Search in sources :

Example 1 with ServiceTicketImpl

use of org.maxkey.authz.cas.endpoint.ticket.ServiceTicketImpl in project MaxKey by dromara.

the class CasAuthorizeEndpoint method grantingTicket.

@RequestMapping(CasConstants.ENDPOINT.ENDPOINT_SERVICE_TICKET_GRANTING)
public ModelAndView grantingTicket(Principal principal, @AuthenticationPrincipal Object user, HttpServletRequest request, HttpServletResponse response) {
    AppsCasDetails casDetails = (AppsCasDetails) WebContext.getAttribute(CasConstants.PARAMETER.ENDPOINT_CAS_DETAILS);
    ServiceTicketImpl serviceTicket = new ServiceTicketImpl(WebContext.getAuthentication(), casDetails);
    String ticket = ticketServices.createTicket(serviceTicket, casDetails.getExpires());
    StringBuffer callbackUrl = new StringBuffer(casDetails.getCallbackUrl());
    if (casDetails.getCallbackUrl().indexOf("?") == -1) {
        callbackUrl.append("?");
    }
    if (callbackUrl.indexOf("&") != -1 || callbackUrl.indexOf("=") != -1) {
        callbackUrl.append("&");
    }
    // append ticket
    callbackUrl.append(CasConstants.PARAMETER.TICKET).append("=").append(ticket);
    callbackUrl.append("&");
    // append service
    callbackUrl.append(CasConstants.PARAMETER.SERVICE).append("=").append(casDetails.getService());
    // 增加可自定义的参数
    if (WebContext.getAttribute(CasConstants.PARAMETER.PARAMETER_MAP) != null) {
        @SuppressWarnings("unchecked") Map<String, String> parameterMap = (Map<String, String>) WebContext.getAttribute(CasConstants.PARAMETER.PARAMETER_MAP);
        parameterMap.remove(CasConstants.PARAMETER.TICKET);
        parameterMap.remove(CasConstants.PARAMETER.SERVICE);
        for (String key : parameterMap.keySet()) {
            callbackUrl.append("&").append(key).append("=").append(parameterMap.get(key));
        }
    }
    if (casDetails.getLogoutType() == LogoutType.BACK_CHANNEL) {
        String onlineTicketId = ((SigninPrincipal) WebContext.getAuthentication().getPrincipal()).getOnlineTicket().getTicketId();
        OnlineTicket onlineTicket = onlineTicketServices.get(onlineTicketId);
        // set cas ticket as OnlineTicketId
        casDetails.setOnlineTicket(ticket);
        onlineTicket.setAuthorizedApp(casDetails);
        onlineTicketServices.store(onlineTicketId, onlineTicket);
    }
    _logger.debug("redirect to CAS Client URL {}", callbackUrl);
    ModelAndView modelAndView = new ModelAndView("authorize/cas_sso_submint");
    modelAndView.addObject("callbackUrl", callbackUrl.toString());
    return modelAndView;
}
Also used : ServiceTicketImpl(org.maxkey.authz.cas.endpoint.ticket.ServiceTicketImpl) OnlineTicket(org.maxkey.authn.online.OnlineTicket) AppsCasDetails(org.maxkey.entity.apps.AppsCasDetails) ModelAndView(org.springframework.web.servlet.ModelAndView) Map(java.util.Map) RequestMapping(org.springframework.web.bind.annotation.RequestMapping)

Example 2 with ServiceTicketImpl

use of org.maxkey.authz.cas.endpoint.ticket.ServiceTicketImpl in project MaxKey by dromara.

the class CasRestV1Endpoint method requestServiceTicket.

@Operation(summary = "CAS REST认证接口", description = "通过TGT获取ST", method = "POST")
@RequestMapping(value = CasConstants.ENDPOINT.ENDPOINT_REST_TICKET_V1 + "/{ticketGrantingTicket}", method = RequestMethod.POST, consumes = MediaType.APPLICATION_FORM_URLENCODED_VALUE)
public ResponseEntity<String> requestServiceTicket(HttpServletRequest request, HttpServletResponse response, @PathVariable("ticketGrantingTicket") String ticketGrantingTicket, @RequestParam(value = CasConstants.PARAMETER.SERVICE, required = false) String casService, @RequestParam(value = CasConstants.PARAMETER.RENEW, required = false) String renew, @RequestParam(value = CasConstants.PARAMETER.REST_USERNAME, required = false) String username, @RequestParam(value = CasConstants.PARAMETER.REST_PASSWORD, required = false) String password) {
    try {
        TicketGrantingTicketImpl ticketGrantingTicketImpl = (TicketGrantingTicketImpl) casTicketGrantingTicketServices.get(ticketGrantingTicket);
        AppsCasDetails casDetails = casDetailsService.getAppDetails(casService, true);
        ServiceTicketImpl serviceTicket = new ServiceTicketImpl(ticketGrantingTicketImpl.getAuthentication(), casDetails);
        String ticket = ticketServices.createTicket(serviceTicket);
        return new ResponseEntity<>(ticket, HttpStatus.OK);
    } catch (Exception e) {
        e.printStackTrace();
    }
    return new ResponseEntity<>("", HttpStatus.BAD_REQUEST);
}
Also used : ServiceTicketImpl(org.maxkey.authz.cas.endpoint.ticket.ServiceTicketImpl) ResponseEntity(org.springframework.http.ResponseEntity) AppsCasDetails(org.maxkey.entity.apps.AppsCasDetails) TicketGrantingTicketImpl(org.maxkey.authz.cas.endpoint.ticket.TicketGrantingTicketImpl) BadCredentialsException(org.springframework.security.authentication.BadCredentialsException) AuthenticationException(org.springframework.security.core.AuthenticationException) Operation(io.swagger.v3.oas.annotations.Operation) RequestMapping(org.springframework.web.bind.annotation.RequestMapping)

Aggregations

ServiceTicketImpl (org.maxkey.authz.cas.endpoint.ticket.ServiceTicketImpl)2 AppsCasDetails (org.maxkey.entity.apps.AppsCasDetails)2 RequestMapping (org.springframework.web.bind.annotation.RequestMapping)2 Operation (io.swagger.v3.oas.annotations.Operation)1 Map (java.util.Map)1 OnlineTicket (org.maxkey.authn.online.OnlineTicket)1 TicketGrantingTicketImpl (org.maxkey.authz.cas.endpoint.ticket.TicketGrantingTicketImpl)1 ResponseEntity (org.springframework.http.ResponseEntity)1 BadCredentialsException (org.springframework.security.authentication.BadCredentialsException)1 AuthenticationException (org.springframework.security.core.AuthenticationException)1 ModelAndView (org.springframework.web.servlet.ModelAndView)1