Authentication 优化
This commit is contained in:
Crystal.Sea
@@ -23,7 +23,7 @@ package org.maxkey.authz.cas.endpoint;
|
||||
import javax.servlet.http.HttpServletRequest;
|
||||
import javax.servlet.http.HttpServletResponse;
|
||||
|
||||
import org.maxkey.authn.BasicAuthentication;
|
||||
import org.maxkey.authn.SigninPrincipal;
|
||||
import org.maxkey.authz.cas.endpoint.response.Service10ResponseBuilder;
|
||||
import org.maxkey.authz.cas.endpoint.ticket.CasConstants;
|
||||
import org.maxkey.authz.cas.endpoint.ticket.Ticket;
|
||||
@@ -102,7 +102,7 @@ renew [OPTIONAL] - if this parameter is set, ticket validation will only succeed
|
||||
}
|
||||
|
||||
if(storedTicket!=null){
|
||||
String principal=((BasicAuthentication)storedTicket.getAuthentication().getPrincipal()).getUsername();
|
||||
String principal=((SigninPrincipal)storedTicket.getAuthentication().getPrincipal()).getUsername();
|
||||
_logger.debug("principal "+principal);
|
||||
return new Service10ResponseBuilder().success()
|
||||
.setUser(principal)
|
||||
|
||||
@@ -23,7 +23,7 @@ package org.maxkey.authz.cas.endpoint;
|
||||
import javax.servlet.http.HttpServletRequest;
|
||||
import javax.servlet.http.HttpServletResponse;
|
||||
|
||||
import org.maxkey.authn.BasicAuthentication;
|
||||
import org.maxkey.authn.SigninPrincipal;
|
||||
import org.maxkey.authz.cas.endpoint.response.ProxyServiceResponseBuilder;
|
||||
import org.maxkey.authz.cas.endpoint.response.ServiceResponseBuilder;
|
||||
import org.maxkey.authz.cas.endpoint.ticket.CasConstants;
|
||||
@@ -193,7 +193,7 @@ For all error codes, it is RECOMMENDED that CAS provide a more detailed message
|
||||
ServiceResponseBuilder serviceResponseBuilder=new ServiceResponseBuilder();
|
||||
|
||||
if(storedTicket!=null){
|
||||
BasicAuthentication authentication = ((BasicAuthentication)storedTicket.getAuthentication().getPrincipal());
|
||||
SigninPrincipal authentication = ((SigninPrincipal)storedTicket.getAuthentication().getPrincipal());
|
||||
String principal=authentication.getUsername();
|
||||
_logger.debug("principal "+principal);
|
||||
serviceResponseBuilder.success().setUser(principal);
|
||||
@@ -201,8 +201,7 @@ For all error codes, it is RECOMMENDED that CAS provide a more detailed message
|
||||
if(Boolean.isTrue(storedTicket.getCasDetails().getIsAdapter())){
|
||||
AbstractAuthorizeAdapter adapter =(AbstractAuthorizeAdapter)Instance.newInstance(storedTicket.getCasDetails().getAdapter());
|
||||
UserInfo userInfo = (UserInfo) userInfoService.loadByUsername(principal);
|
||||
userInfo.setOnlineTicket(authentication.getOnlineTicket());
|
||||
adapter.generateInfo(userInfo, serviceResponseBuilder);
|
||||
adapter.generateInfo(authentication,userInfo, serviceResponseBuilder);
|
||||
}
|
||||
}else{
|
||||
serviceResponseBuilder.failure()
|
||||
|
||||
@@ -23,7 +23,7 @@ package org.maxkey.authz.cas.endpoint;
|
||||
import javax.servlet.http.HttpServletRequest;
|
||||
import javax.servlet.http.HttpServletResponse;
|
||||
|
||||
import org.maxkey.authn.BasicAuthentication;
|
||||
import org.maxkey.authn.SigninPrincipal;
|
||||
import org.maxkey.authz.cas.endpoint.response.ServiceResponseBuilder;
|
||||
