From 755fd78fa0ee0f2a67417a119382c63e02c1091e Mon Sep 17 00:00:00 2001
From: Alexandre Rocha Wendling <alexandrerw@celepar.pr.gov.br>
Date: Tue, 16 Jul 2024 14:15:23 +0000
Subject: [PATCH] Proxy ticket service and proxy ticket validation Proxy endpoints improvements suggested by Jacek Kowalski Add ticket type to storage key Rename isreuse to isReusable Remove "parsing" of "codeUUID" that is String, not UUID Improve error reporting in CAS ticket validation
---
src/main/java/org/keycloak/protocol/cas/endpoints/LogoutEndpoint.java | 43 ++++++++++++++++++-------------------------
1 files changed, 18 insertions(+), 25 deletions(-)
diff --git a/src/main/java/org/keycloak/protocol/cas/endpoints/LogoutEndpoint.java b/src/main/java/org/keycloak/protocol/cas/endpoints/LogoutEndpoint.java
index 7bafe92..48a7934 100644
--- a/src/main/java/org/keycloak/protocol/cas/endpoints/LogoutEndpoint.java
+++ b/src/main/java/org/keycloak/protocol/cas/endpoints/LogoutEndpoint.java
@@ -1,10 +1,10 @@
package org.keycloak.protocol.cas.endpoints;
+import jakarta.ws.rs.GET;
+import jakarta.ws.rs.QueryParam;
+import jakarta.ws.rs.core.Response;
import org.jboss.logging.Logger;
import org.jboss.resteasy.annotations.cache.NoCache;
-import org.jboss.resteasy.spi.HttpRequest;
-import org.keycloak.common.ClientConnection;
-import org.keycloak.events.EventBuilder;
import org.keycloak.models.ClientModel;
import org.keycloak.models.KeycloakSession;
import org.keycloak.models.RealmModel;
@@ -15,35 +15,19 @@
import org.keycloak.services.managers.AuthenticationManager;
import org.keycloak.services.messages.Messages;
-import javax.ws.rs.GET;
-import javax.ws.rs.QueryParam;
-import javax.ws.rs.core.Context;
-import javax.ws.rs.core.HttpHeaders;
-import javax.ws.rs.core.Response;
+import java.net.URI;
public class LogoutEndpoint {
private static final Logger logger = Logger.getLogger(LogoutEndpoint.class);
- @Context
private KeycloakSession session;
- @Context
- private ClientConnection clientConnection;
-
- @Context
- private HttpRequest request;
-
- @Context
- private HttpHeaders headers;
-
private RealmModel realm;
- private EventBuilder event;
- private ClientModel client;
private String redirectUri;
- public LogoutEndpoint(RealmModel realm, EventBuilder event) {
+ public LogoutEndpoint(KeycloakSession session, RealmModel realm) {
+ this.session = session;
this.realm = realm;
- this.event = event;
}
@GET
@@ -55,13 +39,22 @@
if (authResult != null) {
UserSessionModel userSession = authResult.getSession();
userSession.setNote(AuthenticationManager.KEYCLOAK_LOGOUT_PROTOCOL, CASLoginProtocol.LOGIN_PROTOCOL);
- if (redirectUri != null) userSession.setNote(CASLoginProtocol.LOGOUT_REDIRECT_URI, redirectUri);
+
+ if (redirectUri != null) {
+ userSession.setNote(CASLoginProtocol.LOGOUT_REDIRECT_URI, redirectUri);
+ }
logger.debug("Initiating CAS browser logout");
- Response response = AuthenticationManager.browserLogout(session, realm, authResult.getSession(), session.getContext().getUri(), clientConnection, headers);
+ Response response = AuthenticationManager.browserLogout(session, realm, authResult.getSession(), session.getContext().getUri(), session.getContext().getConnection(), session.getContext().getRequestHeaders());
logger.debug("finishing CAS browser logout");
return response;
}
+
+ if (redirectUri != null) {
+ logger.debugv("no active session, redirecting to {0}", redirectUri);
+ return Response.status(302).location(URI.create(redirectUri)).build();
+ }
+
return ErrorPage.error(session, null, Response.Status.BAD_REQUEST, Messages.FAILED_LOGOUT);
}
@@ -70,7 +63,7 @@
return;
}
- client = realm.getClients().stream()
+ ClientModel client = realm.getClientsStream()
.filter(c -> CASLoginProtocol.LOGIN_PROTOCOL.equals(c.getProtocol()))
.filter(c -> RedirectUtils.verifyRedirectUri(session, service, c) != null)
.findFirst().orElse(null);
--
Gitblit v1.9.1