use of org.springframework.web.bind.annotation.PostMapping in project cas by apereo.
the class ConfigurationStateController method updateConfiguration.
/**
* Update configuration map.
*
* @param jsonInput the json input
* @param request the request
* @param response the response
*/
@PostMapping("/updateConfiguration")
@ResponseBody
public void updateConfiguration(@RequestBody final Map<String, Map<String, String>> jsonInput, final HttpServletRequest request, final HttpServletResponse response) {
ensureEndpointAccessIsAuthorized(request, response);
if (isUpdateEnabled()) {
final Map<String, String> newData = jsonInput.get("new");
configurationPropertiesEnvironmentManager.savePropertyForStandaloneProfile(Pair.of(newData.get("key"), newData.get("value")));
eventPublisher.publishEvent(new CasConfigurationModifiedEvent(this, !casProperties.getEvents().isTrackConfigurationModifications()));
}
}
use of org.springframework.web.bind.annotation.PostMapping in project cas by apereo.
the class Saml2AttributeQueryProfileHandlerController method handlePostRequest.
/**
* Handle post request.
*
* @param response the response
* @param request the request
*/
@PostMapping(path = SamlIdPConstants.ENDPOINT_SAML2_SOAP_ATTRIBUTE_QUERY)
protected void handlePostRequest(final HttpServletResponse response, final HttpServletRequest request) {
final MessageContext ctx = decodeSoapRequest(request);
final AttributeQuery query = (AttributeQuery) ctx.getMessage();
try {
final String issuer = query.getIssuer().getValue();
final SamlRegisteredService service = verifySamlRegisteredService(issuer);
final Optional<SamlRegisteredServiceServiceProviderMetadataFacade> adaptor = getSamlMetadataFacadeFor(service, query);
if (!adaptor.isPresent()) {
throw new UnauthorizedServiceException(UnauthorizedServiceException.CODE_UNAUTHZ_SERVICE, "Cannot find metadata linked to " + issuer);
}
final SamlRegisteredServiceServiceProviderMetadataFacade facade = adaptor.get();
verifyAuthenticationContextSignature(ctx, request, query, facade);
final Map<String, Object> attrs = new LinkedHashMap<>();
if (query.getAttributes().isEmpty()) {
final String id = this.samlAttributeQueryTicketFactory.createTicketIdFor(query.getSubject().getNameID().getValue());
final SamlAttributeQueryTicket ticket = this.ticketRegistry.getTicket(id, SamlAttributeQueryTicket.class);
final Authentication authentication = ticket.getTicketGrantingTicket().getAuthentication();
final Principal principal = authentication.getPrincipal();
final Map<String, Object> authnAttrs = authentication.getAttributes();
final Map<String, Object> principalAttrs = principal.getAttributes();
query.getAttributes().forEach(a -> {
if (authnAttrs.containsKey(a.getName())) {
attrs.put(a.getName(), authnAttrs.get(a.getName()));
} else if (principalAttrs.containsKey(a.getName())) {
attrs.put(a.getName(), principalAttrs.get(a.getName()));
}
});
}
final Assertion casAssertion = buildCasAssertion(issuer, service, attrs);
this.responseBuilder.build(query, request, response, casAssertion, service, facade, SAMLConstants.SAML2_SOAP11_BINDING_URI);
} catch (final Exception e) {
LOGGER.error(e.getMessage(), e);
request.setAttribute(SamlIdPConstants.REQUEST_ATTRIBUTE_ERROR, e.getMessage());
samlFaultResponseBuilder.build(query, request, response, null, null, null, SAMLConstants.SAML2_SOAP11_BINDING_URI);
}
}
use of org.springframework.web.bind.annotation.PostMapping in project cas by apereo.
the class OidcDynamicClientRegistrationEndpointController method handleRequestInternal.
/**
* Handle request.
