mirror of https://github.com/jacekkow/keycloak-protocol-cas

Nithe14
2 days ago 7bc48f59e745e5e6098fdde7d838feeb4d93f2a8
src/main/java/org/keycloak/protocol/cas/CASLoginProtocol.java
@@ -11,6 +11,7 @@
import org.keycloak.events.EventType;
import org.keycloak.forms.login.LoginFormsProvider;
import org.keycloak.models.*;
import org.keycloak.protocol.ClientData;
import org.keycloak.protocol.LoginProtocol;
import org.keycloak.protocol.cas.endpoints.AbstractValidateEndpoint;
import org.keycloak.protocol.cas.utils.LogoutHelper;
@@ -43,7 +44,7 @@
    public static final String PROXY_GRANTING_TICKET_IOU_PREFIX = "PGTIOU-";
    public static final String PROXY_GRANTING_TICKET_PREFIX = "PGT-";
    public static final String PROXY_TICKET_PREFIX = "PT-";
    public static final String SESSION_SERVICE_TICKET = "service_ticket";
    public static final String SESSION_TICKET = "service_ticket";
    public static final String LOGOUT_REDIRECT_URI = "CAS_LOGOUT_REDIRECT_URI";
@@ -119,7 +120,7 @@
    }
    @Override
    public Response sendError(AuthenticationSessionModel authSession, Error error) {
    public Response sendError(AuthenticationSessionModel authSession, Error error, String errorMessage) {
        if (authSession.getClientNotes().containsKey(CASLoginProtocol.GATEWAY_PARAM)) {
            if (error == Error.PASSIVE_INTERACTION_REQUIRED || error == Error.PASSIVE_LOGIN_REQUIRED) {
                return Response.status(302).location(URI.create(authSession.getRedirectUri())).build();
@@ -129,9 +130,19 @@
    }
    @Override
    public ClientData getClientData(AuthenticationSessionModel authSession) {
        return new ClientData(authSession.getRedirectUri(), null, null, null);
    }
    @Override
    public Response sendError(ClientModel clientModel, ClientData clientData, Error error) {
        return null;
    }
    @Override
    public Response backchannelLogout(UserSessionModel userSession, AuthenticatedClientSessionModel clientSession) {
        String logoutUrl = clientSession.getRedirectUri();
        String serviceTicket = clientSession.getNote(CASLoginProtocol.SESSION_SERVICE_TICKET);
        String serviceTicket = clientSession.getNote(CASLoginProtocol.SESSION_TICKET);
        //check if session is fully authenticated (i.e. serviceValidate has been called)
        if (serviceTicket != null && !serviceTicket.isEmpty()) {
            sendSingleLogoutRequest(logoutUrl, serviceTicket);