org.apereo.cas.config.TokenCoreConfiguration.tokenCipherExecutor() - Code Metrics - Inspection of "Merge branch 'master' of github.com:apereo/cas" - apereo/cas - Measure and Improve Code Quality continuously with Scrutinizer

Test Failed

Push — master ( ae929a...e281c0 )

by Misagh

created 2017-11-02 22:23 UTC

tokenCipherExecutor() B

↳ Parent: org.apereo.cas.config.TokenCoreConfiguration

Complexity

Conditions

Size

Total Lines

Duplication

Lines	0
Ratio	0 %

Importance

Changes

Metric	Value
dl	0
loc	21
c	0
b	0
f	0
cc	5
rs	8.439

package org.apereo.cas.config;

import org.apache.commons.lang3.StringUtils;
import org.apereo.cas.CipherExecutor;
import org.apereo.cas.configuration.CasConfigurationProperties;
import org.apereo.cas.configuration.model.core.util.EncryptionOptionalSigningJwtCryptographyProperties;
import org.apereo.cas.ticket.ExpirationPolicy;
import org.apereo.cas.token.JWTTokenTicketBuilder;
import org.apereo.cas.token.TokenTicketBuilder;
import org.apereo.cas.token.cipher.TokenTicketCipherExecutor;
import org.apereo.cas.util.cipher.NoOpCipherExecutor;
import org.jasig.cas.client.validation.AbstractUrlBasedTicketValidator;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.beans.factory.annotation.Qualifier;
import org.springframework.boot.autoconfigure.AutoConfigureOrder;
import org.springframework.boot.autoconfigure.condition.ConditionalOnMissingBean;
import org.springframework.boot.context.properties.EnableConfigurationProperties;
import org.springframework.cloud.context.config.annotation.RefreshScope;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.core.Ordered;

/**
 * This is {@link TokenCoreConfiguration}.
 *
 * @author Misagh Moayyed
 * @since 5.0.0
 */
@Configuration("tokenCoreConfiguration")
@EnableConfigurationProperties(CasConfigurationProperties.class)
@AutoConfigureOrder(Ordered.HIGHEST_PRECEDENCE)
public class TokenCoreConfiguration {
    private static final Logger LOGGER = LoggerFactory.getLogger(TokenCoreConfiguration.class);
    
    @Autowired
    private CasConfigurationProperties casProperties;

    @Autowired
    @Qualifier("casClientTicketValidator")
    private AbstractUrlBasedTicketValidator casClientTicketValidator;

    @Autowired
    @Qualifier("grantingTicketExpirationPolicy")
    private ExpirationPolicy grantingTicketExpirationPolicy;

    @Bean
    @RefreshScope
    @ConditionalOnMissingBean(name = "tokenCipherExecutor")
    public CipherExecutor tokenCipherExecutor() {
        final EncryptionOptionalSigningJwtCryptographyProperties crypto = casProperties.getAuthn().getToken().getCrypto();
        boolean enabled = crypto.isEnabled();
        if (!enabled && (StringUtils.isNotBlank(crypto.getEncryption().getKey())) && StringUtils.isNotBlank(crypto.getSigning().getKey())) {
            LOGGER.warn("Token encryption/signing is not enabled explicitly in the configuration, yet signing/encryption keys "
                    + "are defined for operations. CAS will proceed to enable the token encryption/signing functionality.");
            enabled = true;
        }
        
        if (enabled) {
            return new TokenTicketCipherExecutor(crypto.getEncryption().getKey(),
                    crypto.getSigning().getKey(),
                    crypto.getAlg(), crypto.isEncryptionEnabled());
        }
        LOGGER.info("Token cookie encryption/signing is turned off. This "
                + "MAY NOT be safe in a production environment. Consider using other choices to handle encryption, "
                + "signing and verification of generated tokens.");
        return NoOpCipherExecutor.getInstance();
    }

    @RefreshScope
    @Bean
    @ConditionalOnMissingBean(name = "tokenTicketBuilder")
    public TokenTicketBuilder tokenTicketBuilder() {
        return new JWTTokenTicketBuilder(casClientTicketValidator,
                casProperties.getServer().getPrefix(),
                tokenCipherExecutor(),
                grantingTicketExpirationPolicy);
    }
}


