From 32997b7c31fc3b27a8df6911e0f8e8e1bcc58437 Mon Sep 17 00:00:00 2001
From: Jakub Malinowski <jakub@malinowski.net.pl>
Date: Wed, 30 Oct 2024 09:05:21 +0000
Subject: [PATCH] #129 Client session note service ticket fix

---
 src/main/java/org/keycloak/protocol/cas/CASLoginProtocol.java                   |    4 ++--
 src/main/java/org/keycloak/protocol/cas/endpoints/AbstractValidateEndpoint.java |    2 +-
 2 files changed, 3 insertions(+), 3 deletions(-)

diff --git a/src/main/java/org/keycloak/protocol/cas/CASLoginProtocol.java b/src/main/java/org/keycloak/protocol/cas/CASLoginProtocol.java
index 7e9d797..3961cfa 100644
--- a/src/main/java/org/keycloak/protocol/cas/CASLoginProtocol.java
+++ b/src/main/java/org/keycloak/protocol/cas/CASLoginProtocol.java
@@ -44,7 +44,7 @@
     public static final String PROXY_GRANTING_TICKET_IOU_PREFIX = "PGTIOU-";
     public static final String PROXY_GRANTING_TICKET_PREFIX = "PGT-";
     public static final String PROXY_TICKET_PREFIX = "PT-";
-    public static final String SESSION_SERVICE_TICKET = "service_ticket";
+    public static final String SESSION_TICKET = "service_ticket";
 
     public static final String LOGOUT_REDIRECT_URI = "CAS_LOGOUT_REDIRECT_URI";
 
@@ -142,7 +142,7 @@
     @Override
     public Response backchannelLogout(UserSessionModel userSession, AuthenticatedClientSessionModel clientSession) {
         String logoutUrl = clientSession.getRedirectUri();
-        String serviceTicket = clientSession.getNote(CASLoginProtocol.SESSION_SERVICE_TICKET);
+        String serviceTicket = clientSession.getNote(CASLoginProtocol.SESSION_TICKET);
         //check if session is fully authenticated (i.e. serviceValidate has been called)
         if (serviceTicket != null && !serviceTicket.isEmpty()) {
             sendSingleLogoutRequest(logoutUrl, serviceTicket);
diff --git a/src/main/java/org/keycloak/protocol/cas/endpoints/AbstractValidateEndpoint.java b/src/main/java/org/keycloak/protocol/cas/endpoints/AbstractValidateEndpoint.java
index e166bb0..54f05ca 100644
--- a/src/main/java/org/keycloak/protocol/cas/endpoints/AbstractValidateEndpoint.java
+++ b/src/main/java/org/keycloak/protocol/cas/endpoints/AbstractValidateEndpoint.java
@@ -151,7 +151,7 @@
             throw new CASValidationException(CASErrorCode.INVALID_TICKET, "Code is expired", Response.Status.BAD_REQUEST);
         }
 
-        clientSession.setNote(prefix, ticket);
+        clientSession.setNote(CASLoginProtocol.SESSION_TICKET, ticket);
 
         if (requireReauth && AuthenticationManager.isSSOAuthentication(clientSession)) {
             event.error(Errors.SESSION_EXPIRED);

--
Gitblit v1.9.1