modules/keycloak-protocol-cas

parent: be24027c | patch | commit | ignore whitespace

Andre Piantino

2023-01-18 b88dc318a53c0d36b2738decd689033dac7a215e

Improved event log

6 files modified

	src/main/java/org/keycloak/protocol/cas/CASLoginProtocol.java	19 ●●●●● patch \| view \| raw \| blame \| history
	src/main/java/org/keycloak/protocol/cas/CASLoginProtocolService.java	2 ●●●●● patch \| view \| raw \| blame \| history
	src/main/java/org/keycloak/protocol/cas/endpoints/AbstractValidateEndpoint.java	3 ●●●●● patch \| view \| raw \| blame \| history
	src/main/java/org/keycloak/protocol/cas/endpoints/AuthorizationEndpoint.java	2 ●●●●● patch \| view \| raw \| blame \| history
	src/main/java/org/keycloak/protocol/cas/endpoints/LogoutEndpoint.java	12 ●●●●● patch \| view \| raw \| blame \| history
	src/main/java/org/keycloak/protocol/cas/endpoints/ServiceValidateEndpoint.java	6 ●●●●● patch \| view \| raw \| blame \| history

 src/main/java/org/keycloak/protocol/cas/CASLoginProtocol.java

@@ -4,6 +4,7 @@
import org.jboss.logging.Logger;
import org.keycloak.common.util.KeycloakUriBuilder;
import org.keycloak.common.util.Time;
import org.keycloak.events.Details;
import org.keycloak.events.EventBuilder;
import org.keycloak.events.EventType;
import org.keycloak.forms.login.LoginFormsProvider;
@@ -162,16 +163,22 @@
    public Response finishBrowserLogout(UserSessionModel userSession, AuthenticationSessionModel logoutSession) {
        String redirectUri = userSession.getNote(CASLoginProtocol.LOGOUT_REDIRECT_URI);

        event.event(EventType.LOGOUT);
        event.user(userSession.getUser()).session(userSession).success();
        event.event(EventType.LOGOUT)
            .user(userSession.getUser())
            .session(userSession)
            .detail(Details.USERNAME, userSession.getUser().getUsername());

        if (redirectUri != null) {
            event.detail(Details.REDIRECT_URI, redirectUri);
            event.success();
            return Response.status(302).location(URI.create(redirectUri)).build();
        } else {
            LoginFormsProvider infoPage = session.getProvider(LoginFormsProvider.class).setSuccess("Logout successful");
            infoPage.setAttribute("skipLink", true);
            return infoPage.createInfoPage();
        }

        event.success();

        LoginFormsProvider infoPage = session.getProvider(LoginFormsProvider.class).setSuccess("Logout successful");
        infoPage.setAttribute("skipLink", true);
        return infoPage.createInfoPage();
    }

    @Override

 src/main/java/org/keycloak/protocol/cas/CASLoginProtocolService.java

@@ -42,7 +42,7 @@

    @Path("logout")
    public Object logout() {
        LogoutEndpoint endpoint = new LogoutEndpoint(realm, event);
        LogoutEndpoint endpoint = new LogoutEndpoint(realm);
        ResteasyProviderFactory.getInstance().injectProperties(endpoint);
        return endpoint;
    }

 src/main/java/org/keycloak/protocol/cas/endpoints/AbstractValidateEndpoint.java

@@ -3,6 +3,7 @@
import org.jboss.logging.Logger;
import org.jboss.resteasy.spi.HttpRequest;
import org.keycloak.common.ClientConnection;
import org.keycloak.events.Details;
import org.keycloak.events.Errors;
import org.keycloak.events.EventBuilder;
import org.keycloak.models.*;
@@ -62,6 +63,8 @@
            throw new CASValidationException(CASErrorCode.INVALID_REQUEST, "Missing parameter: " + CASLoginProtocol.SERVICE_PARAM, Response.Status.BAD_REQUEST);
        }

        event.detail(Details.REDIRECT_URI, service);

        client = realm.getClientsStream()
                .filter(c -> CASLoginProtocol.LOGIN_PROTOCOL.equals(c.getProtocol()))
                .filter(c -> RedirectUtils.verifyRedirectUri(session, service, c) != null)

 src/main/java/org/keycloak/protocol/cas/endpoints/AuthorizationEndpoint.java

@@ -76,6 +76,8 @@
            throw new ErrorPageException(session, Response.Status.BAD_REQUEST, Messages.MISSING_PARAMETER, CASLoginProtocol.SERVICE_PARAM);
        }

