Class: Castanet::Responses::TicketValidate

Inherits:
Object
  • Object
show all
Defined in:
lib/castanet/responses/ticket_validate.rb

Overview

A parsed representation of responses from /serviceValidate or /proxyValidate.

The responses for the above services are identical, so we implement their parser with the same state machine.

The code in this class implements a state machine generated by Ragel. The state machine definition is in ticket_validate.rl.

See Also:

Class Attribute Summary collapse

Instance Attribute Summary collapse

Class Method Summary collapse

Instance Method Summary collapse

Constructor Details

#initializeTicketValidate

Returns a new instance of TicketValidate.



232
233
234
235
 
# File 'lib/castanet/responses/ticket_validate.rb', line 232

def initialize
  self.ok = false
  self.proxies = []
end

Class Attribute Details

._ticket_validate_actionsObject

Returns the value of attribute _ticket_validate_actions.



239
240
241
 
# File 'lib/castanet/responses/ticket_validate.rb', line 239

def _ticket_validate_actions
  @_ticket_validate_actions
end

._ticket_validate_index_offsetsObject

Returns the value of attribute _ticket_validate_index_offsets.



454
455
456
 
# File 'lib/castanet/responses/ticket_validate.rb', line 454

def _ticket_validate_index_offsets
  @_ticket_validate_index_offsets
end

._ticket_validate_key_offsetsObject

Returns the value of attribute _ticket_validate_key_offsets.



248
249
250
 
# File 'lib/castanet/responses/ticket_validate.rb', line 248

def _ticket_validate_key_offsets
  @_ticket_validate_key_offsets
end

._ticket_validate_range_lengthsObject

Returns the value of attribute _ticket_validate_range_lengths.



405
406
407
 
# File 'lib/castanet/responses/ticket_validate.rb', line 405

def _ticket_validate_range_lengths
  @_ticket_validate_range_lengths
end

._ticket_validate_single_lengthsObject

Returns the value of attribute _ticket_validate_single_lengths.



356
357
358
 
# File 'lib/castanet/responses/ticket_validate.rb', line 356

def _ticket_validate_single_lengths
  @_ticket_validate_single_lengths
end

._ticket_validate_trans_actionsObject

Returns the value of attribute _ticket_validate_trans_actions.



602
603
604
 
# File 'lib/castanet/responses/ticket_validate.rb', line 602

def _ticket_validate_trans_actions
  @_ticket_validate_trans_actions
end

._ticket_validate_trans_keysObject

Returns the value of attribute _ticket_validate_trans_keys.



297
298
299
 
# File 'lib/castanet/responses/ticket_validate.rb', line 297

def _ticket_validate_trans_keys
  @_ticket_validate_trans_keys
end

._ticket_validate_trans_targsObject

Returns the value of attribute _ticket_validate_trans_targs.



503
504
505
 
# File 'lib/castanet/responses/ticket_validate.rb', line 503

def _ticket_validate_trans_targs
  @_ticket_validate_trans_targs
end

.ticket_validate_en_mainObject

Returns the value of attribute ticket_validate_en_main.



714
715
716
 
# File 'lib/castanet/responses/ticket_validate.rb', line 714

def ticket_validate_en_main
  @ticket_validate_en_main
end

.ticket_validate_errorObject

Returns the value of attribute ticket_validate_error.



709
710
711
 
# File 'lib/castanet/responses/ticket_validate.rb', line 709

def ticket_validate_error
  @ticket_validate_error
end

.ticket_validate_first_finalObject

Returns the value of attribute ticket_validate_first_final.



705
706
707
 
# File 'lib/castanet/responses/ticket_validate.rb', line 705

def ticket_validate_first_final
  @ticket_validate_first_final
end

.ticket_validate_startObject

Returns the value of attribute ticket_validate_start.



701
702
703
 
# File 'lib/castanet/responses/ticket_validate.rb', line 701

def ticket_validate_start
  @ticket_validate_start
end

Instance Attribute Details

#failure_codeString?

The failure code returned on authentication failure.

Returns:

  • (String, nil) 


33
34
35
 
# File 'lib/castanet/responses/ticket_validate.rb', line 33

def failure_code
  @failure_code
end

#failure_reasonString?

The reason given by the CAS server for authentication failure.

Returns:

  • (String, nil) 


39
40
41
 
# File 'lib/castanet/responses/ticket_validate.rb', line 39

def failure_reason
  @failure_reason
end

#okBoolean Also known as: ok?

Whether or not this response passed CAS authentication.

Returns:

  • (Boolean) 


25
26
27
 
# File 'lib/castanet/responses/ticket_validate.rb', line 25

def ok
  @ok
end

#pgt_iouString?

The PGT IOU returned by an authentication success message.

