails.logger.info "Ticket '#{ticket.ticket}' for service '#{service}' successfully validated"
else
Rails.logger.send(result.error_severity, result.error_message)
end
result
end
|