-
Notifications
You must be signed in to change notification settings - Fork 12
/
GenerateServiceTicketAction.java
111 lines (93 loc) · 4.05 KB
/
GenerateServiceTicketAction.java
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
/*
* Licensed to Jasig under one or more contributor license
* agreements. See the NOTICE file distributed with this work
* for additional information regarding copyright ownership.
* Jasig licenses this file to you under the Apache License,
* Version 2.0 (the "License"); you may not use this file
* except in compliance with the License. You may obtain a
* copy of the License at the following location:
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing,
* software distributed under the License is distributed on an
* "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
* KIND, either express or implied. See the License for the
* specific language governing permissions and limitations
* under the License.
*/
package org.jasig.cas.web.flow;
import org.jasig.cas.CentralAuthenticationService;
import org.jasig.cas.authentication.Authentication;
import org.jasig.cas.authentication.principal.Service;
import org.jasig.cas.ticket.TicketException;
import org.jasig.cas.ticket.ServiceTicket;
import org.jasig.cas.ticket.registry.TicketRegistry;
import org.jasig.cas.web.support.WebUtils;
import org.jasig.cas.web.support.CookieRetrievingCookieGenerator;
import org.springframework.util.StringUtils;
import org.springframework.webflow.action.AbstractAction;
import org.springframework.webflow.execution.Event;
import org.springframework.webflow.execution.RequestContext;
import javax.validation.constraints.NotNull;
import java.util.List;
/**
* Action to generate a service ticket for a given Ticket Granting Ticket and
* Service.
*
* @author Scott Battaglia
* @since 3.0.4
*/
public final class GenerateServiceTicketAction extends AbstractAction {
/** Instance of CentralAuthenticationService. */
@NotNull
private CentralAuthenticationService centralAuthenticationService;
@NotNull
private CookieRetrievingCookieGenerator alaProxyAuthenticationCookieGenerator;
@NotNull
private TicketRegistry serviceTicketRegistry;
@Override
protected Event doExecute(final RequestContext context) {
final Service service = WebUtils.getService(context);
final String ticketGrantingTicket = WebUtils.getTicketGrantingTicketId(context);
try {
final String serviceTicketId = this.centralAuthenticationService
.grantServiceTicket(ticketGrantingTicket,
service);
WebUtils.putServiceTicketInRequestScope(context,
serviceTicketId);
//
// Create ALA specific cookie that any ALA web application can read
//
final ServiceTicket st =
(ServiceTicket)this.serviceTicketRegistry.getTicket(serviceTicketId);
final List<Authentication> authentications =
st.getGrantingTicket().getChainedAuthentications();
final String email = authentications.get(authentications.size() - 1).getPrincipal().getId();
this.alaProxyAuthenticationCookieGenerator.addCookie(WebUtils.getHttpServletRequest(context),
WebUtils.getHttpServletResponse(context),
email);
return success();
} catch (final TicketException e) {
if (isGatewayPresent(context)) {
// TODO: what to do here ALA-Auth cookie-wise?
return result("gateway");
}
}
return error();
}
public void setCentralAuthenticationService(
final CentralAuthenticationService centralAuthenticationService) {
this.centralAuthenticationService = centralAuthenticationService;
}
public void setAlaProxyAuthenticationCookieGenerator(final CookieRetrievingCookieGenerator alaProxyAuthenticationCookieGenerator) {
this.alaProxyAuthenticationCookieGenerator = alaProxyAuthenticationCookieGenerator;
}
public void setServiceTicketRegistry(final TicketRegistry serviceTicketRegistry) {
this.serviceTicketRegistry = serviceTicketRegistry;
}
protected boolean isGatewayPresent(final RequestContext context) {
return StringUtils.hasText(context.getExternalContext()
.getRequestParameterMap().get("gateway"));
}
}