mirror of https://github.com/jacekkow/keycloak-protocol-cas
blame | history | patch | commit | commitdiff | ignore whitespace
Laurent Meunier
2024-06-11 655123c67bbcb1c2e3d56f3b56942d82b430112c 
 src/main/java/org/keycloak/protocol/cas/CASLoginProtocol.java


@@ -6,23 +6,20 @@


import org.apache.http.HttpEntity;


import org.jboss.logging.Logger;


import org.keycloak.common.util.KeycloakUriBuilder;


import org.keycloak.common.util.Time;


import org.keycloak.events.Details;


import org.keycloak.events.EventBuilder;


import org.keycloak.events.EventType;


import org.keycloak.forms.login.LoginFormsProvider;


import org.keycloak.models.*;


import org.keycloak.protocol.LoginProtocol;


import org.keycloak.protocol.cas.endpoints.AbstractValidateEndpoint;


import org.keycloak.protocol.cas.utils.LogoutHelper;


import org.keycloak.protocol.oidc.utils.OAuth2Code;


import org.keycloak.protocol.oidc.utils.OAuth2CodeParser;


import org.keycloak.services.ErrorPage;


import org.keycloak.services.managers.ResourceAdminManager;


import org.keycloak.sessions.AuthenticationSessionModel;




import java.io.IOException;


import java.net.URI;


import java.util.UUID;




public class CASLoginProtocol implements LoginProtocol {


    private static final Logger logger = Logger.getLogger(CASLoginProtocol.class);


@@ -35,11 +32,17 @@


    public static final String GATEWAY_PARAM = "gateway";


    public static final String TICKET_PARAM = "ticket";


    public static final String FORMAT_PARAM = "format";


    public static final String PGTURL_PARAM = "pgtUrl";


    public static final String TARGET_SERVICE_PARAM = "targetService";


    public static final String PGT_PARAM = "pgt";




    public static final String TICKET_RESPONSE_PARAM = "ticket";


    public static final String SAMLART_RESPONSE_PARAM = "SAMLart";




    public static final String SERVICE_TICKET_PREFIX = "ST-";


    public static final String PROXY_GRANTING_TICKET_IOU_PREFIX = "PGTIOU-";


    public static final String PROXY_GRANTING_TICKET_PREFIX = "PGT-";


    public static final String PROXY_TICKET_PREFIX = "PT-";


    public static final String SESSION_SERVICE_TICKET = "service_ticket";




    public static final String LOGOUT_REDIRECT_URI = "CAS_LOGOUT_REDIRECT_URI";


@@ -98,15 +101,9 @@


        String service = authSession.getRedirectUri();


        //TODO validate service




        OAuth2Code codeData = new OAuth2Code(UUID.randomUUID().toString(),


                Time.currentTime() + userSession.getRealm().getAccessCodeLifespan(),


                null, null, authSession.getRedirectUri(), null, null,


                userSession.getId());


        String code = OAuth2CodeParser.persistCode(session, clientSession, codeData);




        KeycloakUriBuilder uriBuilder = KeycloakUriBuilder.fromUri(service);




        String loginTicket = SERVICE_TICKET_PREFIX + code;


        String loginTicket = AbstractValidateEndpoint.getST(session, clientSession, service);




        if (authSession.getClientNotes().containsKey(CASLoginProtocol.TARGET_PARAM)) {


            // This was a SAML 1.1 auth request so return the ticket ID as "SAMLart" instead of "ticket"


@@ -140,8 +137,7 @@


            sendSingleLogoutRequest(logoutUrl, serviceTicket);


        }


        ClientModel client = clientSession.getClient();


        new ResourceAdminManager(session).logoutClientSession(realm, client, clientSession);


        return Response.ok().build();


        return new ResourceAdminManager(session).logoutClientSession(realm, client, clientSession);


    }




    private void sendSingleLogoutRequest(String logoutUrl, String serviceTicket) {