import org.maxkey.authz.cas.endpoint.ticket.CasConstants;
|
||||
import org.maxkey.authz.cas.endpoint.ticket.Ticket;
|
||||
@@ -76,15 +76,14 @@ public class Cas30AuthorizeEndpoint extends CasBaseAuthorizeEndpoint{
|
||||
ServiceResponseBuilder serviceResponseBuilder=new ServiceResponseBuilder();
|
||||
|
||||
if(storedTicket!=null){
|
||||
BasicAuthentication authentication = ((BasicAuthentication)storedTicket.getAuthentication().getPrincipal());
|
||||
SigninPrincipal authentication = ((SigninPrincipal)storedTicket.getAuthentication().getPrincipal());
|
||||
String principal=authentication.getUsername();
|
||||
serviceResponseBuilder.success().setUser(principal);
|
||||
|
||||
if(Boolean.isTrue(storedTicket.getCasDetails().getIsAdapter())){
|
||||
AbstractAuthorizeAdapter adapter =(AbstractAuthorizeAdapter)Instance.newInstance(storedTicket.getCasDetails().getAdapter());
|
||||
UserInfo userInfo = (UserInfo) userInfoService.loadByUsername(principal);
|
||||
userInfo.setOnlineTicket(authentication.getOnlineTicket());
|
||||
adapter.generateInfo(userInfo, serviceResponseBuilder);
|
||||
adapter.generateInfo(authentication,userInfo, serviceResponseBuilder);
|
||||
}
|
||||
}else{
|
||||
serviceResponseBuilder.failure()
|
||||
@@ -123,13 +122,14 @@ public class Cas30AuthorizeEndpoint extends CasBaseAuthorizeEndpoint{
|
||||
ServiceResponseBuilder serviceResponseBuilder=new ServiceResponseBuilder();
|
||||
|
||||
if(storedTicket!=null){
|
||||
String principal=((BasicAuthentication)storedTicket.getAuthentication().getPrincipal()).getUsername();
|
||||
SigninPrincipal authentication = ((SigninPrincipal)storedTicket.getAuthentication().getPrincipal());
|
||||
String principal=authentication.getUsername();
|
||||
serviceResponseBuilder.success().setUser(principal);
|
||||
|
||||
if(Boolean.isTrue(storedTicket.getCasDetails().getIsAdapter())){
|
||||
AbstractAuthorizeAdapter adapter =(AbstractAuthorizeAdapter)Instance.newInstance(storedTicket.getCasDetails().getAdapter());
|
||||
UserInfo userInfo = (UserInfo) userInfoService.loadByUsername(principal);
|
||||
adapter.generateInfo(userInfo, serviceResponseBuilder);
|
||||
adapter.generateInfo(authentication,userInfo, serviceResponseBuilder);
|
||||
}
|
||||
}else{
|
||||
serviceResponseBuilder.failure()
|
||||
|
||||
@@ -20,12 +20,13 @@
|
||||
*/
|
||||
package org.maxkey.authz.cas.endpoint;
|
||||
|
||||
import java.security.Principal;
|
||||
import java.util.Map;
|
||||
|
||||
import javax.servlet.http.HttpServletRequest;
|
||||
import javax.servlet.http.HttpServletResponse;
|
||||
|
||||
import org.maxkey.authn.BasicAuthentication;
|
||||
import org.maxkey.authn.SigninPrincipal;
|
||||
import org.maxkey.authn.online.OnlineTicket;
|
||||
import org.maxkey.authz.cas.endpoint.ticket.CasConstants;
|
||||
import org.maxkey.authz.cas.endpoint.ticket.ServiceTicketImpl;
|
||||
@@ -36,6 +37,9 @@ import org.maxkey.web.WebConstants;
|
||||
import org.maxkey.web.WebContext;
|
||||
import org.slf4j.Logger;
|
||||
import org.slf4j.LoggerFactory;
|
||||
import org.springframework.security.core.Authentication;
|
||||
import org.springframework.security.core.annotation.AuthenticationPrincipal;
|
||||
