Skip to content
体验新版
项目
组织
正在加载...
登录
切换导航
打开侧边栏
MaxKey单点登录官方(MaxKeyTop)
MaxKey
提交
49246f0f
MaxKey
项目概览
MaxKey单点登录官方(MaxKeyTop)
/
MaxKey
9 个月 前同步成功
通知
75
Star
3
Fork
1
代码
文件
提交
分支
Tags
贡献者
分支图
Diff
Issue
1
列表
看板
标记
里程碑
合并请求
0
DevOps
流水线
流水线任务
计划
Wiki
0
Wiki
分析
仓库
DevOps
项目成员
Pages
MaxKey
项目概览
项目概览
详情
发布
仓库
仓库
文件
提交
分支
标签
贡献者
分支图
比较
Issue
1
Issue
1
列表
看板
标记
里程碑
合并请求
0
合并请求
0
Pages
DevOps
DevOps
流水线
流水线任务
计划
分析
分析
仓库分析
DevOps
Wiki
0
Wiki
成员
成员
收起侧边栏
关闭侧边栏
动态
分支图
创建新Issue
流水线任务
提交
Issue看板
前往新版Gitcode,体验更适合开发者的 AI 搜索 >>
提交
49246f0f
编写于
11月 09, 2020
作者:
MaxKey单点登录官方
浏览文件
操作
浏览文件
下载
电子邮件补丁
差异文件
SingleLogout
上级
a90fb9ad
变更
5
隐藏空白更改
内联
并排
Showing
5 changed file
with
183 addition
and
27 deletion
+183
-27
maxkey-protocols/maxkey-protocol-authorize/src/main/java/org/maxkey/authz/singlelogout/CasSingleLogout.java
...n/java/org/maxkey/authz/singlelogout/CasSingleLogout.java
+0
-16
maxkey-protocols/maxkey-protocol-authorize/src/main/java/org/maxkey/authz/singlelogout/DefaultSingleLogout.java
...va/org/maxkey/authz/singlelogout/DefaultSingleLogout.java
+16
-7
maxkey-protocols/maxkey-protocol-authorize/src/main/java/org/maxkey/authz/singlelogout/SamlSingleLogout.java
.../java/org/maxkey/authz/singlelogout/SamlSingleLogout.java
+40
-0
maxkey-protocols/maxkey-protocol-authorize/src/main/java/org/maxkey/authz/singlelogout/SingleLogout.java
...main/java/org/maxkey/authz/singlelogout/SingleLogout.java
+96
-2
maxkey-web-maxkey/src/main/java/org/maxkey/web/endpoint/LogoutEndpoint.java
...src/main/java/org/maxkey/web/endpoint/LogoutEndpoint.java
+31
-2
未找到文件。
maxkey-protocols/maxkey-protocol-authorize/src/main/java/org/maxkey/authz/singlelogout/CasSingleLogout.java
已删除
100644 → 0
浏览文件 @
a90fb9ad
package
org.maxkey.authz.singlelogout
;
public
class
CasSingleLogout
extends
SingleLogout
{
public
String
logoutRequestMessage
=
"<samlp:LogoutRequest xmlns:samlp=\"urn:oasis:names:tc:SAML:2.0:protocol\" ID=\"%s\" Version=\"2.0\" "
+
"IssueInstant=\"%s\"><saml:NameID xmlns:saml=\"urn:oasis:names:tc:SAML:2.0:assertion\">%s"
+
"</saml:NameID><samlp:SessionIndex>%s</samlp:SessionIndex></samlp:LogoutRequest>"
;
@Override
public
void
sendRequest
()
{
// TODO Auto-generated method stub
}
}
maxkey-protocols/maxkey-protocol-authorize/src/main/java/org/maxkey/authz/singlelogout/DefaultSingleLogout.java
浏览文件 @
49246f0f
package
org.maxkey.authz.singlelogout
;
public
class
DefaultSingleLogout
extends
SingleLogout
{
import
java.util.HashMap
;
import
java.util.UUID
;
import
org.maxkey.authn.SigninPrincipal
;
import
org.maxkey.domain.apps.Apps
;
import
org.maxkey.util.DateUtils
;
import
org.springframework.security.core.Authentication
;
public
String
logoutRequestMessage
=
"<samlp:LogoutRequest xmlns:samlp=\"urn:oasis:names:tc:SAML:2.0:protocol\" ID=\"%s\" Version=\"2.0\" "
+
"IssueInstant=\"%s\"><saml:NameID xmlns:saml=\"urn:oasis:names:tc:SAML:2.0:assertion\">%s"
+
"</saml:NameID><samlp:SessionIndex>%s</samlp:SessionIndex></samlp:LogoutRequest>"
;
public
class
DefaultSingleLogout
extends
SingleLogout
{
@Override
public
void
sendRequest
()
{
// TODO Auto-generated method stub
public
void
sendRequest
(
Authentication
authentication
,
Apps
logoutApp
)
{
HashMap
<
String
,
Object
>
logoutParameters
=
new
HashMap
<
String
,
Object
>();
logoutParameters
.
