use of org.apereo.cas.adaptors.x509.authentication.revocation.policy.ThresholdExpiredCRLRevocationPolicy in project cas by apereo.
the class X509AuthenticationConfiguration method resourceCrlRevocationChecker.
@Bean
@RefreshScope(proxyMode = ScopedProxyMode.DEFAULT)
@ConditionalOnMissingBean(name = "resourceCrlRevocationChecker")
public RevocationChecker resourceCrlRevocationChecker(final CasConfigurationProperties casProperties, final ConfigurableApplicationContext applicationContext, @Qualifier("allowRevocationPolicy") final RevocationPolicy allowRevocationPolicy, @Qualifier("thresholdExpiredCRLRevocationPolicy") final RevocationPolicy thresholdExpiredCRLRevocationPolicy, @Qualifier("denyRevocationPolicy") final RevocationPolicy denyRevocationPolicy, @Qualifier("crlFetcher") final CRLFetcher crlFetcher) {
val x509 = casProperties.getAuthn().getX509();
val x509CrlResources = x509.getCrlResources().stream().map(applicationContext::getResource).collect(Collectors.toSet());
return new ResourceCRLRevocationChecker(x509.isCheckAll(), getRevocationPolicy(x509.getCrlResourceUnavailablePolicy(), allowRevocationPolicy, thresholdExpiredCRLRevocationPolicy, denyRevocationPolicy), getRevocationPolicy(x509.getCrlResourceExpiredPolicy(), allowRevocationPolicy, thresholdExpiredCRLRevocationPolicy, denyRevocationPolicy), x509.getRefreshIntervalSeconds(), crlFetcher, x509CrlResources);
}
Aggregations