Search in sources :

Example 26 with PostMapping

use of org.springframework.web.bind.annotation.PostMapping in project cas by apereo.

the class ConfigurationStateController method updateConfiguration.

/**
 * Update configuration map.
 *
 * @param jsonInput the json input
 * @param request   the request
 * @param response  the response
 */
@PostMapping("/updateConfiguration")
@ResponseBody
public void updateConfiguration(@RequestBody final Map<String, Map<String, String>> jsonInput, final HttpServletRequest request, final HttpServletResponse response) {
    ensureEndpointAccessIsAuthorized(request, response);
    if (isUpdateEnabled()) {
        final Map<String, String> newData = jsonInput.get("new");
        configurationPropertiesEnvironmentManager.savePropertyForStandaloneProfile(Pair.of(newData.get("key"), newData.get("value")));
        eventPublisher.publishEvent(new CasConfigurationModifiedEvent(this, !casProperties.getEvents().isTrackConfigurationModifications()));
    }
}
Also used : CasConfigurationModifiedEvent(org.apereo.cas.support.events.config.CasConfigurationModifiedEvent) PostMapping(org.springframework.web.bind.annotation.PostMapping) ResponseBody(org.springframework.web.bind.annotation.ResponseBody)

Example 27 with PostMapping

use of org.springframework.web.bind.annotation.PostMapping in project cas by apereo.

the class Saml2AttributeQueryProfileHandlerController method handlePostRequest.

/**
 * Handle post request.
 *
 * @param response the response
 * @param request  the request
 */
@PostMapping(path = SamlIdPConstants.ENDPOINT_SAML2_SOAP_ATTRIBUTE_QUERY)
protected void handlePostRequest(final HttpServletResponse response, final HttpServletRequest request) {
    final MessageContext ctx = decodeSoapRequest(request);
    final AttributeQuery query = (AttributeQuery) ctx.getMessage();
    try {
        final String issuer = query.getIssuer().getValue();
        final SamlRegisteredService service = verifySamlRegisteredService(issuer);
        final Optional<SamlRegisteredServiceServiceProviderMetadataFacade> adaptor = getSamlMetadataFacadeFor(service, query);
        if (!adaptor.isPresent()) {
            throw new UnauthorizedServiceException(UnauthorizedServiceException.CODE_UNAUTHZ_SERVICE, "Cannot find metadata linked to " + issuer);
        }
        final SamlRegisteredServiceServiceProviderMetadataFacade facade = adaptor.get();
        verifyAuthenticationContextSignature(ctx, request, query, facade);
        final Map<String, Object> attrs = new LinkedHashMap<>();
        if (query.getAttributes().isEmpty()) {
            final String id = this.samlAttributeQueryTicketFactory.createTicketIdFor(query.getSubject().getNameID().getValue());
            final SamlAttributeQueryTicket ticket = this.ticketRegistry.getTicket(id, SamlAttributeQueryTicket.class);
            final Authentication authentication = ticket.getTicketGrantingTicket().getAuthentication();
            final Principal principal = authentication.getPrincipal();
            final Map<String, Object> authnAttrs = authentication.getAttributes();
            final Map<String, Object> principalAttrs = principal.getAttributes();
            query.getAttributes().forEach(a -> {
                if (authnAttrs.containsKey(a.getName())) {
                    attrs.put(a.getName(), authnAttrs.get(a.getName()));
                } else if (principalAttrs.containsKey(a.getName())) {
                    attrs.put(a.getName(), principalAttrs.get(a.getName()));
                }
            });
        }
        final Assertion casAssertion = buildCasAssertion(issuer, service, attrs);
        this.responseBuilder.build(query, request, response, casAssertion, service, facade, SAMLConstants.SAML2_SOAP11_BINDING_URI);
    } catch (final Exception e) {
        LOGGER.error(e.getMessage(), e);
        request.setAttribute(SamlIdPConstants.REQUEST_ATTRIBUTE_ERROR, e.getMessage());
        samlFaultResponseBuilder.build(query, request, response, null, null, null, SAMLConstants.SAML2_SOAP11_BINDING_URI);
    }
}
Also used : SamlAttributeQueryTicket(org.apereo.cas.ticket.query.SamlAttributeQueryTicket) SamlRegisteredServiceServiceProviderMetadataFacade(org.apereo.cas.support.saml.services.idp.metadata.SamlRegisteredServiceServiceProviderMetadataFacade) Assertion(org.jasig.cas.client.validation.Assertion) UnauthorizedServiceException(org.apereo.cas.services.UnauthorizedServiceException) UnauthorizedServiceException(org.apereo.cas.services.UnauthorizedServiceException) LinkedHashMap(java.util.LinkedHashMap) AttributeQuery(org.opensaml.saml.saml2.core.AttributeQuery) Authentication(org.apereo.cas.authentication.Authentication) SamlRegisteredService(org.apereo.cas.support.saml.services.SamlRegisteredService) SAMLObject(org.opensaml.saml.common.SAMLObject) MessageContext(org.opensaml.messaging.context.MessageContext) Principal(org.apereo.cas.authentication.principal.Principal) PostMapping(org.springframework.web.bind.annotation.PostMapping)

Example 28 with PostMapping

use of org.springframework.web.bind.annotation.PostMapping in project cas by apereo.

the class OidcDynamicClientRegistrationEndpointController method handleRequestInternal.

