Search in sources :

Example 6 with ThresholdExpiredCRLRevocationPolicy

use of org.apereo.cas.adaptors.x509.authentication.revocation.policy.ThresholdExpiredCRLRevocationPolicy in project cas by apereo.

the class X509AuthenticationConfiguration method resourceCrlRevocationChecker.

@Bean
@RefreshScope(proxyMode = ScopedProxyMode.DEFAULT)
@ConditionalOnMissingBean(name = "resourceCrlRevocationChecker")
public RevocationChecker resourceCrlRevocationChecker(final CasConfigurationProperties casProperties, final ConfigurableApplicationContext applicationContext, @Qualifier("allowRevocationPolicy") final RevocationPolicy allowRevocationPolicy, @Qualifier("thresholdExpiredCRLRevocationPolicy") final RevocationPolicy thresholdExpiredCRLRevocationPolicy, @Qualifier("denyRevocationPolicy") final RevocationPolicy denyRevocationPolicy, @Qualifier("crlFetcher") final CRLFetcher crlFetcher) {
    val x509 = casProperties.getAuthn().getX509();
    val x509CrlResources = x509.getCrlResources().stream().map(applicationContext::getResource).collect(Collectors.toSet());
    return new ResourceCRLRevocationChecker(x509.isCheckAll(), getRevocationPolicy(x509.getCrlResourceUnavailablePolicy(), allowRevocationPolicy, thresholdExpiredCRLRevocationPolicy, denyRevocationPolicy), getRevocationPolicy(x509.getCrlResourceExpiredPolicy(), allowRevocationPolicy, thresholdExpiredCRLRevocationPolicy, denyRevocationPolicy), x509.getRefreshIntervalSeconds(), crlFetcher, x509CrlResources);
}
Also used : lombok.val(lombok.val) ResourceCRLRevocationChecker(org.apereo.cas.adaptors.x509.authentication.revocation.checker.ResourceCRLRevocationChecker) RefreshScope(org.springframework.cloud.context.config.annotation.RefreshScope) ConditionalOnMissingBean(org.springframework.boot.autoconfigure.condition.ConditionalOnMissingBean) ConditionalOnMissingBean(org.springframework.boot.autoconfigure.condition.ConditionalOnMissingBean) Bean(org.springframework.context.annotation.Bean)

Aggregations

lombok.val (lombok.val)5 ExpiredCRLException (org.apereo.cas.adaptors.x509.authentication.ExpiredCRLException)4 ThresholdExpiredCRLRevocationPolicy (org.apereo.cas.adaptors.x509.authentication.revocation.policy.ThresholdExpiredCRLRevocationPolicy)4 ArrayList (java.util.ArrayList)3 RevokedCertificateException (org.apereo.cas.adaptors.x509.authentication.revocation.RevokedCertificateException)3 ResourceCRLRevocationChecker (org.apereo.cas.adaptors.x509.authentication.revocation.checker.ResourceCRLRevocationChecker)3 BigInteger (java.math.BigInteger)2 CRLDistributionPointRevocationChecker (org.apereo.cas.adaptors.x509.authentication.revocation.checker.CRLDistributionPointRevocationChecker)2 ConditionalOnMissingBean (org.springframework.boot.autoconfigure.condition.ConditionalOnMissingBean)2 RefreshScope (org.springframework.cloud.context.config.annotation.RefreshScope)2 Bean (org.springframework.context.annotation.Bean)2 ClassPathResource (org.springframework.core.io.ClassPathResource)2 GeneralSecurityException (java.security.GeneralSecurityException)1 CertificateExpiredException (java.security.cert.CertificateExpiredException)1 ZoneOffset (java.time.ZoneOffset)1 ZonedDateTime (java.time.ZonedDateTime)1 Collection (java.util.Collection)1 FailedLoginException (javax.security.auth.login.FailedLoginException)1 X500Principal (javax.security.auth.x500.X500Principal)1 Slf4j (lombok.extern.slf4j.Slf4j)1