put
(
"id"
,
UUID
.
randomUUID
().
toString
());
logoutParameters
.
put
(
"principal"
,
authentication
.
getName
());
logoutParameters
.
put
(
"request"
,
"logoutRequest"
);
logoutParameters
.
put
(
"issueInstant"
,
DateUtils
.
getCurrentDateAsString
(
DateUtils
.
FORMAT_DATE_ISO_TIMESTAMP
));
logoutParameters
.
put
(
"ticket"
,
((
SigninPrincipal
)
authentication
.
getPrincipal
()).
getOnlineTicket
().
getTicketId
());
postMessage
(
logoutApp
.
getLogoutUrl
(),
logoutParameters
);
}
...
...
maxkey-protocols/maxkey-protocol-authorize/src/main/java/org/maxkey/authz/singlelogout/SamlSingleLogout.java
0 → 100644
浏览文件 @
49246f0f
package
org.maxkey.authz.singlelogout
;
import
java.util.HashMap
;
import
java.util.UUID
;
import
org.maxkey.domain.apps.Apps
;
import
org.maxkey.util.DateUtils
;
import
org.springframework.security.core.Authentication
;
public
class
SamlSingleLogout
extends
SingleLogout
{
/**
* The parameter name that contains the logout request.
*/
public
static
final
String
LOGOUT_REQUEST_PARAMETER
=
"logoutRequest"
;
public
static
final
String
logoutRequestMessage
=
"<samlp:LogoutRequest xmlns:samlp=\"urn:oasis:names:tc:SAML:2.0:protocol\" ID=\"%s\" Version=\"2.0\" "
+
"IssueInstant=\"%s\"><saml:NameID xmlns:saml=\"urn:oasis:names:tc:SAML:2.0:assertion\">%s"
+
"</saml:NameID><samlp:SessionIndex>%s</samlp:SessionIndex></samlp:LogoutRequest>"
;
@Override
public
void
sendRequest
(
Authentication
authentication
,
Apps
logoutApp
)
{
String
requestMessage
=
String
.
format
(
logoutRequestMessage
,
UUID
.
randomUUID
().
toString
(),
DateUtils
.
getCurrentDateAsString
(
DateUtils
.
FORMAT_DATE_ISO_TIMESTAMP
),
authentication
.
getName
(),
logoutApp
.
getOnlineTicket
()
);
HashMap
<
String
,
Object
>
logoutParameters
=
new
HashMap
<
String
,
Object
>();
logoutParameters
.
put
(
LOGOUT_REQUEST_PARAMETER
,
requestMessage
);
postMessage
(
logoutApp
.