/**
 * Handle request.
 *
 * @param jsonInput the json input
 * @param request   the request
 * @param response  the response
 * @return the model and view
 */
@PostMapping(value = '/' + OidcConstants.BASE_OIDC_URL + '/' + OidcConstants.REGISTRATION_URL, consumes = MediaType.APPLICATION_JSON_VALUE, produces = MediaType.APPLICATION_JSON_VALUE)
public ResponseEntity<OidcClientRegistrationResponse> handleRequestInternal(@RequestBody final String jsonInput, final HttpServletRequest request, final HttpServletResponse response) {
    try {
        final OidcClientRegistrationRequest registrationRequest = this.clientRegistrationRequestSerializer.from(jsonInput);
        LOGGER.debug("Received client registration request [{}]", registrationRequest);
        if (registrationRequest.getScopes().isEmpty()) {
            throw new Exception("Registration request does not contain any scope values");
        }
        if (!registrationRequest.getScope().contains(OidcConstants.StandardScopes.OPENID.getScope())) {
            throw new Exception("Registration request scopes do not contain " + OidcConstants.StandardScopes.OPENID.getScope());
        }
        final OidcRegisteredService registeredService = new OidcRegisteredService();
        registeredService.setName(registrationRequest.getClientName());
        registeredService.setSectorIdentifierUri(registrationRequest.getSectorIdentifierUri());
        registeredService.setSubjectType(registrationRequest.getSubjectType());
        if (StringUtils.equalsIgnoreCase(OidcSubjectTypes.PAIRWISE.getType(), registeredService.getSubjectType())) {
            registeredService.setUsernameAttributeProvider(new PairwiseOidcRegisteredServiceUsernameAttributeProvider());
        }
        if (StringUtils.isNotBlank(registrationRequest.getJwksUri())) {
            registeredService.setJwks(registrationRequest.getJwksUri());
            registeredService.setSignIdToken(true);
        }
        final String uri = registrationRequest.getRedirectUris().stream().findFirst().get();
        registeredService.setServiceId(uri);
        registeredService.setClientId(clientIdGenerator.getNewString());
        registeredService.setClientSecret(clientSecretGenerator.getNewString());
        registeredService.setEvaluationOrder(Integer.MIN_VALUE);
        final Set<String> supportedScopes = new HashSet<>(casProperties.getAuthn().getOidc().getScopes());
        supportedScopes.retainAll(registrationRequest.getScopes());
        final OidcClientRegistrationResponse clientResponse = getClientRegistrationResponse(registrationRequest, registeredService);
        registeredService.setScopes(supportedScopes);
        final Set<String> processedScopes = new LinkedHashSet<>(supportedScopes);
        registeredService.setScopes(processedScopes);
        registeredService.setDescription("Dynamically registered service ".concat(registeredService.getName()).concat(" with grant types ").concat(clientResponse.getGrantTypes().stream().collect(Collectors.joining(","))).concat(" and with scopes ").concat(registeredService.getScopes().stream().collect(Collectors.joining(","))).concat(" and response types ").concat(clientResponse.getResponseTypes().stream().collect(Collectors.joining(","))));
        registeredService.setDynamicallyRegistered(true);
        scopeToAttributesFilter.reconcile(registeredService);
        return new ResponseEntity<>(clientResponse, HttpStatus.CREATED);
    } catch (final Exception e) {
        LOGGER.error(e.getMessage(), e);
        final Map<String, String> map = new HashMap<>();
        map.put("error", "invalid_client_metadata");
        map.put("error_message", e.getMessage());
        return new ResponseEntity(map, HttpStatus.BAD_REQUEST);
    }
}
Also used : LinkedHashSet(java.util.LinkedHashSet) ResponseEntity(org.springframework.http.ResponseEntity) OidcRegisteredService(org.apereo.cas.services.OidcRegisteredService) OidcClientRegistrationRequest(org.apereo.cas.oidc.dynareg.OidcClientRegistrationRequest) HashMap(java.util.HashMap) Map(java.util.Map) OidcClientRegistrationResponse(org.apereo.cas.oidc.dynareg.OidcClientRegistrationResponse) PairwiseOidcRegisteredServiceUsernameAttributeProvider(org.apereo.cas.services.PairwiseOidcRegisteredServiceUsernameAttributeProvider) HashSet(java.util.HashSet) LinkedHashSet(java.util.LinkedHashSet) PostMapping(org.springframework.web.bind.annotation.PostMapping)

Example 29 with PostMapping

use of org.springframework.web.bind.annotation.PostMapping in project paascloud-master by paascloud.

the class UacUserPasswordController method modifyUserPwd.

