commit | author | age
|
7f7e0c
|
1 |
package org.keycloak.protocol.cas.endpoints; |
MP |
2 |
|
fdb9f6
|
3 |
import jakarta.ws.rs.GET; |
JK |
4 |
import jakarta.ws.rs.core.MediaType; |
|
5 |
import jakarta.ws.rs.core.MultivaluedMap; |
|
6 |
import jakarta.ws.rs.core.Response; |
7f7e0c
|
7 |
import org.jboss.resteasy.annotations.cache.NoCache; |
MP |
8 |
import org.keycloak.events.EventBuilder; |
|
9 |
import org.keycloak.events.EventType; |
ceed8f
|
10 |
import org.keycloak.models.KeycloakSession; |
74023a
|
11 |
import org.keycloak.models.RealmModel; |
7f7e0c
|
12 |
import org.keycloak.protocol.cas.CASLoginProtocol; |
352436
|
13 |
import org.keycloak.protocol.cas.utils.CASValidationException; |
7f7e0c
|
14 |
|
74023a
|
15 |
public class ValidateEndpoint extends AbstractValidateEndpoint { |
7f7e0c
|
16 |
|
MP |
17 |
private static final String RESPONSE_OK = "yes\n"; |
|
18 |
private static final String RESPONSE_FAILED = "no\n"; |
|
19 |
|
ceed8f
|
20 |
public ValidateEndpoint(KeycloakSession session, RealmModel realm, EventBuilder event) { |
JK |
21 |
super(session, realm, event); |
7f7e0c
|
22 |
} |
MP |
23 |
|
|
24 |
@GET |
|
25 |
@NoCache |
|
26 |
public Response build() { |
dee145
|
27 |
MultivaluedMap<String, String> params = session.getContext().getUri().getQueryParameters(); |
7f7e0c
|
28 |
String service = params.getFirst(CASLoginProtocol.SERVICE_PARAM); |
5d7080
|
29 |
String pgtUrl = params.getFirst(CASLoginProtocol.PGTURL_PARAM); |
7f7e0c
|
30 |
String ticket = params.getFirst(CASLoginProtocol.TICKET_PARAM); |
7124d2
|
31 |
boolean renew = params.containsKey(CASLoginProtocol.RENEW_PARAM); |
7f7e0c
|
32 |
|
MP |
33 |
event.event(EventType.CODE_TO_TOKEN); |
|
34 |
|
|
35 |
try { |
|
36 |
checkSsl(); |
|
37 |
checkRealm(); |
|
38 |
checkClient(service); |
|
39 |
|
5d7080
|
40 |
checkTicket(ticket, CASLoginProtocol.SERVICE_TICKET_PREFIX, renew); |
ARW |
41 |
|
|
42 |
if (pgtUrl != null) createProxyGrant(pgtUrl); |
7f7e0c
|
43 |
|
MP |
44 |
event.success(); |
|
45 |
return successResponse(); |
352436
|
46 |
} catch (CASValidationException e) { |
7f7e0c
|
47 |
return errorResponse(e); |
MP |
48 |
} |
|
49 |
} |
|
50 |
|
|
51 |
protected Response successResponse() { |
e3e192
|
52 |
String response = RESPONSE_OK + clientSession.getUserSession().getUser().getUsername() + "\n"; |
JK |
53 |
return Response.ok(response).type(MediaType.TEXT_PLAIN).build(); |
7f7e0c
|
54 |
} |
MP |
55 |
|
352436
|
56 |
protected Response errorResponse(CASValidationException e) { |
MP |
57 |
return Response.status(e.getStatus()).entity(RESPONSE_FAILED).type(MediaType.TEXT_PLAIN).build(); |
7f7e0c
|
58 |
} |
MP |
59 |
|
|
60 |
} |