Skip to content
体验新版
项目
组织
正在加载...
登录
切换导航
打开侧边栏
MaxKey单点登录官方(MaxKeyTop)
MaxKey
提交
4c86d686
MaxKey
项目概览
MaxKey单点登录官方(MaxKeyTop)
/
MaxKey
9 个月 前同步成功
通知
75
Star
3
Fork
1
代码
文件
提交
分支
Tags
贡献者
分支图
Diff
Issue
1
列表
看板
标记
里程碑
合并请求
0
DevOps
流水线
流水线任务
计划
Wiki
0
Wiki
分析
仓库
DevOps
项目成员
Pages
MaxKey
项目概览
项目概览
详情
发布
仓库
仓库
文件
提交
分支
标签
贡献者
分支图
比较
Issue
1
Issue
1
列表
看板
标记
里程碑
合并请求
0
合并请求
0
Pages
DevOps
DevOps
流水线
流水线任务
计划
分析
分析
仓库分析
DevOps
Wiki
0
Wiki
成员
成员
收起侧边栏
关闭侧边栏
动态
分支图
创建新Issue
流水线任务
提交
Issue看板
前往新版Gitcode,体验更适合开发者的 AI 搜索 >>
提交
4c86d686
编写于
9月 09, 2020
作者:
MaxKey单点登录官方
浏览文件
操作
浏览文件
下载
电子邮件补丁
差异文件
CAS REST FIX
上级
00edd242
变更
2
隐藏空白更改
内联
并排
Showing
2 changed file
with
290 addition
and
6 deletion
+290
-6
maxkey-protocols/maxkey-protocol-cas/src/main/java/org/maxkey/authz/cas/endpoint/CasRestV1Endpoint.java
...java/org/maxkey/authz/cas/endpoint/CasRestV1Endpoint.java
+118
-6
maxkey-protocols/maxkey-protocol-cas/src/test/java/org/maxkey/web/authorize/endpoint/Client.java
...c/test/java/org/maxkey/web/authorize/endpoint/Client.java
+172
-0
未找到文件。
maxkey-protocols/maxkey-protocol-cas/src/main/java/org/maxkey/authz/cas/endpoint/CasRestV1Endpoint.java
浏览文件 @
4c86d686
...
...
@@ -27,6 +27,7 @@ import javax.servlet.http.HttpServletResponse;
import
org.maxkey.authn.BasicAuthentication
;
import
org.maxkey.authn.realm.AbstractAuthenticationRealm
;
import
org.maxkey.authz.cas.endpoint.response.ServiceResponseBuilder
;
import
org.maxkey.authz.cas.endpoint.ticket.CasConstants
;
import
org.maxkey.authz.cas.endpoint.ticket.ServiceTicketImpl
;
import
org.maxkey.authz.cas.endpoint.ticket.TicketGrantingTicketImpl
;
...
...
@@ -57,7 +58,7 @@ import org.springframework.web.bind.annotation.RequestParam;
*/
@Controller
public
class
CasRestV1Endpoint
extends
CasBaseAuthorizeEndpoint
{
final
static
Logger
_logger
=
LoggerFactory
.
getLogger
(
CasRestV1Endpoint
.
class
);
final
static
Logger
_logger
=
LoggerFactory
.
getLogger
(
CasRestV1Endpoint
.
class
);
@Autowired
protected
PasswordPolicyValidator
passwordPolicyValidator
;
...
...
@@ -73,7 +74,6 @@ public class CasRestV1Endpoint extends CasBaseAuthorizeEndpoint{
public
ResponseEntity
<
String
>
casLoginRestTickets
(
HttpServletRequest
request
,
HttpServletResponse
response
,
@RequestParam
(
value
=
CasConstants
.
PARAMETER
.
SERVICE
,
required
=
false
)
String
casService
,
@RequestParam
(
value
=
CasConstants
.
PARAMETER
.
REST_USERNAME
,
required
=
true
)
String
username
,
@RequestParam
(
value
=
CasConstants
.
PARAMETER
.
REST_PASSWORD
,
required
=
true
)
String
password
){
...
...
@@ -133,10 +133,10 @@ public class CasRestV1Endpoint extends CasBaseAuthorizeEndpoint{
}
}
@RequestMapping
(
value
=
"/authz/cas/v1/tickets/{ticketGrantingTicket}"
,
@RequestMapping
(
value
=
"/authz/cas/v1/tickets/{ticketGrantingTicket}"
,
method
=
RequestMethod
.
POST
,
consumes
=
MediaType
.
APPLICATION_FORM_URLENCODED_VALUE
)
public
ResponseEntity
<
String
>
requestServiceTicket
(
public
ResponseEntity
<
String
>
requestServiceTicket
(
HttpServletRequest
request
,
HttpServletResponse
response
,
@PathVariable
(
"ticketGrantingTicket"
)
String
ticketGrantingTicket
,
...
