public ServiceTicketController(IServiceTicketManager mgr, UserManager <AppUser> userManager, IAdminLogger logger) : base(userManager, logger)
{
_mgr = mgr;
}
/// <summary>
/// Initializes configuration-related properties and validates configuration.
/// </summary>
public static void Initialize()
{
if (!initialized)
{
lock (LockObject)
{
if (!initialized)
{
FormsAuthentication.Initialize();
AuthenticationConfig = (AuthenticationSection)WebConfigurationManager.GetSection("system.web/authentication");
CasClientConfig = CasClientConfiguration.Config;
if (AuthenticationConfig == null)
{
LogAndThrowConfigurationException(
"The CAS authentication provider requires Forms authentication to be enabled in web.config.");
}
if (AuthenticationConfig.Mode != AuthenticationMode.Forms)
{
LogAndThrowConfigurationException(
"The CAS authentication provider requires Forms authentication to be enabled in web.config.");
}
if (FormsAuthentication.CookieMode != HttpCookieMode.UseCookies)
{
LogAndThrowConfigurationException(
"CAS requires Forms Authentication to use cookies (cookieless='UseCookies').");
}
xmlReaderSettings = new XmlReaderSettings();
xmlReaderSettings.ConformanceLevel = ConformanceLevel.Auto;
xmlReaderSettings.IgnoreWhitespace = true;
xmlNameTable = new NameTable();
xmlNamespaceManager = new XmlNamespaceManager(xmlNameTable);
xmlNamespaceManager.AddNamespace("cas", "http://www.yale.edu/tp/cas");
xmlNamespaceManager.AddNamespace("saml", "urn: oasis:names:tc:SAML:1.0:assertion");
xmlNamespaceManager.AddNamespace("saml2", "urn: oasis:names:tc:SAML:1.0:assertion");
xmlNamespaceManager.AddNamespace("samlp", "urn: oasis:names:tc:SAML:1.0:protocol");
formsLoginUrl = AuthenticationConfig.Forms.LoginUrl;
formsTimeout = AuthenticationConfig.Forms.Timeout;
if (string.IsNullOrEmpty(CasClientConfig.CasServerUrlPrefix))
{
LogAndThrowConfigurationException("The CasServerUrlPrefix is required");
}
casServerUrlPrefix = CasClientConfig.CasServerUrlPrefix;
configLogger.Info("casServerUrlPrefix = " + casServerUrlPrefix);
casServerLoginUrl = CasClientConfig.CasServerLoginUrl;
configLogger.Info("casServerLoginUrl = " + casServerLoginUrl);
ticketValidatorName = CasClientConfig.TicketValidatorName;
configLogger.Info("ticketValidatorName = " + ticketValidatorName);
ticketTimeTolerance = CasClientConfig.TicketTimeTolerance;
configLogger.Info("ticketTimeTolerance = " + ticketTimeTolerance);
serverName = CasClientConfig.ServerName;
configLogger.Info("serverName = " + serverName);
renew = CasClientConfig.Renew;
configLogger.Info("renew = " + renew);
gateway = CasClientConfig.Gateway;
configLogger.Info("gateway = " + gateway);
gatewayStatusCookieName = CasClientConfig.GatewayStatusCookieName;
configLogger.Info("gatewayStatusCookieName = " + gatewayStatusCookieName);
redirectAfterValidation = CasClientConfig.RedirectAfterValidation;
configLogger.Info("redirectAfterValidation = " + redirectAfterValidation);
singleSignOut = CasClientConfig.SingleSignOut;
configLogger.Info("singleSignOut = " + singleSignOut);
serviceTicketManagerProvider = CasClientConfig.ServiceTicketManager;
configLogger.Info("serviceTicketManagerProvider = " + serviceTicketManagerProvider);
proxyTicketManagerProvider = CasClientConfig.ProxyTicketManager;
configLogger.Info("proxyTicketManagerProvider = " + proxyTicketManagerProvider);
notAuthorizedUrl = CasClientConfig.NotAuthorizedUrl;
configLogger.Info("notAuthorizedUrl = " + notAuthorizedUrl);
cookiesRequiredUrl = CasClientConfig.CookiesRequiredUrl;
configLogger.Info("cookiesRequiredUrl = " + cookiesRequiredUrl);
gatewayParameterName = CasClientConfig.GatewayParameterName;
configLogger.Info("gatewayParameterName = " + gatewayParameterName);
proxyCallbackParameterName = CasClientConfig.ProxyCallbackParameterName;
configLogger.Info("proxyCallbackParameterName = " + proxyCallbackParameterName);
casProxyCallbackUrl = CasClientConfig.ProxyCallbackUrl;
configLogger.Info("proxyCallbackUrl = " + casProxyCallbackUrl);
requireCasForMissingContentTypes = CasClientConfig.RequireCasForMissingContentTypes;
configLogger.Info("requireCasForMissingContentTypes = " + requireCasForMissingContentTypes);
requireCasForContentTypes = CasClientConfig.RequireCasForContentTypes;
configLogger.Info("requireCasForContentTypes = " + requireCasForContentTypes);
bypassCasForHandlers = CasClientConfig.BypassCasForHandlers;
configLogger.Info("bypassCasForHandlers = " + bypassCasForHandlers);
