Example 1 with ServiceTicketImpl
use of org.maxkey.authz.cas.endpoint.ticket.ServiceTicketImpl in project MaxKey by dromara.
the class CasAuthorizeEndpoint method grantingTicket.
@RequestMapping(CasConstants.ENDPOINT.ENDPOINT_SERVICE_TICKET_GRANTING)
public ModelAndView grantingTicket(Principal principal, @AuthenticationPrincipal Object user, HttpServletRequest request, HttpServletResponse response) {
AppsCasDetails casDetails = (AppsCasDetails) WebContext.getAttribute(CasConstants.PARAMETER.ENDPOINT_CAS_DETAILS);
ServiceTicketImpl serviceTicket = new ServiceTicketImpl(WebContext.getAuthentication(), casDetails);
String ticket = ticketServices.createTicket(serviceTicket, casDetails.getExpires());
StringBuffer callbackUrl = new StringBuffer(casDetails.getCallbackUrl());
if (casDetails.getCallbackUrl().indexOf("?") == -1) {
callbackUrl.append("?");
}
if (callbackUrl.indexOf("&") != -1 || callbackUrl.indexOf("=") != -1) {
callbackUrl.append("&");
}
// append ticket
callbackUrl.append(CasConstants.PARAMETER.TICKET).append("=").append(ticket);
callbackUrl.append("&");
// append service
callbackUrl.append(CasConstants.PARAMETER.SERVICE).append("=").append(casDetails.getService());
// 增加可自定义的参数
if (WebContext.getAttribute(CasConstants.PARAMETER.PARAMETER_MAP) != null) {
@SuppressWarnings("unchecked") Map<String, String> parameterMap = (Map<String, String>) WebContext.getAttribute(CasConstants.PARAMETER.PARAMETER_MAP);
parameterMap.remove(CasConstants.PARAMETER.TICKET);
parameterMap.remove(CasConstants.PARAMETER.SERVICE);
for (String key : parameterMap.keySet()) {
callbackUrl.append("&").append(key).append("=").append(parameterMap.get(key));
}
}
if (casDetails.getLogoutType() == LogoutType.BACK_CHANNEL) {
String onlineTicketId = ((SigninPrincipal) WebContext.getAuthentication().getPrincipal()).getOnlineTicket().getTicketId();
OnlineTicket onlineTicket = onlineTicketServices.get(onlineTicketId);
// set cas ticket as OnlineTicketId
casDetails.setOnlineTicket(ticket);
onlineTicket.setAuthorizedApp(casDetails);
onlineTicketServices.store(onlineTicketId, onlineTicket);
}
_logger.debug("redirect to CAS Client URL {}", callbackUrl);
ModelAndView modelAndView = new ModelAndView("authorize/cas_sso_submint");
modelAndView.addObject("callbackUrl", callbackUrl.toString());
return modelAndView;
}
Also used :
ServiceTicketImpl(org.maxkey.authz.cas.endpoint.ticket.ServiceTicketImpl)
OnlineTicket(org.maxkey.authn.online.OnlineTicket)
AppsCasDetails(org.maxkey.entity.apps.AppsCasDetails)
ModelAndView(org.springframework.web.servlet.ModelAndView)
Map(java.util.Map)
RequestMapping(org.springframework.web.bind.annotation.RequestMapping)
Example 2 with ServiceTicketImpl
use of org.maxkey.authz.cas.endpoint.ticket.ServiceTicketImpl in project MaxKey by dromara.
the class CasRestV1Endpoint method requestServiceTicket.
@Operation(summary = "CAS REST认证接口", description = "通过TGT获取ST", method = "POST")
@RequestMapping(value = CasConstants.ENDPOINT.ENDPOINT_REST_TICKET_V1 + "/{ticketGrantingTicket}", method = RequestMethod.POST, consumes = MediaType.APPLICATION_FORM_URLENCODED_VALUE)
public ResponseEntity<String> requestServiceTicket(HttpServletRequest request, HttpServletResponse response, @PathVariable("ticketGrantingTicket") String ticketGrantingTicket, @RequestParam(value = CasConstants.PARAMETER.SERVICE, required = false) String casService, @RequestParam(value = CasConstants.PARAMETER.RENEW, required = false) String renew, @RequestParam(value = CasConstants.PARAMETER.REST_USERNAME, required = false) String username, @RequestParam(value = CasConstants.PARAMETER.REST_PASSWORD, required = false) String password) {
try {
TicketGrantingTicketImpl ticketGrantingTicketImpl = (TicketGrantingTicketImpl) casTicketGrantingTicketServices.get(ticketGrantingTicket);
AppsCasDetails casDetails = casDetailsService.getAppDetails(casService, true);
ServiceTicketImpl serviceTicket = new ServiceTicketImpl(ticketGrantingTicketImpl.getAuthentication(), casDetails);
String ticket = ticketServices.createTicket(serviceTicket);
return new ResponseEntity<>(ticket, HttpStatus.OK);
} catch (Exception e) {
e.printStackTrace();
}
return new ResponseEntity<>("", HttpStatus.BAD_REQUEST);
}
Also used :
ServiceTicketImpl(org.maxkey.authz.cas.endpoint.ticket.ServiceTicketImpl)
ResponseEntity(org.springframework.http.ResponseEntity)
AppsCasDetails(org.maxkey.entity.apps.AppsCasDetails)
TicketGrantingTicketImpl(org.maxkey.authz.cas.endpoint.ticket.TicketGrantingTicketImpl)
BadCredentialsException(org.springframework.security.authentication.BadCredentialsException)
AuthenticationException(org.springframework.security.core.AuthenticationException)
Operation(io.swagger.v3.oas.annotations.Operation)
RequestMapping(org.springframework.web.bind.annotation.RequestMapping)
Aggregations
ServiceTicketImpl (org.maxkey.authz.cas.endpoint.ticket.ServiceTicketImpl)2
AppsCasDetails (org.maxkey.entity.apps.AppsCasDetails)2
RequestMapping (org.springframework.web.bind.annotation.RequestMapping)2
Operation (io.swagger.v3.oas.annotations.Operation)1
Map (java.util.Map)1
OnlineTicket (org.maxkey.authn.online.OnlineTicket)1
TicketGrantingTicketImpl (org.maxkey.authz.cas.endpoint.ticket.TicketGrantingTicketImpl)1
ResponseEntity (org.springframework.http.ResponseEntity)1
BadCredentialsException (org.springframework.security.authentication.BadCredentialsException)1
AuthenticationException (org.springframework.security.core.AuthenticationException)1
ModelAndView (org.springframework.web.servlet.ModelAndView)1