...
@@ -168,6 +168,46 @@ public class CasRestV1Endpoint extends CasBaseAuthorizeEndpoint{
}
return
new
ResponseEntity
<>(
""
,
HttpStatus
.
BAD_REQUEST
);
}
@RequestMapping
(
value
=
"/authz/cas/v1/tickets/{ticketGrantingTicket}"
,
method
=
RequestMethod
.
GET
)
public
ResponseEntity
<
String
>
verifyTicketGrantingTicketStatus
(
@PathVariable
(
"ticketGrantingTicket"
)
String
ticketGrantingTicket
,
HttpServletRequest
request
,
HttpServletResponse
response
){
try
{
TicketGrantingTicketImpl
ticketGrantingTicketImpl
=
(
TicketGrantingTicketImpl
)
ticketServices
.
consumeTicket
(
ticketGrantingTicket
);
if
(
ticketGrantingTicketImpl
!=
null
)
{
return
new
ResponseEntity
<>(
""
,
HttpStatus
.
OK
);
}
}
catch
(
Exception
e
)
{
// TODO Auto-generated catch block
e
.
printStackTrace
();
}
return
new
ResponseEntity
<>(
""
,
HttpStatus
.
NOT_FOUND
);
}
@RequestMapping
(
value
=
"/authz/cas/v1/tickets/{ticketGrantingTicket}"
,
method
=
RequestMethod
.
DELETE
)
public
ResponseEntity
<
String
>
destroyTicketGrantingTicket
(
@PathVariable
(
"ticketGrantingTicket"
)
String
ticketGrantingTicket
,
HttpServletRequest
request
,
HttpServletResponse
response
){
try
{
TicketGrantingTicketImpl
ticketGrantingTicketImpl
=
(
TicketGrantingTicketImpl
)
ticketServices
.
consumeTicket
(
ticketGrantingTicket
);
if
(
ticketGrantingTicketImpl
!=
null
)
{
return
new
ResponseEntity
<>(
""
,
HttpStatus
.
OK
);
}
}
catch
(
Exception
e
)
{
// TODO Auto-generated catch block
e
.
printStackTrace
();
}
return
new
ResponseEntity
<>(
""
,
HttpStatus
.
NOT_FOUND
);
}
@RequestMapping
(
value
=
"/authz/cas/v1/users"
,
method
=
RequestMethod
.
POST
,
consumes
=
MediaType
.
APPLICATION_FORM_URLENCODED_VALUE
)
...
...
@@ -177,8 +217,80 @@ public class CasRestV1Endpoint extends CasBaseAuthorizeEndpoint{
@RequestParam
(
value
=
CasConstants
.
PARAMETER
.
SERVICE
,
required
=
false
)
String
casService
,
@RequestParam
(
value
=
CasConstants
.
PARAMETER
.
REST_USERNAME
,
required
=
true
)
String
username
,
@RequestParam
(
value
=
CasConstants
.
PARAMETER
.
REST_PASSWORD
,
required
=
true
)
String
password
){
return
null
;
try
{
if
(
password
==
null
||
password
.
isEmpty
())
{
throw
new
BadCredentialsException
(
"No credentials are provided or extracted to authenticate the REST request"
);
}
AbstractAuthenticationRealm
authenticationRealm
=
(
AbstractAuthenticationRealm
)
WebContext
.
getBean
(
"authenticationRealm"
);
UserInfo
loadeduserInfo
=
authenticationRealm
.
loadUserInfo
(
username
,
""
);
if
(
loadeduserInfo
!=
null
)
{
authenticationRealm
.
passwordMatches
(
loadeduserInfo
,
password
);
passwordPolicyValidator
.
passwordPolicyValid
(
loadeduserInfo
);
WebContext
.
setUserInfo
(
loadeduserInfo
);
BasicAuthentication
authentication
=
new
BasicAuthentication
();
authentication
.
setUsername
(
username
);
authentication
.
setPassword
(
password
);
authentication
.
setAuthType
(
"basic"
);
UsernamePasswordAuthenticationToken
usernamePasswordAuthenticationToken
=
new
UsernamePasswordAuthenticationToken
(
authentication
,
"PASSWORD"
,
authenticationRealm
.
grantAuthority
(
loadeduserInfo
)
);
authentication
.
setAuthenticated
(
true
);
WebContext
.
setAuthentication
(
usernamePasswordAuthenticationToken
);
WebContext
.
setUserInfo
(
loadeduserInfo
);
authenticationRealm
.
insertLoginHistory
(
loadeduserInfo
,
"CAS"
,
""
,
""
,
"SUCCESS"
);
TicketGrantingTicketImpl
ticketGrantingTicket
=
new
TicketGrantingTicketImpl
(
"Random"
,
WebContext
.
getAuthentication
(),
null
);
String
ticket
=
ticketServices
.
createTicket
(
ticketGrantingTicket
);
String
location
=
applicationConfig
.
getServerPrefix
()+
"/authz/cas/v1/tickets/"
+
ticket
;
HttpHeaders
headers
=
new
HttpHeaders
();
headers
.
add
(
"location"
,
location
);
ServiceResponseBuilder
serviceResponseBuilder
=
new
ServiceResponseBuilder
();
serviceResponseBuilder
.
setFormat
(
CasConstants
.