if (!String.IsNullOrEmpty(ticketValidatorName))
{
if (String.Compare(CasClientConfiguration.CAS10_TICKET_VALIDATOR_NAME,ticketValidatorName) == 0)
ticketValidator = new Cas10TicketValidator();
else if (String.Compare(CasClientConfiguration.CAS20_TICKET_VALIDATOR_NAME, ticketValidatorName) == 0)
ticketValidator = new Cas20ServiceTicketValidator();
else if (String.Compare(CasClientConfiguration.SAML11_TICKET_VALIDATOR_NAME, ticketValidatorName) == 0)
ticketValidator = new Saml11TicketValidator();
else
{
// the ticket validator name is not recognized, let's try to get it using Reflection then
Type ticketValidatorType = Type.GetType(ticketValidatorName, false, true);
if (ticketValidatorType != null)
{
if (typeof(ITicketValidator).IsAssignableFrom(ticketValidatorType))
ticketValidator = (ITicketValidator)Activator.CreateInstance(ticketValidatorType);
else
LogAndThrowConfigurationException("Ticket validator type is not correct " + ticketValidatorName);
}
else
LogAndThrowConfigurationException("Could not find ticket validatory type " + ticketValidatorName);
}
configLogger.Info("TicketValidator type = " + ticketValidator.GetType().ToString());
}
else
LogAndThrowConfigurationException("Ticket validator name missing");
if (String.IsNullOrEmpty(serviceTicketManagerProvider))
{
// Web server cannot maintain ticket state, verify tickets, perform SSO, etc.
}
else
{
if (String.Compare(CasClientConfiguration.CACHE_SERVICE_TICKET_MANAGER, serviceTicketManagerProvider) == 0)
serviceTicketManager = new CacheServiceTicketManager();
else
{
// the service ticket manager is not recognized, let's try to get it using Reflection then
Type serviceTicketManagerType = Type.GetType(serviceTicketManagerProvider, false, true);
if (serviceTicketManagerType != null)
{
if (typeof(IServiceTicketManager).IsAssignableFrom(serviceTicketManagerType))
serviceTicketManager = (IServiceTicketManager)Activator.CreateInstance(serviceTicketManagerType);
else
LogAndThrowConfigurationException("Service Ticket Manager type is not correct " + serviceTicketManagerProvider);
}
else
LogAndThrowConfigurationException("Could not find Service Ticket Manager type " + serviceTicketManagerProvider);
}
configLogger.Info("ServiceTicketManager type = " + serviceTicketManager.GetType().ToString());
}
if (String.IsNullOrEmpty(proxyTicketManagerProvider))
{
// Web server cannot generate proxy tickets
}
else
{
if (String.Compare(CasClientConfiguration.CACHE_PROXY_TICKET_MANAGER, proxyTicketManagerProvider) == 0)
proxyTicketManager = new CacheProxyTicketManager();
else
{
// the proxy ticket manager is not recognized, let's try to get it using Reflection then
Type proxyTicketManagerType = Type.GetType(proxyTicketManagerProvider, false, true);
if (proxyTicketManagerType != null)
{
if (typeof(IProxyTicketManager).IsAssignableFrom(proxyTicketManagerType))
proxyTicketManager = (IProxyTicketManager)Activator.CreateInstance(proxyTicketManagerType);
else
LogAndThrowConfigurationException("Proxy Ticket Manager type is not correct " + proxyTicketManagerProvider);
}
else
LogAndThrowConfigurationException("Could not find Proxy Ticket Manager type " + proxyTicketManagerProvider);
}
configLogger.Info("ProxyTicketManager type = " + proxyTicketManager.GetType().ToString());
}
// Validate configuration
bool haveServerName = !String.IsNullOrEmpty(serverName);
if (!haveServerName)
{
LogAndThrowConfigurationException(CasClientConfiguration.SERVER_NAME + " cannot be null or empty.");
}
if (String.IsNullOrEmpty(casServerLoginUrl))
{
LogAndThrowConfigurationException(CasClientConfiguration.CAS_SERVER_LOGIN_URL + " cannot be null or empty.");
}
if (serviceTicketManager == null && singleSignOut)
{
LogAndThrowConfigurationException("Single Sign Out support requires a ServiceTicketManager.");
}
if (gateway && renew)
{
LogAndThrowConfigurationException("Gateway and Renew functionalities are mutually exclusive");
}
if (!redirectAfterValidation)
{
LogAndThrowConfigurationException(
"Forms Authentication based modules require RedirectAfterValidation to be set to true.");
}
initialized = true;
}
}
if (ServiceTicketManager != null) ServiceTicketManager.Initialize();
if (ProxyTicketManager != null) ProxyTicketManager.Initialize();
if (TicketValidator != null) TicketValidator.Initialize();
}
}
public ClientAPIFSLiteController(IServiceTicketManager fsLiteManager, UserManager <AppUser> userManager, IAdminLogger logger)
: base(userManager, logger)
{
_fsLiteManager = fsLiteManager;
}