getLogoutUrl
(),
logoutParameters
);
}
public
SamlSingleLogout
()
{
super
();
}
}
maxkey-protocols/maxkey-protocol-authorize/src/main/java/org/maxkey/authz/singlelogout/SingleLogout.java
浏览文件 @
49246f0f
package
org.maxkey.authz.singlelogout
;
public
abstract
class
SingleLogout
{
import
java.io.IOException
;
import
java.io.UnsupportedEncodingException
;
import
java.util.ArrayList
;
import
java.util.Iterator
;
import
java.util.List
;
import
java.util.Map
;
import
java.util.Map.Entry
;
import
java.util.Set
;
import
org.apache.http.HttpEntity
;
import
org.apache.http.NameValuePair
;
import
org.apache.http.client.config.RequestConfig
;
import
org.apache.http.client.entity.UrlEncodedFormEntity
;
import
org.apache.http.client.methods.CloseableHttpResponse
;
import
org.apache.http.client.methods.HttpPost
;
import
org.apache.http.impl.client.CloseableHttpClient
;
import
org.apache.http.impl.client.HttpClients
;
import
org.apache.http.message.BasicNameValuePair
;
import
org.apache.http.util.EntityUtils
;
import
org.maxkey.domain.apps.Apps
;
import
org.slf4j.Logger
;
import
org.slf4j.LoggerFactory
;
import
org.springframework.security.core.Authentication
;
public
abstract
class
SingleLogout
{
private
static
final
Logger
_logger
=
LoggerFactory
.
getLogger
(
SingleLogout
.
class
);
public
abstract
void
sendRequest
()
;
public
abstract
void
sendRequest
(
Authentication
authentication
,
Apps
logoutApp
)
;
public
void
postMessage
(
String
url
,
Map
<
String
,
Object
>
paramMap
)
{
// 创建httpClient实例
CloseableHttpClient
httpClient
=
HttpClients
.
createDefault
();
CloseableHttpResponse
httpResponse
=
null
;
// 创建httpPost远程连接实例
HttpPost
httpPost
=
new
HttpPost
(
url
);
// 配置请求参数实例
RequestConfig
requestConfig
=
RequestConfig
.
custom
().
setConnectTimeout
(
35000
)
// 设置连接主机服务超时时间
.
setConnectionRequestTimeout
(
35000
)
// 设置连接请求超时时间
.
setSocketTimeout
(
60000
)
// 设置读取数据连接超时时间
.
build
();
// 为httpPost实例设置配置
httpPost
.
setConfig
(
requestConfig
);
// 设置请求头
httpPost
.
addHeader
(
"Content-Type"
,
"application/x-www-form-urlencoded"
);
// 封装post请求参数
if
(
null
!=
paramMap
&&
paramMap
.
size
()
>
0
)
{
List
<
NameValuePair
>
nvps
=
new
ArrayList
<
NameValuePair
>();
// 通过map集成entrySet方法获取entity
Set
<
Entry
<
String
,
Object
>>
entrySet
=
paramMap
.
entrySet
();
// 循环遍历,获取迭代器
Iterator
<
Entry
<
String
,
Object
>>
iterator
=
entrySet
.
iterator
();
while
(
iterator
.
hasNext
())
{
Entry
<
String
,
Object
>
mapEntry
=
iterator
.
next
();
_logger
.
debug
(
"Name "
+
mapEntry
.
getKey
()
+
" , Value "
+
mapEntry
.
getValue
());
nvps
.
add
(
new
BasicNameValuePair
(
mapEntry
.
getKey
(),
mapEntry
.
getValue
().
toString
()));
}
// 为httpPost设置封装好的请求参数
try
{
httpPost
.
setEntity
(
new
UrlEncodedFormEntity
(
nvps
,
"UTF-8"
));
}
catch
(
UnsupportedEncodingException
e
)
{
e
.
printStackTrace
();
}
}
try
{
_logger
.
debug
(
"Post URL "
+
url
+
" , Post Message \n"
+
httpPost
.
getEntity
().
toString
()
);
// httpClient对象执行post请求,并返回响应参数对象
httpResponse
=
httpClient
.
execute
(
httpPost
);
// 从响应对象中获取响应内容
HttpEntity
entity
=
httpResponse
.
getEntity
();
_logger
.
debug
(
"Http Response StatusCode "
+
httpResponse
.
getStatusLine
().
getStatusCode
()+
" , Content "
+
EntityUtils
.