FORMAT_TYPE
.
JSON
);
//for user
serviceResponseBuilder
.
setAttribute
(
"uid"
,
loadeduserInfo
.
getId
());
serviceResponseBuilder
.
setAttribute
(
"displayName"
,
loadeduserInfo
.
getDisplayName
());
serviceResponseBuilder
.
setAttribute
(
"firstName"
,
loadeduserInfo
.
getGivenName
());
serviceResponseBuilder
.
setAttribute
(
"lastname"
,
loadeduserInfo
.
getFamilyName
());
serviceResponseBuilder
.
setAttribute
(
"mobile"
,
loadeduserInfo
.
getMobile
());
serviceResponseBuilder
.
setAttribute
(
"birthday"
,
loadeduserInfo
.
getBirthDate
());
serviceResponseBuilder
.
setAttribute
(
"gender"
,
loadeduserInfo
.
getGender
()+
""
);
//for work
serviceResponseBuilder
.
setAttribute
(
"employeeNumber"
,
loadeduserInfo
.
getEmployeeNumber
());
serviceResponseBuilder
.
setAttribute
(
"title"
,
loadeduserInfo
.
getJobTitle
());
serviceResponseBuilder
.
setAttribute
(
"email"
,
loadeduserInfo
.
getWorkEmail
());
serviceResponseBuilder
.
setAttribute
(
"department"
,
loadeduserInfo
.
getDepartment
());
serviceResponseBuilder
.
setAttribute
(
"departmentId"
,
loadeduserInfo
.
getDepartmentId
());
serviceResponseBuilder
.
setAttribute
(
"workRegion"
,
loadeduserInfo
.
getWorkRegion
());
serviceResponseBuilder
.
success
().
setUser
(
loadeduserInfo
.
getUsername
());
return
new
ResponseEntity
<>(
serviceResponseBuilder
.
serviceResponseBuilder
(),
headers
,
HttpStatus
.
OK
);
}
else
{
String
message
=
WebContext
.
getI18nValue
(
"login.error.username"
);
_logger
.
debug
(
"login user "
+
username
+
" not in this System ."
+
message
);
throw
new
BadCredentialsException
(
WebContext
.
getI18nValue
(
"login.error.username"
));
}
}
catch
(
final
AuthenticationException
e
)
{
_logger
.
error
(
"BadCredentialsException "
,
e
);
return
new
ResponseEntity
<>(
e
.
getMessage
(),
HttpStatus
.
BAD_REQUEST
);
}
catch
(
final
Exception
e
)
{
_logger
.
error
(
"Exception "
,
e
);
return
new
ResponseEntity
<>(
e
.
getMessage
(),
HttpStatus
.
INTERNAL_SERVER_ERROR
);
}
}
}
maxkey-protocols/maxkey-protocol-cas/src/test/java/org/maxkey/web/authorize/endpoint/Client.java
0 → 100644
浏览文件 @
4c86d686
package
org.maxkey.web.authorize.endpoint
;
import
java.io.IOException
;
import
java.net.URLEncoder
;
import
java.util.regex.Matcher
;
import
java.util.regex.Pattern
;
import
org.apache.commons.httpclient.HttpClient
;
import
org.apache.commons.httpclient.NameValuePair
;
import
org.apache.commons.httpclient.methods.GetMethod
;
import
org.apache.commons.httpclient.methods.PostMethod
;
public
class
Client
{
public
static
String
getTicket
(
final
String
server
,
final
String
username
,
final
String
password
,
final
String
service
)
{
notNull
(
server
,
"server must not be null"
);
notNull
(
username
,
"username must not be null"
);
notNull
(
password
,
"password must not be null"
);
notNull
(
service
,
"service must not be null"
);
return
getServiceTicket
(
server
,
getTicketGrantingTicket
(
server
,
username
,
password
),
service
);
}
/**
* 取得ST
* @param server
* @param ticketGrantingTicket
* @param service
*/
private
static
String
getServiceTicket
(
final
String
server
,
final
String
ticketGrantingTicket
,
final
String
service
)
{
if
(
ticketGrantingTicket
==
null
)
return
null
;
final
HttpClient
client
=
new
HttpClient
();
final
PostMethod
post
=
new
PostMethod
(
server
+
"/"
+
ticketGrantingTicket
);
post
.
setRequestBody
(
new
NameValuePair
[]
{
new
NameValuePair
(
"service"
,
service
)
});
try
{
client
.
executeMethod
(
post
);
final
String
response
=
post
.
getResponseBodyAsString
();
switch
(
post
.
getStatusCode
())
{
case
200
:
return
response
;
default
:
warning
(
"Invalid response code ("
+
post
.
getStatusCode
()
+
") from CAS server!"