Returns:

  • (String, nil) 


45
46
47
 
# File 'lib/castanet/responses/ticket_validate.rb', line 45

def pgt_iou
  @pgt_iou
end

#proxiesArray

A list of authentication proxies for this ticket.

Each participant in an authentication chain adds one entry to this list. As an example, assume the existence of two services:

  1. frontend
  2. backend

If frontend proxied access to backend, the proxy list would be

  1. backend
  2. frontend

The proxy chain has an unbounded maximum length. The proxy order specified in the CAS response is preserved.

For proxy tickets that fail validation, this will be an empty list. It should also be an empty list for service tickets too, although that's really up to the CAS server.

Although this list is technically a valid component of an authentication response issued by /serviceValidate, it's really only applicable to proxy tickets.

Returns:

  • (Array)

See Also:



74
75
76
 
# File 'lib/castanet/responses/ticket_validate.rb', line 74

def proxies
  @proxies
end

#usernameString?

The name of the owner of the validated service or proxy ticket.

This information is only present on authentication success.

Returns:

  • (String, nil) 


82
83
84
 
# File 'lib/castanet/responses/ticket_validate.rb', line 82

def username
  @username
end

Class Method Details

.from_cas(response) ⇒ TicketValidate

Generates a Castanet::Responses::TicketValidate object from a CAS response.

Parameters:

  • response (String)

    the CAS response

Returns:



89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
 
# File 'lib/castanet/responses/ticket_validate.rb', line 89

def self.from_cas(response)
  data = response.strip.unpack('U*')
  buffer = ''

  
begin
	p ||= 0
	pe ||= data.length
	cs = ticket_validate_start
end


  new.tap do |r|
    
begin
	_klen, _trans, _keys, _acts, _nacts = nil
	_goto_level = 0
	_resume = 10
	_eof_trans = 15
	_again = 20
	_test_eof = 30
	_out = 40
	while true
	_trigger_goto = false
	if _goto_level <= 0
	if p == pe
		_goto_level = _test_eof
		next
	end
	if cs == 0
		_goto_level = _out
		next
	end
	end
	if _goto_level <= _resume
	_keys = _ticket_validate_key_offsets[cs]
	_trans = _ticket_validate_index_offsets[cs]
	_klen = _ticket_validate_single_lengths[cs]
	_break_match = false
	
	begin
	  if _klen > 0
  _lower = _keys
  _upper = _keys + _klen - 1

  loop do
     break if _upper < _lower
     _mid = _lower + ( (_upper - _lower) >> 1 )

     if data[p] < _ticket_validate_trans_keys[_mid]
        _upper = _mid - 1
     elsif data[p] > _ticket_validate_trans_keys[_mid]
        _lower = _mid + 1
     else
        _trans += (_mid - _keys)
        _break_match = true
        break
     end
  end # loop
  break if _break_match
  _keys += _klen
  _trans += _klen
	  end
	  _klen = _ticket_validate_range_lengths[cs]
	  if _klen > 0
  _lower = _keys
  _upper = _keys + (_klen << 1) - 2
  loop do
     break if _upper < _lower
     _mid = _lower + (((_upper-_lower) >> 1) & ~1)
     if data[p] < _ticket_validate_trans_keys[_mid]
       _upper = _mid - 2
     elsif data[p] > _ticket_validate_trans_keys[_mid+1]
       _lower = _mid + 2
     else
       _trans += ((_mid - _keys) >> 1)
       _break_match = true
       break
     end
  end # loop
  break if _break_match
  _trans += _klen
	  end
	end while false
	cs = _ticket_validate_trans_targs[_trans]
	if _ticket_validate_trans_actions[_trans] != 0
		_acts = _ticket_validate_trans_actions[_trans]
		_nacts = _ticket_validate_actions[_acts]
		_acts += 1
		while _nacts > 0
			_nacts -= 1
			_acts += 1
			case _ticket_validate_actions[_acts - 1]
when 0 then
		begin
 r.username = buffer; buffer = '' 		end
when 1 then
		begin
 r.failure_code = buffer; buffer = '' 		end
when 2 then
		begin
 r.failure_reason = buffer.strip; buffer = '' 		end
when 3 then
		begin
 r.pgt_iou = buffer; buffer = '' 		end
when 4 then
		begin
 r.proxies << buffer; buffer = '' 		end
when 5 then
		begin
 r.ok = true 		end
when 6 then
		begin
 buffer << data[p] 		end
			end # action switch
		end
	end
	if _trigger_goto
		next
	end
	end
	if _goto_level <= _again
	if cs == 0
		_goto_level = _out
		next
	end
	p += 1
	if p != pe
		_goto_level = _resume
		next
	end
	end
	if _goto_level <= _test_eof
	end
	if _goto_level <= _out
		break
	end
	end
	end

  end
end