mirror of https://github.com/jacekkow/keycloak-protocol-cas

Matthias Piepkorn
2017-01-27 2e3b4dea824af204c49ee3310896faf6d107a8c8
commit | author | age
7f7e0c 1 package org.keycloak.protocol.cas;
MP 2
3 import org.keycloak.common.util.KeycloakUriBuilder;
4 import org.keycloak.events.EventBuilder;
5 import org.keycloak.events.EventType;
6 import org.keycloak.models.*;
7 import org.keycloak.protocol.LoginProtocol;
8 import org.keycloak.services.managers.ClientSessionCode;
9 import org.keycloak.services.managers.ResourceAdminManager;
10
11 import javax.ws.rs.core.HttpHeaders;
12 import javax.ws.rs.core.Response;
13 import javax.ws.rs.core.UriInfo;
14 import java.net.URI;
15
16 public class CASLoginProtocol implements LoginProtocol {
17     public static final String LOGIN_PROTOCOL = "cas";
18
19     public static final String SERVICE_PARAM = "service";
20     public static final String RENEW_PARAM = "renew";
21     public static final String GATEWAY_PARAM = "gateway";
22     public static final String TICKET_PARAM = "ticket";
23     public static final String FORMAT_PARAM = "format";
24
25     public static final String TICKET_RESPONSE_PARAM = "ticket";
26
27     public static final String SERVICE_TICKET_PREFIX = "ST-";
28
29     protected KeycloakSession session;
30     protected RealmModel realm;
31     protected UriInfo uriInfo;
32     protected HttpHeaders headers;
33     protected EventBuilder event;
34     private boolean requireReauth;
35
36     public CASLoginProtocol(KeycloakSession session, RealmModel realm, UriInfo uriInfo, HttpHeaders headers, EventBuilder event, boolean requireReauth) {
37         this.session = session;
38         this.realm = realm;
39         this.uriInfo = uriInfo;
40         this.headers = headers;
41         this.event = event;
42         this.requireReauth = requireReauth;
43     }
44
45     public CASLoginProtocol() {
46     }
47
48     @Override
49     public CASLoginProtocol setSession(KeycloakSession session) {
50         this.session = session;
51         return this;
52     }
53
54     @Override
55     public CASLoginProtocol setRealm(RealmModel realm) {
56         this.realm = realm;
57         return this;
58     }
59
60     @Override
61     public CASLoginProtocol setUriInfo(UriInfo uriInfo) {
62         this.uriInfo = uriInfo;
63         return this;
64     }
65
66     @Override
67     public CASLoginProtocol setHttpHeaders(HttpHeaders headers) {
68         this.headers = headers;
69         return this;
70     }
71
72     @Override
73     public CASLoginProtocol setEventBuilder(EventBuilder event) {
74         this.event = event;
75         return this;
76     }
77
78     @Override
79     public Response authenticated(UserSessionModel userSession, ClientSessionCode accessCode) {
80         ClientSessionModel clientSession = accessCode.getClientSession();
81
82         String service = clientSession.getRedirectUri();
83         //TODO validate service
84         accessCode.setAction(ClientSessionModel.Action.CODE_TO_TOKEN.name());
85         KeycloakUriBuilder uriBuilder = KeycloakUriBuilder.fromUri(service);
86         uriBuilder.queryParam(TICKET_RESPONSE_PARAM, SERVICE_TICKET_PREFIX + accessCode.getCode());
87
88         URI redirectUri = uriBuilder.build();
89
90         Response.ResponseBuilder location = Response.status(302).location(redirectUri);
91         return location.build();
92     }
93
94     @Override
95     public Response sendError(ClientSessionModel clientSession, Error error) {
96         return Response.serverError().entity(error).build();
97     }
98
99     @Override
100     public void backchannelLogout(UserSessionModel userSession, ClientSessionModel clientSession) {
101         ClientModel client = clientSession.getClient();
102         new ResourceAdminManager(session).logoutClientSession(uriInfo.getRequestUri(), realm, client, clientSession);
103     }
104
105     @Override
106     public Response frontchannelLogout(UserSessionModel userSession, ClientSessionModel clientSession) {
107         // todo oidc redirect support
108         throw new RuntimeException("NOT IMPLEMENTED");
109     }
110
111     @Override
112     public Response finishLogout(UserSessionModel userSession) {
113         event.event(EventType.LOGOUT);
114         event.user(userSession.getUser()).session(userSession).success();
115         return Response.ok().build();
116     }
117
118     @Override
119     public boolean requireReauthentication(UserSessionModel userSession, ClientSessionModel clientSession) {
120         return requireReauth;
121     }
122
123     @Override
124     public void close() {
125
126     }
127 }