);
info
(
"Response (1k): "
+
response
.
substring
(
0
,
Math
.
min
(
1024
,
response
.
length
())));
break
;
}
}
catch
(
final
IOException
e
)
{
warning
(
e
.
getMessage
());
}
finally
{
post
.
releaseConnection
();
}
return
null
;
}
/**
* @param server
* @param username
* @param password
*/
private
static
String
getTicketGrantingTicket
(
final
String
server
,
final
String
username
,
final
String
password
)
{
final
HttpClient
client
=
new
HttpClient
();
final
PostMethod
post
=
new
PostMethod
(
server
);
post
.
setRequestBody
(
new
NameValuePair
[]
{
new
NameValuePair
(
"username"
,
username
),
new
NameValuePair
(
"password"
,
password
)
});
try
{
client
.
executeMethod
(
post
);
final
String
response
=
post
.
getResponseBodyAsString
();
info
(
"TGT="
+
response
);
switch
(
post
.
getStatusCode
())
{
case
201
:
{
final
Matcher
matcher
=
Pattern
.
compile
(
".*action=\".*/(.*?)\".*"
).
matcher
(
response
);
if
(
matcher
.
matches
())
return
matcher
.
group
(
1
);
warning
(
"Successful ticket granting request, but no ticket found!"
);
info
(
"Response (1k): "
+
response
.
substring
(
0
,
Math
.
min
(
1024
,
response
.
length
())));
break
;
}
default
:
warning
(
"Invalid response code ("
+
post
.
getStatusCode
()
+
") from CAS server!"
);
info
(
"Response (1k): "
+
response
.
substring
(
0
,
Math
.
min
(
1024
,
response
.
length
())));
break
;
}
}
catch
(
final
IOException
e
)
{
warning
(
e
.
getMessage
());
}
finally
{
post
.
releaseConnection
();
}
return
null
;
}
private
static
void
ticketValidate
(
String
serverValidate
,
String
serviceTicket
,
String
service
)
{
notNull
(
serviceTicket
,
"paramter 'serviceTicket' is not null"
);
notNull
(
service
,
"paramter 'service' is not null"
);
final
HttpClient
client
=
new
HttpClient
();
GetMethod
post
=
null
;
try
{
post
=
new
GetMethod
(
serverValidate
+
"?"
+
"ticket="
+
serviceTicket
+
"&service="
+
URLEncoder
.
encode
(
service
,
"UTF-8"
));
client
.
executeMethod
(
post
);
final
String
response
=
post
.
getResponseBodyAsString
();
info
(
response
);
switch
(
post
.
getStatusCode
())
{
case
200
:
{
info
(
"成功取得用户数据"
);
}
default
:
{
}
}
}
catch
(
Exception
e
)
{
warning
(
e
.
getMessage
());
}
finally
{
//释放资源
post
.
releaseConnection
();
}
}
private
static
void
notNull
(
final
Object
object
,
final
String
message
)
{
if
(
object
==
null
)
throw
new
IllegalArgumentException
(
message
);
}
public
static
void
main
(
final
String
[]
args
)
throws
Exception
{
final
String
server
=
"https://sso.maxkey.top/maxkey/authz/cas/v1/tickets"
;
final
String
username
=
"admin"
;
final
String
password
=
"maxkey"
;
final
String
service
=
"http://cas.demo.maxkey.top:8080/demo-cas/"
;
final
String
proxyValidate
=
"https://sso.maxkey.top/maxkey/authz/cas/p3/serviceValidate"
;
ticketValidate
(
proxyValidate
,
getTicket
(
server
,
username
,
password
,
service
),
service
);
}
private
static
void
warning
(
String
msg
)
{
System
.
out
.
println
(
msg
);
}
private
static
void
info
(
String
msg
)
{
System
.
out
.
println
(
msg
);
}
}
编辑
预览
Markdown
is supported
0%
请重试
或
添加新附件
.
添加附件
取消
You are about to add
0
people
to the discussion. Proceed with caution.
先完成此消息的编辑!
取消
想要评论请
注册
或
登录