        event.detail(Details.REDIRECT_URI, service);

        client = realm.getClientsStream()
                .filter(c -> CASLoginProtocol.LOGIN_PROTOCOL.equals(c.getProtocol()))
                .filter(c -> RedirectUtils.verifyRedirectUri(session, service, c) != null)

 src/main/java/org/keycloak/protocol/cas/endpoints/LogoutEndpoint.java

@@ -4,7 +4,10 @@
import org.jboss.resteasy.annotations.cache.NoCache;
import org.jboss.resteasy.spi.HttpRequest;
import org.keycloak.common.ClientConnection;
import org.keycloak.events.Details;
import org.keycloak.events.Errors;
import org.keycloak.events.EventBuilder;
import org.keycloak.events.EventType;
import org.keycloak.models.ClientModel;
import org.keycloak.models.KeycloakSession;
import org.keycloak.models.RealmModel;
@@ -37,13 +40,11 @@
    private HttpHeaders headers;

    private RealmModel realm;
    private EventBuilder event;
    private ClientModel client;
    private String redirectUri;

    public LogoutEndpoint(RealmModel realm, EventBuilder event) {
    public LogoutEndpoint(RealmModel realm) {
        this.realm = realm;
        this.event = event;
    }

    @GET
@@ -55,7 +56,10 @@
        if (authResult != null) {
            UserSessionModel userSession = authResult.getSession();
            userSession.setNote(AuthenticationManager.KEYCLOAK_LOGOUT_PROTOCOL, CASLoginProtocol.LOGIN_PROTOCOL);
            if (redirectUri != null) userSession.setNote(CASLoginProtocol.LOGOUT_REDIRECT_URI, redirectUri);

            if (redirectUri != null) {
                userSession.setNote(CASLoginProtocol.LOGOUT_REDIRECT_URI, redirectUri);
            }

            logger.debug("Initiating CAS browser logout");
            Response response =  AuthenticationManager.browserLogout(session, realm, authResult.getSession(), session.getContext().getUri(), clientConnection, headers);

 src/main/java/org/keycloak/protocol/cas/endpoints/ServiceValidateEndpoint.java

@@ -2,19 +2,13 @@

import org.keycloak.events.EventBuilder;
import org.keycloak.models.*;
import org.keycloak.protocol.ProtocolMapper;
import org.keycloak.protocol.cas.mappers.CASAttributeMapper;
import org.keycloak.protocol.cas.representations.CASServiceResponse;
import org.keycloak.protocol.cas.utils.CASValidationException;
import org.keycloak.protocol.cas.utils.ContentTypeHelper;
import org.keycloak.protocol.cas.utils.ServiceResponseHelper;
import org.keycloak.services.managers.ClientSessionCode;
import org.keycloak.services.util.DefaultClientSessionContext;

import javax.ws.rs.core.*;
import java.util.HashMap;
import java.util.Map;
import java.util.Set;

public class ServiceValidateEndpoint extends ValidateEndpoint {
    @Context

			@@ -4,6 +4,7 @@
			import org.jboss.logging.Logger;
			import org.keycloak.common.util.KeycloakUriBuilder;
			import org.keycloak.common.util.Time;
			import org.keycloak.events.Details;
			import org.keycloak.events.EventBuilder;
			import org.keycloak.events.EventType;
			import org.keycloak.forms.login.LoginFormsProvider;
			@@ -162,16 +163,22 @@
			public Response finishBrowserLogout(UserSessionModel userSession, AuthenticationSessionModel logoutSession) {
			String redirectUri = userSession.getNote(CASLoginProtocol.LOGOUT_REDIRECT_URI);

			event.event(EventType.LOGOUT);
			event.user(userSession.getUser()).session(userSession).success();
			event.event(EventType.LOGOUT)
			.user(userSession.getUser())
			.session(userSession)
			.detail(Details.USERNAME, userSession.getUser().getUsername());

			if (redirectUri != null) {
			event.detail(Details.REDIRECT_URI, redirectUri);
			event.success();
			return Response.status(302).location(URI.create(redirectUri)).build();
			} else {
			LoginFormsProvider infoPage = session.getProvider(LoginFormsProvider.class).setSuccess("Logout successful");
			infoPage.setAttribute("skipLink", true);
			return infoPage.createInfoPage();
			}

			event.success();

