@Override public void configureLogoutExecutionPlan(final LogoutExecutionPlan plan) { plan.registerSingleLogoutServiceMessageHandler(defaultSingleLogoutServiceMessageHandler()); if (casProperties.getLogout().isRemoveDescendantTickets()) { LOGGER.debug("CAS is configured to remove descendant tickets of the ticket-granting tickets"); plan.registerLogoutPostProcessor(ticketGrantingTicket -> ticketGrantingTicket.getDescendantTickets() .forEach(t -> { LOGGER.debug("Deleting ticket [{}] from the registry as a descendant of [{}]", t, ticketGrantingTicket.getId()); ticketRegistry.getObject().deleteTicket(t); })); } } }
@Bean @ConditionalOnMissingBean(name = "accessTokenExpirationPolicy") public ExpirationPolicy accessTokenExpirationPolicy() { val oauth = casProperties.getAuthn().getOauth().getAccessToken(); if (casProperties.getLogout().isRemoveDescendantTickets()) { return new OAuthAccessTokenExpirationPolicy( Beans.newDuration(oauth.getMaxTimeToLiveInSeconds()).getSeconds(), Beans.newDuration(oauth.getTimeToKillInSeconds()).getSeconds() ); } return new OAuthAccessTokenExpirationPolicy.OAuthAccessTokenSovereignExpirationPolicy( Beans.newDuration(oauth.getMaxTimeToLiveInSeconds()).getSeconds(), Beans.newDuration(oauth.getTimeToKillInSeconds()).getSeconds() ); }
private ExpirationPolicy refreshTokenExpirationPolicy() { val rtProps = casProperties.getAuthn().getOauth().getRefreshToken(); val timeout = Beans.newDuration(rtProps.getTimeToKillInSeconds()).getSeconds(); if (casProperties.getLogout().isRemoveDescendantTickets()) { return new OAuthRefreshTokenExpirationPolicy(timeout); } return new OAuthRefreshTokenExpirationPolicy.OAuthRefreshTokenSovereignExpirationPolicy(timeout); }
if (casProperties.getLogout().isRemoveDescendantTickets()) { val ticketGrantingTicket = accessTokenTicket.getTicketGrantingTicket(); if (ticketGrantingTicket == null || ticketGrantingTicket.isExpired()) {