From 755fd78fa0ee0f2a67417a119382c63e02c1091e Mon Sep 17 00:00:00 2001
From: Alexandre Rocha Wendling <alexandrerw@celepar.pr.gov.br>
Date: Tue, 16 Jul 2024 14:15:23 +0000
Subject: [PATCH] Proxy ticket service and proxy ticket validation Proxy endpoints improvements suggested by Jacek Kowalski Add ticket type to storage key Rename isreuse to isReusable Remove "parsing" of "codeUUID" that is String, not UUID Improve error reporting in CAS ticket validation

---
 src/main/java/org/keycloak/protocol/cas/endpoints/ValidateEndpoint.java |   16 +++++++++-------
 1 files changed, 9 insertions(+), 7 deletions(-)

diff --git a/src/main/java/org/keycloak/protocol/cas/endpoints/ValidateEndpoint.java b/src/main/java/org/keycloak/protocol/cas/endpoints/ValidateEndpoint.java
index 810dcab..a3c14a4 100644
--- a/src/main/java/org/keycloak/protocol/cas/endpoints/ValidateEndpoint.java
+++ b/src/main/java/org/keycloak/protocol/cas/endpoints/ValidateEndpoint.java
@@ -7,6 +7,7 @@
 import org.jboss.resteasy.annotations.cache.NoCache;
 import org.keycloak.events.EventBuilder;
 import org.keycloak.events.EventType;
+import org.keycloak.models.KeycloakSession;
 import org.keycloak.models.RealmModel;
 import org.keycloak.protocol.cas.CASLoginProtocol;
 import org.keycloak.protocol.cas.utils.CASValidationException;
@@ -16,8 +17,8 @@
     private static final String RESPONSE_OK = "yes\n";
     private static final String RESPONSE_FAILED = "no\n";
 
-    public ValidateEndpoint(RealmModel realm, EventBuilder event) {
-        super(realm, event);
+    public ValidateEndpoint(KeycloakSession session, RealmModel realm, EventBuilder event) {
+        super(session, realm, event);
     }
 
     @GET
@@ -25,6 +26,7 @@
     public Response build() {
         MultivaluedMap<String, String> params = session.getContext().getUri().getQueryParameters();
         String service = params.getFirst(CASLoginProtocol.SERVICE_PARAM);
+        String pgtUrl = params.getFirst(CASLoginProtocol.PGTURL_PARAM);
         String ticket = params.getFirst(CASLoginProtocol.TICKET_PARAM);
         boolean renew = params.containsKey(CASLoginProtocol.RENEW_PARAM);
 
@@ -35,7 +37,9 @@
             checkRealm();
             checkClient(service);
 
-            checkTicket(ticket, renew);
+            checkTicket(ticket, CASLoginProtocol.SERVICE_TICKET_PREFIX, renew);
+
+            if (pgtUrl != null) createProxyGrant(pgtUrl);
 
             event.success();
             return successResponse();
@@ -45,10 +49,8 @@
     }
 
     protected Response successResponse() {
-        StringBuilder sb = new StringBuilder(RESPONSE_OK);
-        sb.append(clientSession.getUserSession().getUser().getUsername());
-        sb.append("\n");
-        return Response.ok(sb.toString()).type(MediaType.TEXT_PLAIN).build();
+        String response = RESPONSE_OK + clientSession.getUserSession().getUser().getUsername() + "\n";
+        return Response.ok(response).type(MediaType.TEXT_PLAIN).build();
     }
 
     protected Response errorResponse(CASValidationException e) {

--
Gitblit v1.9.1