-
-
Notifications
You must be signed in to change notification settings - Fork 31
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Proxy ticket service and proxy ticket validation
Proxy endpoints improvements suggested by Jacek Kowalski Add ticket type to storage key Rename isreuse to isReusable Remove "parsing" of "codeUUID" that is String, not UUID Improve error reporting in CAS ticket validation
- Loading branch information
1 parent
bedb96a
commit 755fd78
Showing
17 changed files
with
366 additions
and
45 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
57 changes: 57 additions & 0 deletions
57
src/main/java/org/keycloak/protocol/cas/endpoints/ProxyEndpoint.java
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,57 @@ | ||
package org.keycloak.protocol.cas.endpoints; | ||
|
||
import jakarta.ws.rs.GET; | ||
import jakarta.ws.rs.core.MediaType; | ||
import jakarta.ws.rs.core.MultivaluedMap; | ||
import jakarta.ws.rs.core.Response; | ||
import org.jboss.resteasy.annotations.cache.NoCache; | ||
import org.keycloak.events.EventBuilder; | ||
import org.keycloak.events.EventType; | ||
import org.keycloak.models.*; | ||
import org.keycloak.protocol.cas.CASLoginProtocol; | ||
import org.keycloak.protocol.cas.representations.CASServiceResponse; | ||
import org.keycloak.protocol.cas.utils.CASValidationException; | ||
import org.keycloak.protocol.cas.utils.ContentTypeHelper; | ||
import org.keycloak.protocol.cas.utils.ServiceResponseHelper; | ||
|
||
public class ProxyEndpoint extends AbstractValidateEndpoint { | ||
|
||
public ProxyEndpoint(KeycloakSession session, RealmModel realm, EventBuilder event) { | ||
super(session, realm, event); | ||
} | ||
|
||
@GET | ||
@NoCache | ||
public Response build() { | ||
MultivaluedMap<String, String> params = session.getContext().getUri().getQueryParameters(); | ||
String targetService = params.getFirst(CASLoginProtocol.TARGET_SERVICE_PARAM); | ||
String pgt = params.getFirst(CASLoginProtocol.PGT_PARAM); | ||
|
||
event.event(EventType.CODE_TO_TOKEN); | ||
|
||
try { | ||
checkSsl(); | ||
checkRealm(); | ||
checkTicket(pgt, CASLoginProtocol.PROXY_GRANTING_TICKET_PREFIX, false); | ||
event.success(); | ||
return successResponse(getPT(this.session, clientSession, targetService)); | ||
} catch (CASValidationException e) { | ||
return errorResponse(e); | ||
} | ||
} | ||
|
||
protected Response successResponse(String pt) { | ||
CASServiceResponse serviceResponse = ServiceResponseHelper.createProxySuccess(pt); | ||
return prepare(Response.Status.OK, serviceResponse); | ||
} | ||
|
||
protected Response errorResponse(CASValidationException e) { | ||
CASServiceResponse serviceResponse = ServiceResponseHelper.createProxyFailure(e.getError(), e.getErrorDescription()); | ||
return prepare(e.getStatus(), serviceResponse); | ||
} | ||
|
||
private Response prepare(Response.Status status, CASServiceResponse serviceResponse) { | ||
MediaType responseMediaType = new ContentTypeHelper(session.getContext().getUri()).selectResponseType(); | ||
return ServiceResponseHelper.createResponse(status, responseMediaType, serviceResponse); | ||
} | ||
} |
Oops, something went wrong.