From 8560e4a392962f6b1bdd40f444f091f6a36cdbd4 Mon Sep 17 00:00:00 2001 From: Jacek Kowalski <Jacek@jacekk.info> Date: Fri, 24 Nov 2023 15:24:58 +0000 Subject: [PATCH] CASLoginProtocol: close Response resource in backchannelLogout --- src/main/java/org/keycloak/protocol/cas/endpoints/SamlValidateEndpoint.java | 26 +++++++++++++++----------- 1 files changed, 15 insertions(+), 11 deletions(-) diff --git a/src/main/java/org/keycloak/protocol/cas/endpoints/SamlValidateEndpoint.java b/src/main/java/org/keycloak/protocol/cas/endpoints/SamlValidateEndpoint.java index 3d7f3c3..5442d70 100644 --- a/src/main/java/org/keycloak/protocol/cas/endpoints/SamlValidateEndpoint.java +++ b/src/main/java/org/keycloak/protocol/cas/endpoints/SamlValidateEndpoint.java @@ -1,8 +1,14 @@ package org.keycloak.protocol.cas.endpoints; +import jakarta.ws.rs.Consumes; +import jakarta.ws.rs.POST; +import jakarta.ws.rs.Produces; +import jakarta.ws.rs.core.MultivaluedMap; +import jakarta.ws.rs.core.Response; import org.keycloak.dom.saml.v1.protocol.SAML11ResponseType; import org.keycloak.events.EventBuilder; import org.keycloak.events.EventType; +import org.keycloak.models.KeycloakSession; import org.keycloak.models.RealmModel; import org.keycloak.models.UserModel; import org.keycloak.protocol.cas.CASLoginProtocol; @@ -12,33 +18,31 @@ import org.keycloak.services.Urls; import org.xml.sax.InputSource; -import javax.ws.rs.Consumes; -import javax.ws.rs.POST; -import javax.ws.rs.Produces; -import javax.ws.rs.core.MultivaluedMap; -import javax.ws.rs.core.Response; import javax.xml.namespace.NamespaceContext; import javax.xml.xpath.XPath; import javax.xml.xpath.XPathExpression; import javax.xml.xpath.XPathExpressionException; import javax.xml.xpath.XPathFactory; import java.io.StringReader; -import java.util.*; +import java.util.Collections; +import java.util.Iterator; +import java.util.Map; +import java.util.Optional; import static org.keycloak.protocol.cas.CASLoginProtocol.TARGET_PARAM; public class SamlValidateEndpoint extends AbstractValidateEndpoint { - public SamlValidateEndpoint(RealmModel realm, EventBuilder event) { - super(realm, event.event(EventType.CODE_TO_TOKEN)); + public SamlValidateEndpoint(KeycloakSession session, RealmModel realm, EventBuilder event) { + super(session, realm, event.event(EventType.CODE_TO_TOKEN)); } @POST @Consumes("text/xml;charset=utf-8") @Produces("text/xml;charset=utf-8") public Response validate(String input) { - MultivaluedMap<String, String> queryParams = request.getUri().getQueryParameters(); + MultivaluedMap<String, String> queryParams = session.getContext().getUri().getQueryParameters(); try { - String soapAction = Optional.ofNullable(request.getHttpHeaders().getHeaderString("SOAPAction")).map(s -> s.trim().replace("\"", "")).orElse(""); + String soapAction = Optional.ofNullable(session.getContext().getRequestHeaders().getHeaderString("SOAPAction")).map(s -> s.trim().replace("\"", "")).orElse(""); if (!soapAction.equals("http://www.oasis-open.org/committees/security")) { throw new CASValidationException(CASErrorCode.INTERNAL_ERROR, "Not a validation request", Response.Status.BAD_REQUEST); } @@ -49,7 +53,7 @@ checkRealm(); checkSsl(); checkClient(service); - String issuer = Urls.realmIssuer(request.getUri().getBaseUri(), realm.getName()); + String issuer = Urls.realmIssuer(session.getContext().getUri().getBaseUri(), realm.getName()); String ticket = getTicket(input); checkTicket(ticket, renew); -- Gitblit v1.9.1