toString
(
entity
)
);
}
catch
(
Exception
e
)
{
e
.
printStackTrace
();
}
finally
{
// 关闭资源
if
(
null
!=
httpResponse
)
{
try
{
httpResponse
.
close
();
}
catch
(
IOException
e
)
{
e
.
printStackTrace
();
}
}
if
(
null
!=
httpClient
)
{
try
{
httpClient
.
close
();
}
catch
(
IOException
e
)
{
e
.
printStackTrace
();
}
}
}
}
}
maxkey-web-maxkey/src/main/java/org/maxkey/web/endpoint/LogoutEndpoint.java
浏览文件 @
49246f0f
...
...
@@ -17,13 +17,23 @@
package
org.maxkey.web.endpoint
;
import
java.util.Iterator
;
import
java.util.Set
;
import
java.util.Map.Entry
;
import
javax.servlet.http.HttpServletRequest
;
import
javax.servlet.http.HttpServletResponse
;
import
org.maxkey.authn.SigninPrincipal
;
import
org.maxkey.authn.online.OnlineTicket
;
import
org.maxkey.authn.online.OnlineTicketServices
;
import
org.maxkey.authn.realm.AbstractAuthenticationRealm
;
import
org.maxkey.authz.singlelogout.SamlSingleLogout
;
import
org.maxkey.authz.singlelogout.DefaultSingleLogout
;
import
org.maxkey.authz.singlelogout.LogoutType
;
import
org.maxkey.authz.singlelogout.SingleLogout
;
import
org.maxkey.configuration.ApplicationConfig
;
import
org.maxkey.constants.ConstantsProtocols
;
import
org.maxkey.domain.apps.Apps
;
import
org.maxkey.web.WebConstants
;
import
org.maxkey.web.WebContext
;
import
org.slf4j.Logger
;
...
...
@@ -95,7 +105,26 @@ public class LogoutEndpoint {
_logger
.
debug
(
"re Login URL : "
+
reLoginUrl
);
modelAndView
.
addObject
(
"reloginUrl"
,
reLoginUrl
);
onlineTicketServices
.
remove
(((
SigninPrincipal
)
WebContext
.
getAuthentication
().
getPrincipal
()).
getOnlineTicket
().
getTicketId
());
String
onlineTicketId
=
((
SigninPrincipal
)
WebContext
.
getAuthentication
().
getPrincipal
()).
getOnlineTicket
().
getTicketId
();
OnlineTicket
onlineTicket
=
onlineTicketServices
.
get
(
onlineTicketId
);
Set
<
Entry
<
String
,
Apps
>>
entrySet
=
onlineTicket
.
getAuthorizedApps
().
entrySet
();
Iterator
<
Entry
<
String
,
Apps
>>
iterator
=
entrySet
.
iterator
();
while
(
iterator
.
hasNext
())
{
Entry
<
String
,
Apps
>
mapEntry
=
iterator
.
next
();
_logger
.
debug
(
"App Id : "
+
mapEntry
.
getKey
()+
" , "
+
mapEntry
.
getValue
());
if
(
mapEntry
.
getValue
().
getLogoutType
()
==
LogoutType
.
BACK_CHANNEL
){
SingleLogout
singleLogout
;
if
(
mapEntry
.
getValue
().
getProtocol
().
equalsIgnoreCase
(
ConstantsProtocols
.
CAS
))
{
singleLogout
=
new
SamlSingleLogout
();
}
else
{
singleLogout
=
new
DefaultSingleLogout
();
}
singleLogout
.
sendRequest
(
onlineTicket
.
getAuthentication
(),
mapEntry
.
getValue
());
}
}
onlineTicketServices
.
remove
(
onlineTicketId
);
request
.
getSession
().
invalidate
();
SecurityContextHolder
.
clearContext
();
...
...
编辑
预览
Markdown
is supported
0%
请重试
或
添加新附件
.
添加附件
取消
You are about to add
0
people
to the discussion. Proceed with caution.
先完成此消息的编辑!
取消
想要评论请
注册
或
登录