1			package org.apereo.cas.config;
2
3			import org.apache.commons.lang3.StringUtils;
4			import org.apereo.cas.CipherExecutor;
5			import org.apereo.cas.configuration.CasConfigurationProperties;
6			import org.apereo.cas.configuration.model.core.util.EncryptionOptionalSigningJwtCryptographyProperties;
7			import org.apereo.cas.ticket.ExpirationPolicy;
8			import org.apereo.cas.token.JWTTokenTicketBuilder;
9			import org.apereo.cas.token.TokenTicketBuilder;
10			import org.apereo.cas.token.cipher.TokenTicketCipherExecutor;
11			import org.apereo.cas.util.cipher.NoOpCipherExecutor;
12			import org.jasig.cas.client.validation.AbstractUrlBasedTicketValidator;
13			import org.slf4j.Logger;
14			import org.slf4j.LoggerFactory;
15			import org.springframework.beans.factory.annotation.Autowired;
16			import org.springframework.beans.factory.annotation.Qualifier;
17			import org.springframework.boot.autoconfigure.AutoConfigureOrder;
18			import org.springframework.boot.autoconfigure.condition.ConditionalOnMissingBean;
19			import org.springframework.boot.context.properties.EnableConfigurationProperties;
20			import org.springframework.cloud.context.config.annotation.RefreshScope;
21			import org.springframework.context.annotation.Bean;
22			import org.springframework.context.annotation.Configuration;
23			import org.springframework.core.Ordered;
24
25			/**
26			* This is {@link TokenCoreConfiguration}.
27			*
28			* @author Misagh Moayyed
29			* @since 5.0.0
30			*/
31			@Configuration("tokenCoreConfiguration")
32			@EnableConfigurationProperties(CasConfigurationProperties.class)
33			@AutoConfigureOrder(Ordered.HIGHEST_PRECEDENCE)
34			public class TokenCoreConfiguration {
35			private static final Logger LOGGER = LoggerFactory.getLogger(TokenCoreConfiguration.class);
36
37			@Autowired
38			private CasConfigurationProperties casProperties;
39
40			@Autowired
41			@Qualifier("casClientTicketValidator")
42			private AbstractUrlBasedTicketValidator casClientTicketValidator;
43
44			@Autowired
45			@Qualifier("grantingTicketExpirationPolicy")
46			private ExpirationPolicy grantingTicketExpirationPolicy;
47
48			@Bean
49			@RefreshScope
50			@ConditionalOnMissingBean(name = "tokenCipherExecutor")
51			public CipherExecutor tokenCipherExecutor() {
52			final EncryptionOptionalSigningJwtCryptographyProperties crypto = casProperties.getAuthn().getToken().getCrypto();
53			boolean enabled = crypto.isEnabled();
54			if (!enabled && (StringUtils.isNotBlank(crypto.getEncryption().getKey())) && StringUtils.isNotBlank(crypto.getSigning().getKey())) {
55			LOGGER.warn("Token encryption/signing is not enabled explicitly in the configuration, yet signing/encryption keys "
56			+ "are defined for operations. CAS will proceed to enable the token encryption/signing functionality.");
57			enabled = true;
58			}
59
60			if (enabled) {
61			return new TokenTicketCipherExecutor(crypto.getEncryption().getKey(),
62			crypto.getSigning().getKey(),
63			crypto.getAlg(), crypto.isEncryptionEnabled());
64			}
65			LOGGER.info("Token cookie encryption/signing is turned off. This "
66			+ "MAY NOT be safe in a production environment. Consider using other choices to handle encryption, "
67			+ "signing and verification of generated tokens.");
68			return NoOpCipherExecutor.getInstance();
69			}
70
71			@RefreshScope
72			@Bean
73			@ConditionalOnMissingBean(name = "tokenTicketBuilder")
74			public TokenTicketBuilder tokenTicketBuilder() {
75			return new JWTTokenTicketBuilder(casClientTicketValidator,
76			casProperties.getServer().getPrefix(),
77			tokenCipherExecutor(),
78			grantingTicketExpirationPolicy);
79			}
80			}
81

apereo / cas

Push — master ( ae929a...e281c0 )

tokenCipherExecutor() B

Complexity

Size

Duplication

Importance

Duplication Side-by-Side

Filter issues like