			LoginFormsProvider infoPage = session.getProvider(LoginFormsProvider.class).setSuccess("Logout successful");
			infoPage.setAttribute("skipLink", true);
			return infoPage.createInfoPage();
			}

			@Override

			@@ -42,7 +42,7 @@

			@Path("logout")
			public Object logout() {
			LogoutEndpoint endpoint = new LogoutEndpoint(realm, event);
			LogoutEndpoint endpoint = new LogoutEndpoint(realm);
			ResteasyProviderFactory.getInstance().injectProperties(endpoint);
			return endpoint;
			}

			@@ -3,6 +3,7 @@
			import org.jboss.logging.Logger;
			import org.jboss.resteasy.spi.HttpRequest;
			import org.keycloak.common.ClientConnection;
			import org.keycloak.events.Details;
			import org.keycloak.events.Errors;
			import org.keycloak.events.EventBuilder;
			import org.keycloak.models.*;
			@@ -62,6 +63,8 @@
			throw new CASValidationException(CASErrorCode.INVALID_REQUEST, "Missing parameter: " + CASLoginProtocol.SERVICE_PARAM, Response.Status.BAD_REQUEST);
			}

			event.detail(Details.REDIRECT_URI, service);

			client = realm.getClientsStream()
			.filter(c -> CASLoginProtocol.LOGIN_PROTOCOL.equals(c.getProtocol()))
			.filter(c -> RedirectUtils.verifyRedirectUri(session, service, c) != null)

			@@ -76,6 +76,8 @@
			throw new ErrorPageException(session, Response.Status.BAD_REQUEST, Messages.MISSING_PARAMETER, CASLoginProtocol.SERVICE_PARAM);
			}

			event.detail(Details.REDIRECT_URI, service);

			client = realm.getClientsStream()
			.filter(c -> CASLoginProtocol.LOGIN_PROTOCOL.equals(c.getProtocol()))
			.filter(c -> RedirectUtils.verifyRedirectUri(session, service, c) != null)

			@@ -4,7 +4,10 @@
			import org.jboss.resteasy.annotations.cache.NoCache;
			import org.jboss.resteasy.spi.HttpRequest;
			import org.keycloak.common.ClientConnection;
			import org.keycloak.events.Details;
			import org.keycloak.events.Errors;
			import org.keycloak.events.EventBuilder;
			import org.keycloak.events.EventType;
			import org.keycloak.models.ClientModel;
			import org.keycloak.models.KeycloakSession;
			import org.keycloak.models.RealmModel;
			@@ -37,13 +40,11 @@
			private HttpHeaders headers;

			private RealmModel realm;
			private EventBuilder event;
			private ClientModel client;
			private String redirectUri;

			public LogoutEndpoint(RealmModel realm, EventBuilder event) {
			public LogoutEndpoint(RealmModel realm) {
			this.realm = realm;
			this.event = event;
			}

			@GET
			@@ -55,7 +56,10 @@
			if (authResult != null) {
			UserSessionModel userSession = authResult.getSession();
			userSession.setNote(AuthenticationManager.KEYCLOAK_LOGOUT_PROTOCOL, CASLoginProtocol.LOGIN_PROTOCOL);
			if (redirectUri != null) userSession.setNote(CASLoginProtocol.LOGOUT_REDIRECT_URI, redirectUri);

			if (redirectUri != null) {
			userSession.setNote(CASLoginProtocol.LOGOUT_REDIRECT_URI, redirectUri);
			}

			logger.debug("Initiating CAS browser logout");
			Response response = AuthenticationManager.browserLogout(session, realm, authResult.getSession(), session.getContext().getUri(), clientConnection, headers);

			@@ -2,19 +2,13 @@

			import org.keycloak.events.EventBuilder;
			import org.keycloak.models.*;
			import org.keycloak.protocol.ProtocolMapper;
			import org.keycloak.protocol.cas.mappers.CASAttributeMapper;
			import org.keycloak.protocol.cas.representations.CASServiceResponse;
			import org.keycloak.protocol.cas.utils.CASValidationException;
			import org.keycloak.protocol.cas.utils.ContentTypeHelper;
			import org.keycloak.protocol.cas.utils.ServiceResponseHelper;
			import org.keycloak.services.managers.ClientSessionCode;
			import org.keycloak.services.util.DefaultClientSessionContext;

			import javax.ws.rs.core.*;
			import java.util.HashMap;
			import java.util.Map;
			import java.util.Set;

			public class ServiceValidateEndpoint extends ValidateEndpoint {
			@Context