From b1c0c9d40edcf1877698afb865f46c7f498ce7d7 Mon Sep 17 00:00:00 2001
From: Jacek Kowalski <Jacek@jacekk.info>
Date: Thu, 27 Apr 2023 20:49:29 +0000
Subject: [PATCH] GitHub Actions: limit permissions of GITHUB_TOKEN

---
 src/main/java/org/keycloak/protocol/cas/CASLoginProtocolService.java |   38 ++++++++++++++++++--------------------
 1 files changed, 18 insertions(+), 20 deletions(-)

diff --git a/src/main/java/org/keycloak/protocol/cas/CASLoginProtocolService.java b/src/main/java/org/keycloak/protocol/cas/CASLoginProtocolService.java
index 7db732f..041303e 100644
--- a/src/main/java/org/keycloak/protocol/cas/CASLoginProtocolService.java
+++ b/src/main/java/org/keycloak/protocol/cas/CASLoginProtocolService.java
@@ -5,27 +5,16 @@
 import org.keycloak.events.EventBuilder;
 import org.keycloak.models.KeycloakSession;
 import org.keycloak.models.RealmModel;
-import org.keycloak.protocol.cas.endpoints.AuthorizationEndpoint;
-import org.keycloak.protocol.cas.endpoints.LogoutEndpoint;
-import org.keycloak.protocol.cas.endpoints.ServiceValidateEndpoint;
-import org.keycloak.protocol.cas.endpoints.ValidateEndpoint;
+import org.keycloak.protocol.cas.endpoints.*;
 import org.keycloak.services.resources.RealmsResource;
 
 import javax.ws.rs.Path;
-import javax.ws.rs.core.Context;
-import javax.ws.rs.core.HttpHeaders;
-import javax.ws.rs.core.UriBuilder;
-import javax.ws.rs.core.UriInfo;
+import javax.ws.rs.core.*;
 
 public class CASLoginProtocolService {
+    private KeycloakSession session;
     private RealmModel realm;
     private EventBuilder event;
-
-    @Context
-    private UriInfo uriInfo;
-
-    @Context
-    private KeycloakSession session;
 
     @Context
     private HttpHeaders headers;
@@ -33,8 +22,9 @@
     @Context
     private HttpRequest request;
 
-    public CASLoginProtocolService(RealmModel realm, EventBuilder event) {
-        this.realm = realm;
+    public CASLoginProtocolService(KeycloakSession session, EventBuilder event) {
+        this.session = session;
+        this.realm = session.getContext().getRealm();
         this.event = event;
     }
 
@@ -44,14 +34,14 @@
 
     @Path("login")
     public Object login() {
-        AuthorizationEndpoint endpoint = new AuthorizationEndpoint(realm, event);
+        AuthorizationEndpoint endpoint = new AuthorizationEndpoint(session, event);
         ResteasyProviderFactory.getInstance().injectProperties(endpoint);
         return endpoint;
     }
 
     @Path("logout")
     public Object logout() {
-        LogoutEndpoint endpoint = new LogoutEndpoint(realm, event);
+        LogoutEndpoint endpoint = new LogoutEndpoint(realm);
         ResteasyProviderFactory.getInstance().injectProperties(endpoint);
         return endpoint;
     }
@@ -59,6 +49,13 @@
     @Path("validate")
     public Object validate() {
         ValidateEndpoint endpoint = new ValidateEndpoint(realm, event);
+        ResteasyProviderFactory.getInstance().injectProperties(endpoint);
+        return endpoint;
+    }
+
+    @Path("samlValidate")
+    public Object validateSaml11() {
+        SamlValidateEndpoint endpoint = new SamlValidateEndpoint(realm, event);
         ResteasyProviderFactory.getInstance().injectProperties(endpoint);
         return endpoint;
     }
@@ -72,12 +69,13 @@
 
     @Path("proxyValidate")
     public Object proxyValidate() {
-        return null;
+        //TODO implement
+        return serviceValidate();
     }
 
     @Path("proxy")
     public Object proxy() {
-        return null;
+        return Response.serverError().entity("Not implemented").build();
     }
 
     @Path("p3/serviceValidate")

--
Gitblit v1.9.1