*
* @param jsonInput the json input
* @param request the request
* @param response the response
* @return the model and view
*/
@PostMapping(value = '/' + OidcConstants.BASE_OIDC_URL + '/' + OidcConstants.REGISTRATION_URL, consumes = MediaType.APPLICATION_JSON_VALUE, produces = MediaType.APPLICATION_JSON_VALUE)
public ResponseEntity<OidcClientRegistrationResponse> handleRequestInternal(@RequestBody final String jsonInput, final HttpServletRequest request, final HttpServletResponse response) {
try {
final OidcClientRegistrationRequest registrationRequest = this.clientRegistrationRequestSerializer.from(jsonInput);
LOGGER.debug("Received client registration request [{}]", registrationRequest);
if (registrationRequest.getScopes().isEmpty()) {
throw new Exception("Registration request does not contain any scope values");
}
if (!registrationRequest.getScope().contains(OidcConstants.StandardScopes.OPENID.getScope())) {
throw new Exception("Registration request scopes do not contain " + OidcConstants.StandardScopes.OPENID.getScope());
}
final OidcRegisteredService registeredService = new OidcRegisteredService();
registeredService.setName(registrationRequest.getClientName());
registeredService.setSectorIdentifierUri(registrationRequest.getSectorIdentifierUri());
registeredService.setSubjectType(registrationRequest.getSubjectType());
if (StringUtils.equalsIgnoreCase(OidcSubjectTypes.PAIRWISE.getType(), registeredService.getSubjectType())) {
registeredService.setUsernameAttributeProvider(new PairwiseOidcRegisteredServiceUsernameAttributeProvider());
}
if (StringUtils.isNotBlank(registrationRequest.getJwksUri())) {
registeredService.setJwks(registrationRequest.getJwksUri());
registeredService.setSignIdToken(true);
}
final String uri = registrationRequest.getRedirectUris().stream().findFirst().get();
registeredService.setServiceId(uri);
registeredService.setClientId(clientIdGenerator.getNewString());
registeredService.setClientSecret(clientSecretGenerator.getNewString());
registeredService.setEvaluationOrder(Integer.MIN_VALUE);
final Set<String> supportedScopes = new HashSet<>(casProperties.getAuthn().getOidc().getScopes());
supportedScopes.retainAll(registrationRequest.getScopes());
final OidcClientRegistrationResponse clientResponse = getClientRegistrationResponse(registrationRequest, registeredService);
registeredService.setScopes(supportedScopes);
final Set<String> processedScopes = new LinkedHashSet<>(supportedScopes);
registeredService.setScopes(processedScopes);
registeredService.setDescription("Dynamically registered service ".concat(registeredService.getName()).concat(" with grant types ").concat(clientResponse.getGrantTypes().stream().collect(Collectors.joining(","))).concat(" and with scopes ").concat(registeredService.getScopes().stream().collect(Collectors.joining(","))).concat(" and response types ").concat(clientResponse.getResponseTypes().stream().collect(Collectors.joining(","))));
registeredService.setDynamicallyRegistered(true);
scopeToAttributesFilter.reconcile(registeredService);
return new ResponseEntity<>(clientResponse, HttpStatus.CREATED);
} catch (final Exception e) {
LOGGER.error(e.getMessage(), e);
final Map<String, String> map = new HashMap<>();
map.put("error", "invalid_client_metadata");
map.put("error_message", e.getMessage());
return new ResponseEntity(map, HttpStatus.BAD_REQUEST);
}
}
use of org.springframework.web.bind.annotation.PostMapping in project paascloud-master by paascloud.
the class UacUserPasswordController method modifyUserPwd.
/**
* 用户修改密码
*
* @param userModifyPwdDto the user modify pwd dto
*
* @return the wrapper
*/
@PostMapping(value = "/modifyUserPwd")
@LogAnnotation
@ApiOperation(httpMethod = "POST", value = "用户修改密码")
public Wrapper<Integer> modifyUserPwd(@ApiParam(name = "userModifyPwdDto", value = "用户修改密码Dto") @RequestBody UserModifyPwdDto userModifyPwdDto) {
logger.info("==》vue用户修改密码, userModifyPwdDto={}", userModifyPwdDto);
logger.info("旧密码 oldPassword = {}", userModifyPwdDto.getOldPassword());
logger.info("新密码 newPassword = {}", userModifyPwdDto.getNewPassword());
logger.info("登录名 loginName = {}", userModifyPwdDto.getLoginName());
LoginAuthDto loginAuthDto = getLoginAuthDto();
int result = uacUserService.userModifyPwd(userModifyPwdDto, loginAuthDto);
return handleResult(result);
}
use of org.springframework.web.bind.annotation.PostMapping in project paascloud-master by paascloud.
the class UacMenuCommonController method checkUacMenuName.
/**
* 检测菜单名称唯一性
*
* @param uacMenuCheckNameDto the uac menu check name dto
*
* @return the wrapper
*/
@PostMapping(value = "/checkMenuName")
@ApiOperation(httpMethod = "POST", value = "检测菜单名称唯一性")
public Wrapper<Boolean> checkUacMenuName(@ApiParam(name = "uacMenuCheckNameDto", value = "id与name") @RequestBody UacMenuCheckNameDto uacMenuCheckNameDto) {
logger.info("校验菜单名称唯一性 uacMenuCheckNameDto={}", uacMenuCheckNameDto);
Long id = uacMenuCheckNameDto.getMenuId();
Long pid = uacMenuCheckNameDto.getPid();
String menuName = uacMenuCheckNameDto.getMenuName();
Example example = new Example(UacMenu.class);
Example.Criteria criteria = example.createCriteria();
if (id != null) {
criteria.andNotEqualTo("id", id);
}
criteria.andEqualTo("menuName", menuName);
criteria.andEqualTo("pid", pid);
int result = uacMenuService.selectCountByExample(example);
return WrapMapper.ok(result < 1);
}
Aggregations