mirror of https://github.com/jacekkow/keycloak-protocol-cas
view | history | commit | commitdiff
Matthias Piepkorn
2017-01-29 7124d21d6c61cd510d93a888f53802de910f4d64
commit | author | age
7f7e0c 1 package org.keycloak.protocol.cas;
MP 2
3 import org.keycloak.common.util.KeycloakUriBuilder;
4 import org.keycloak.events.EventBuilder;
5 import org.keycloak.events.EventType;
6 import org.keycloak.models.*;
7 import org.keycloak.protocol.LoginProtocol;
8 import org.keycloak.services.managers.ClientSessionCode;
9 import org.keycloak.services.managers.ResourceAdminManager;
10
11 import javax.ws.rs.core.HttpHeaders;
12 import javax.ws.rs.core.Response;
13 import javax.ws.rs.core.UriInfo;
14 import java.net.URI;
15
16 public class CASLoginProtocol implements LoginProtocol {
17     public static final String LOGIN_PROTOCOL = "cas";
18
19     public static final String SERVICE_PARAM = "service";
20     public static final String RENEW_PARAM = "renew";
21     public static final String GATEWAY_PARAM = "gateway";
22     public static final String TICKET_PARAM = "ticket";
23     public static final String FORMAT_PARAM = "format";
24
25     public static final String TICKET_RESPONSE_PARAM = "ticket";
26
27     public static final String SERVICE_TICKET_PREFIX = "ST-";
28
29     protected KeycloakSession session;
30     protected RealmModel realm;
31     protected UriInfo uriInfo;
32     protected HttpHeaders headers;
33     protected EventBuilder event;
34
7124d2 35     public CASLoginProtocol(KeycloakSession session, RealmModel realm, UriInfo uriInfo, HttpHeaders headers, EventBuilder event) {
7f7e0c 36         this.session = session;
MP 37         this.realm = realm;
38         this.uriInfo = uriInfo;
39         this.headers = headers;
40         this.event = event;
41     }
42
43     public CASLoginProtocol() {
44     }
45
46     @Override
47     public CASLoginProtocol setSession(KeycloakSession session) {
48         this.session = session;
49         return this;
50     }
51
52     @Override
53     public CASLoginProtocol setRealm(RealmModel realm) {
54         this.realm = realm;
55         return this;
56     }
57
58     @Override
59     public CASLoginProtocol setUriInfo(UriInfo uriInfo) {
60         this.uriInfo = uriInfo;
61         return this;
62     }
63
64     @Override
65     public CASLoginProtocol setHttpHeaders(HttpHeaders headers) {
66         this.headers = headers;
67         return this;
68     }
69
70     @Override
71     public CASLoginProtocol setEventBuilder(EventBuilder event) {
72         this.event = event;
73         return this;
74     }
75
76     @Override
77     public Response authenticated(UserSessionModel userSession, ClientSessionCode accessCode) {
78         ClientSessionModel clientSession = accessCode.getClientSession();
79
80         String service = clientSession.getRedirectUri();
81         //TODO validate service
82         accessCode.setAction(ClientSessionModel.Action.CODE_TO_TOKEN.name());
83         KeycloakUriBuilder uriBuilder = KeycloakUriBuilder.fromUri(service);
84         uriBuilder.queryParam(TICKET_RESPONSE_PARAM, SERVICE_TICKET_PREFIX + accessCode.getCode());
85
86         URI redirectUri = uriBuilder.build();
87
88         Response.ResponseBuilder location = Response.status(302).location(redirectUri);
89         return location.build();
90     }
91
92     @Override
93     public Response sendError(ClientSessionModel clientSession, Error error) {
94         return Response.serverError().entity(error).build();
95     }
96
97     @Override
98     public void backchannelLogout(UserSessionModel userSession, ClientSessionModel clientSession) {
99         ClientModel client = clientSession.getClient();
100         new ResourceAdminManager(session).logoutClientSession(uriInfo.getRequestUri(), realm, client, clientSession);
101     }
102
103     @Override
104     public Response frontchannelLogout(UserSessionModel userSession, ClientSessionModel clientSession) {
105         // todo oidc redirect support
106         throw new RuntimeException("NOT IMPLEMENTED");
107     }
108
109     @Override
110     public Response finishLogout(UserSessionModel userSession) {
111         event.event(EventType.LOGOUT);
112         event.user(userSession.getUser()).session(userSession).success();
113         return Response.ok().build();
114     }
115
116     @Override
117     public boolean requireReauthentication(UserSessionModel userSession, ClientSessionModel clientSession) {
7124d2 118         return "true".equals(clientSession.getNote(CASLoginProtocol.RENEW_PARAM));
7f7e0c 119     }
MP 120
121     @Override
122     public void close() {
123
124     }
125 }