Search in sources :

Example 1 with ProxyGrantingTicketFactory

use of org.apereo.cas.ticket.proxy.ProxyGrantingTicketFactory in project cas by apereo.

the class DefaultCentralAuthenticationService method createProxyGrantingTicket.

@Audit(action = "PROXY_GRANTING_TICKET", actionResolverName = "CREATE_PROXY_GRANTING_TICKET_RESOLVER", resourceResolverName = "CREATE_PROXY_GRANTING_TICKET_RESOURCE_RESOLVER")
@Timed(name = "CREATE_PROXY_GRANTING_TICKET_TIMER")
@Metered(name = "CREATE_PROXY_GRANTING_TICKET_METER")
@Counted(name = "CREATE_PROXY_GRANTING_TICKET_COUNTER", monotonic = true)
@Override
public ProxyGrantingTicket createProxyGrantingTicket(final String serviceTicketId, final AuthenticationResult authenticationResult) throws AuthenticationException, AbstractTicketException {
    AuthenticationCredentialsLocalBinder.bindCurrent(authenticationResult.getAuthentication());
    final ServiceTicket serviceTicket = this.ticketRegistry.getTicket(serviceTicketId, ServiceTicket.class);
    if (serviceTicket == null || serviceTicket.isExpired()) {
        LOGGER.debug("ServiceTicket [{}] has expired or cannot be found in the ticket registry", serviceTicketId);
        throw new InvalidTicketException(serviceTicketId);
    }
    final RegisteredService registeredService = this.servicesManager.findServiceBy(serviceTicket.getService());
    RegisteredServiceAccessStrategyUtils.ensurePrincipalAccessIsAllowedForService(serviceTicket, authenticationResult, registeredService);
    if (!registeredService.getProxyPolicy().isAllowedToProxy()) {
        LOGGER.warn("ServiceManagement: Service [{}] attempted to proxy, but is not allowed.", serviceTicket.getService().getId());
        throw new UnauthorizedProxyingException();
    }
    final Authentication authentication = authenticationResult.getAuthentication();
    final ProxyGrantingTicketFactory factory = this.ticketFactory.get(ProxyGrantingTicket.class);
    final ProxyGrantingTicket proxyGrantingTicket = factory.create(serviceTicket, authentication);
    LOGGER.debug("Generated proxy granting ticket [{}] based off of [{}]", proxyGrantingTicket, serviceTicketId);
    this.ticketRegistry.addTicket(proxyGrantingTicket);
    doPublishEvent(new CasProxyGrantingTicketCreatedEvent(this, proxyGrantingTicket));
    return proxyGrantingTicket;
}
Also used : RegisteredService(org.apereo.cas.services.RegisteredService) Authentication(org.apereo.cas.authentication.Authentication) InvalidTicketException(org.apereo.cas.ticket.InvalidTicketException) ServiceTicket(org.apereo.cas.ticket.ServiceTicket) ProxyGrantingTicket(org.apereo.cas.ticket.proxy.ProxyGrantingTicket) CasProxyGrantingTicketCreatedEvent(org.apereo.cas.support.events.ticket.CasProxyGrantingTicketCreatedEvent) UnauthorizedProxyingException(org.apereo.cas.services.UnauthorizedProxyingException) ProxyGrantingTicketFactory(org.apereo.cas.ticket.proxy.ProxyGrantingTicketFactory) Audit(org.apereo.inspektr.audit.annotation.Audit) Counted(com.codahale.metrics.annotation.Counted) Metered(com.codahale.metrics.annotation.Metered) Timed(com.codahale.metrics.annotation.Timed)

Aggregations

Counted (com.codahale.metrics.annotation.Counted)1 Metered (com.codahale.metrics.annotation.Metered)1 Timed (com.codahale.metrics.annotation.Timed)1 Authentication (org.apereo.cas.authentication.Authentication)1 RegisteredService (org.apereo.cas.services.RegisteredService)1 UnauthorizedProxyingException (org.apereo.cas.services.UnauthorizedProxyingException)1 CasProxyGrantingTicketCreatedEvent (org.apereo.cas.support.events.ticket.CasProxyGrantingTicketCreatedEvent)1 InvalidTicketException (org.apereo.cas.ticket.InvalidTicketException)1 ServiceTicket (org.apereo.cas.ticket.ServiceTicket)1 ProxyGrantingTicket (org.apereo.cas.ticket.proxy.ProxyGrantingTicket)1 ProxyGrantingTicketFactory (org.apereo.cas.ticket.proxy.ProxyGrantingTicketFactory)1 Audit (org.apereo.inspektr.audit.annotation.Audit)1