/**
 * 用户修改密码
 *
 * @param userModifyPwdDto the user modify pwd dto
 *
 * @return the wrapper
 */
@PostMapping(value = "/modifyUserPwd")
@LogAnnotation
@ApiOperation(httpMethod = "POST", value = "用户修改密码")
public Wrapper<Integer> modifyUserPwd(@ApiParam(name = "userModifyPwdDto", value = "用户修改密码Dto") @RequestBody UserModifyPwdDto userModifyPwdDto) {
    logger.info("==》vue用户修改密码, userModifyPwdDto={}", userModifyPwdDto);
    logger.info("旧密码 oldPassword = {}", userModifyPwdDto.getOldPassword());
    logger.info("新密码 newPassword = {}", userModifyPwdDto.getNewPassword());
    logger.info("登录名 loginName = {}", userModifyPwdDto.getLoginName());
    LoginAuthDto loginAuthDto = getLoginAuthDto();
    int result = uacUserService.userModifyPwd(userModifyPwdDto, loginAuthDto);
    return handleResult(result);
}
Also used : LoginAuthDto(com.paascloud.base.dto.LoginAuthDto) LogAnnotation(com.paascloud.core.annotation.LogAnnotation) PostMapping(org.springframework.web.bind.annotation.PostMapping) ApiOperation(io.swagger.annotations.ApiOperation)

Example 30 with PostMapping

use of org.springframework.web.bind.annotation.PostMapping in project paascloud-master by paascloud.

the class UacMenuCommonController method checkUacMenuName.

/**
 * 检测菜单名称唯一性
 *
 * @param uacMenuCheckNameDto the uac menu check name dto
 *
 * @return the wrapper
 */
@PostMapping(value = "/checkMenuName")
@ApiOperation(httpMethod = "POST", value = "检测菜单名称唯一性")
public Wrapper<Boolean> checkUacMenuName(@ApiParam(name = "uacMenuCheckNameDto", value = "id与name") @RequestBody UacMenuCheckNameDto uacMenuCheckNameDto) {
    logger.info("校验菜单名称唯一性 uacMenuCheckNameDto={}", uacMenuCheckNameDto);
    Long id = uacMenuCheckNameDto.getMenuId();
    Long pid = uacMenuCheckNameDto.getPid();
    String menuName = uacMenuCheckNameDto.getMenuName();
    Example example = new Example(UacMenu.class);
    Example.Criteria criteria = example.createCriteria();
    if (id != null) {
        criteria.andNotEqualTo("id", id);
    }
    criteria.andEqualTo("menuName", menuName);
    criteria.andEqualTo("pid", pid);
    int result = uacMenuService.selectCountByExample(example);
    return WrapMapper.ok(result < 1);
}
Also used : Example(tk.mybatis.mapper.entity.Example) PostMapping(org.springframework.web.bind.annotation.PostMapping) ApiOperation(io.swagger.annotations.ApiOperation)

Aggregations

PostMapping (org.springframework.web.bind.annotation.PostMapping)83 ApiOperation (io.swagger.annotations.ApiOperation)21 Profile (com.erudika.scoold.core.Profile)20 Post (com.erudika.scoold.core.Post)9 Example (tk.mybatis.mapper.entity.Example)8 HashMap (java.util.HashMap)7 Service (org.apereo.cas.authentication.principal.Service)6 ResponseEntity (org.springframework.http.ResponseEntity)6 ResponseBody (org.springframework.web.bind.annotation.ResponseBody)6 LoginAuthDto (com.paascloud.base.dto.LoginAuthDto)5 AuthenticationResult (org.apereo.cas.authentication.AuthenticationResult)5 RegisteredService (org.apereo.cas.services.RegisteredService)5 User (amu.zhcet.data.user.User)4 Report (com.erudika.scoold.core.Report)4 IOException (java.io.IOException)4 Map (java.util.Map)4 Credential (org.apereo.cas.authentication.Credential)4 Reply (com.erudika.scoold.core.Reply)3 Log (io.github.tesla.ops.common.Log)3 LinkedHashMap (java.util.LinkedHashMap)3