From cbb2f2f81452a97fddbdcc1f6010fbc85682e3b3 Mon Sep 17 00:00:00 2001
From: Erlend Hamnaberg <erlend@hamnaberg.net>
Date: Thu, 29 Nov 2018 07:42:20 +0000
Subject: [PATCH] Redirect to application after login is complete

---
 src/main/java/org/keycloak/protocol/cas/endpoints/ServiceValidateEndpoint.java |   52 ++++++++++++++++++++++++++++------------------------
 1 files changed, 28 insertions(+), 24 deletions(-)

diff --git a/src/main/java/org/keycloak/protocol/cas/endpoints/ServiceValidateEndpoint.java b/src/main/java/org/keycloak/protocol/cas/endpoints/ServiceValidateEndpoint.java
index 7b6a77e..291b74e 100644
--- a/src/main/java/org/keycloak/protocol/cas/endpoints/ServiceValidateEndpoint.java
+++ b/src/main/java/org/keycloak/protocol/cas/endpoints/ServiceValidateEndpoint.java
@@ -1,21 +1,25 @@
 package org.keycloak.protocol.cas.endpoints;
 
 import org.keycloak.events.EventBuilder;
-import org.keycloak.models.KeycloakSessionFactory;
-import org.keycloak.models.ProtocolMapperModel;
-import org.keycloak.models.RealmModel;
-import org.keycloak.models.UserSessionModel;
+import org.keycloak.models.*;
 import org.keycloak.protocol.ProtocolMapper;
-import org.keycloak.protocol.cas.CASLoginProtocol;
-import org.keycloak.services.ErrorResponseException;
+import org.keycloak.protocol.cas.mappers.CASAttributeMapper;
+import org.keycloak.protocol.cas.representations.CASServiceResponse;
+import org.keycloak.protocol.cas.utils.CASValidationException;
+import org.keycloak.protocol.cas.utils.ContentTypeHelper;
+import org.keycloak.protocol.cas.utils.ServiceResponseHelper;
 import org.keycloak.services.managers.ClientSessionCode;
+import org.keycloak.services.util.DefaultClientSessionContext;
 
-import javax.ws.rs.core.HttpHeaders;
-import javax.ws.rs.core.MediaType;
-import javax.ws.rs.core.Response;
+import javax.ws.rs.core.*;
+import java.util.HashMap;
+import java.util.Map;
 import java.util.Set;
 
 public class ServiceValidateEndpoint extends ValidateEndpoint {
+    @Context
+    private Request restRequest;
+
     public ServiceValidateEndpoint(RealmModel realm, EventBuilder event) {
         super(realm, event);
     }
@@ -23,31 +27,31 @@
     @Override
     protected Response successResponse() {
         UserSessionModel userSession = clientSession.getUserSession();
+        // CAS protocol does not support scopes, so pass null scopeParam
+        ClientSessionContext clientSessionCtx = DefaultClientSessionContext.fromClientSessionAndScopeParameter(clientSession, null);
 
-        Set<ProtocolMapperModel> mappings = new ClientSessionCode(session, realm, clientSession).getRequestedProtocolMappers();
+        Set<ProtocolMapperModel> mappings = clientSessionCtx.getProtocolMappers();
         KeycloakSessionFactory sessionFactory = session.getKeycloakSessionFactory();
+        Map<String, Object> attributes = new HashMap<>();
         for (ProtocolMapperModel mapping : mappings) {
             ProtocolMapper mapper = (ProtocolMapper) sessionFactory.getProviderFactory(ProtocolMapper.class, mapping.getProtocolMapper());
+            if (mapper instanceof CASAttributeMapper) {
+                ((CASAttributeMapper) mapper).setAttribute(attributes, mapping, userSession, session, clientSessionCtx);
+            }
         }
 
-        return Response.ok()
-                .header(HttpHeaders.CONTENT_TYPE, (jsonFormat() ? MediaType.APPLICATION_JSON_TYPE : MediaType.APPLICATION_XML_TYPE).withCharset("utf-8"))
-                .entity("<cas:serviceResponse xmlns:cas='http://www.yale.edu/tp/cas'>\n" +
-                        "    <cas:authenticationSuccess>\n" +
-                        "        <cas:user>" + userSession.getUser().getUsername() + "</cas:user>\n" +
-                        "        <cas:attributes>\n" +
-                        "        </cas:attributes>\n" +
-                        "    </cas:authenticationSuccess>\n" +
-                        "</cas:serviceResponse>")
-                .build();
+        CASServiceResponse serviceResponse = ServiceResponseHelper.createSuccess(userSession.getUser().getUsername(), attributes);
+        return prepare(Response.Status.OK, serviceResponse);
     }
 
     @Override
-    protected Response errorResponse(ErrorResponseException e) {
-        return super.errorResponse(e);
+    protected Response errorResponse(CASValidationException e) {
+        CASServiceResponse serviceResponse = ServiceResponseHelper.createFailure(e.getError(), e.getErrorDescription());
+        return prepare(e.getStatus(), serviceResponse);
     }
 
-    private boolean jsonFormat() {
-        return "json".equalsIgnoreCase(uriInfo.getQueryParameters().getFirst(CASLoginProtocol.FORMAT_PARAM));
+    private Response prepare(Response.Status status, CASServiceResponse serviceResponse) {
+        MediaType responseMediaType = new ContentTypeHelper(request, restRequest, session.getContext().getUri()).selectResponseType();
+        return ServiceResponseHelper.createResponse(status, responseMediaType, serviceResponse);
     }
 }

--
Gitblit v1.9.1