| | |
|---|
| | | import org.springframework.transaction.annotation.Transactional; |
|---|
| | | import org.springframework.util.StringUtils; |
|---|
| | | |
|---|
| | | /** |
|---|
| | | * @author Tanbin |
|---|
| | | * @date 2018-12-12 |
|---|
| | | */ |
|---|
| | | @Transactional(readOnly = false, transactionManager = "ticketTransactionManager") |
|---|
| | | public class CentralAuthenticationServiceImpl extends AbstractCentralAuthenticationService { |
|---|
| | | private static final long serialVersionUID = -8943828074939533986L; |
|---|
| | |
|---|
| | | @Timed(name = "DESTROY_TICKET_GRANTING_TICKET_TIMER") |
|---|
| | | @Metered(name = "DESTROY_TICKET_GRANTING_TICKET_METER") |
|---|
| | | @Counted(name = "DESTROY_TICKET_GRANTING_TICKET_COUNTER", monotonic = true) |
|---|
| | | @Override |
|---|
| | | public List<LogoutRequest> destroyTicketGrantingTicket(String ticketGrantingTicketId) { |
|---|
| | | try { |
|---|
| | | this.logger.debug("Removing ticket [{}] from registry...", ticketGrantingTicketId); |
|---|
| | |
|---|
| | | @Timed(name = "GRANT_SERVICE_TICKET_TIMER") |
|---|
| | | @Metered(name = "GRANT_SERVICE_TICKET_METER") |
|---|
| | | @Counted(name = "GRANT_SERVICE_TICKET_COUNTER", monotonic = true) |
|---|
| | | @Override |
|---|
| | | public ServiceTicket grantServiceTicket(String ticketGrantingTicketId, Service service, AuthenticationResult authenticationResult) throws AuthenticationException, AbstractTicketException { |
|---|
| | | TicketGrantingTicket ticketGrantingTicket = (TicketGrantingTicket)getTicket(ticketGrantingTicketId, TicketGrantingTicket.class); |
|---|
| | | RegisteredService registeredService = this.servicesManager.findServiceBy(service); |
|---|
| | |
|---|
| | | currentAuthentication = context.getAuthentication(); |
|---|
| | | if (currentAuthentication != null) { |
|---|
| | | Authentication original = ticketGrantingTicket.getAuthentication(); |
|---|
| | | if (!currentAuthentication.getPrincipal().equals(original.getPrincipal())) |
|---|
| | | throw new MixedPrincipalException(currentAuthentication, currentAuthentication |
|---|
| | | .getPrincipal(), original.getPrincipal()); |
|---|
| | | if (!currentAuthentication.getPrincipal().equals(original.getPrincipal())) { |
|---|
| | | throw new MixedPrincipalException(currentAuthentication, currentAuthentication.getPrincipal(), original.getPrincipal()); |
|---|
| | | } |
|---|
| | | } |
|---|
| | | } |
|---|
| | | return currentAuthentication; |
|---|
| | |
|---|
| | | @Timed(name = "GRANT_PROXY_TICKET_TIMER") |
|---|
| | | @Metered(name = "GRANT_PROXY_TICKET_METER") |
|---|
| | | @Counted(name = "GRANT_PROXY_TICKET_COUNTER", monotonic = true) |
|---|
| | | @Override |
|---|
| | | public ProxyTicket grantProxyTicket(String proxyGrantingTicket, Service service) throws AbstractTicketException { |
|---|
| | | ProxyGrantingTicket proxyGrantingTicketObject = (ProxyGrantingTicket)getTicket(proxyGrantingTicket, ProxyGrantingTicket.class); |
|---|
| | | RegisteredService registeredService = this.servicesManager.findServiceBy(service); |
|---|
| | |
|---|
| | | @Timed(name = "CREATE_PROXY_GRANTING_TICKET_TIMER") |
|---|
| | | @Metered(name = "CREATE_PROXY_GRANTING_TICKET_METER") |
|---|
| | | @Counted(name = "CREATE_PROXY_GRANTING_TICKET_COUNTER", monotonic = true) |
|---|
| | | @Override |
|---|
| | | public ProxyGrantingTicket createProxyGrantingTicket(String serviceTicketId, AuthenticationResult authenticationResult) throws AuthenticationException, AbstractTicketException { |
|---|
| | | CurrentCredentialsAndAuthentication.bindCurrent(authenticationResult.getAuthentication()); |
|---|
| | | ServiceTicket serviceTicket = (ServiceTicket)this.ticketRegistry.getTicket(serviceTicketId, ServiceTicket.class); |
|---|
| | |
|---|
| | | @Timed(name = "VALIDATE_SERVICE_TICKET_TIMER") |
|---|
| | | @Metered(name = "VALIDATE_SERVICE_TICKET_METER") |
|---|
| | | @Counted(name = "VALIDATE_SERVICE_TICKET_COUNTER", monotonic = true) |
|---|
| | | @Override |
|---|
| | | public Assertion validateServiceTicket(String serviceTicketId, Service service) throws AbstractTicketException { |
|---|
| | | if (!ticketAuthenticityIsVerified(serviceTicketId)) { |
|---|
| | | this.logger.info("Service ticket [{}] is not a valid ticket issued by CAS.", serviceTicketId); |
|---|
| | |
|---|
| | | Principal principal = authentication.getPrincipal(); |
|---|
| | | RegisteredServiceAttributeReleasePolicy attributePolicy = registeredService.getAttributeReleasePolicy(); |
|---|
| | | this.logger.debug("Attribute policy [{}] is associated with service [{}]", attributePolicy, registeredService); |
|---|
| | | Map<String, Object> attributesToRelease = (attributePolicy != null) ? attributePolicy.getAttributes(principal) : new HashMap(); |
|---|
| | | Map<String, Object> attributesToRelease = (attributePolicy != null) ? attributePolicy.getAttributes(principal) : new HashMap(5); |
|---|
| | | String principalId = registeredService.getUsernameAttributeProvider().resolveUsername(principal, selectedService); |
|---|
| | | Principal modifiedPrincipal = this.principalFactory.createPrincipal(principalId, attributesToRelease); |
|---|
| | | AuthenticationBuilder builder = DefaultAuthenticationBuilder.newInstance(authentication); |
|---|
| | |
|---|
| | | @Timed(name = "CREATE_TICKET_GRANTING_TICKET_TIMER") |
|---|
| | | @Metered(name = "CREATE_TICKET_GRANTING_TICKET_METER") |
|---|
| | | @Counted(name = "CREATE_TICKET_GRANTING_TICKET_COUNTER", monotonic = true) |
|---|
| | | @Override |
|---|
| | | public TicketGrantingTicket createTicketGrantingTicket(AuthenticationResult authenticationResult) throws AuthenticationException, AbstractTicketException { |
|---|
| | | Authentication authentication = authenticationResult.getAuthentication(); |
|---|
| | | Service service = authenticationResult.getService(); |
|---|