import org.springframework.security.core.context.SecurityContextHolder;
|
||||
import org.springframework.stereotype.Controller;
|
||||
import org.springframework.web.bind.annotation.PathVariable;
|
||||
import org.springframework.web.bind.annotation.RequestMapping;
|
||||
@@ -92,10 +96,12 @@ public class CasAuthorizeEndpoint extends CasBaseAuthorizeEndpoint{
|
||||
}
|
||||
|
||||
@RequestMapping("/authz/cas/granting")
|
||||
public ModelAndView grantingTicket(
|
||||
public ModelAndView grantingTicket(Principal principal,
|
||||
@AuthenticationPrincipal Object user,
|
||||
HttpServletRequest request,
|
||||
HttpServletResponse response){
|
||||
|
||||
Authentication authentication = SecurityContextHolder.getContext().getAuthentication();
|
||||
AppsCasDetails casDetails=(AppsCasDetails)WebContext.getAttribute(CasConstants.PARAMETER.ENDPOINT_CAS_DETAILS);
|
||||
ServiceTicketImpl serviceTicket=new ServiceTicketImpl(WebContext.getAuthentication(),casDetails);
|
||||
|
||||
@@ -129,8 +135,10 @@ public class CasAuthorizeEndpoint extends CasBaseAuthorizeEndpoint{
|
||||
}
|
||||
|
||||
if(casDetails.getLogoutType()==LogoutType.BACK_CHANNEL) {
|
||||
String onlineTicketId = ((BasicAuthentication)WebContext.getAuthentication().getPrincipal()).getOnlineTicket().getTicketId();
|
||||
String onlineTicketId = ((SigninPrincipal)WebContext.getAuthentication().getPrincipal()).getOnlineTicket();
|
||||
OnlineTicket onlineTicket = onlineTicketServices.get(onlineTicketId);
|
||||
//set cas ticket as OnlineTicketId
|
||||
casDetails.setOnlineTicket(ticket);
|
||||
onlineTicket.setAuthorizedApp(casDetails);
|
||||
onlineTicketServices.store(onlineTicketId, onlineTicket);
|
||||
}
|
||||
|
||||
@@ -24,7 +24,7 @@ import javax.servlet.http.HttpServletRequest;
|
||||
import javax.servlet.http.HttpServletResponse;
|
||||
|
||||
import org.maxkey.authn.AbstractAuthenticationProvider;
|
||||
import org.maxkey.authn.BasicAuthentication;
|
||||
import org.maxkey.authn.LoginCredential;
|
||||
import org.maxkey.authz.cas.endpoint.response.ServiceResponseBuilder;
|
||||
import org.maxkey.authz.cas.endpoint.ticket.CasConstants;
|
||||
import org.maxkey.authz.cas.endpoint.ticket.ServiceTicketImpl;
|
||||
@@ -75,9 +75,9 @@ public class CasRestV1Endpoint extends CasBaseAuthorizeEndpoint{
|
||||
throw new BadCredentialsException("No credentials are provided or extracted to authenticate the REST request");
|
||||
}
|
||||
|
||||
BasicAuthentication authentication =new BasicAuthentication(username,password,"CASREST");
|
||||
LoginCredential loginCredential =new LoginCredential(username,password,"CASREST");
|
||||
|
||||
authenticationProvider.basicAuthenticate(authentication);
|
||||
authenticationProvider.basicAuthenticate(loginCredential);
|
||||
|
||||
TicketGrantingTicketImpl ticketGrantingTicket=new TicketGrantingTicketImpl("Random",WebContext.getAuthentication(),null);
|
||||
|
||||
@@ -178,9 +178,9 @@ public class CasRestV1Endpoint extends CasBaseAuthorizeEndpoint{
|
||||
throw new BadCredentialsException("No credentials are provided or extracted to authenticate the REST request");
|
||||
}
|
||||
|
||||
BasicAuthentication authentication =new BasicAuthentication(username,password,"CASREST");
|
||||
LoginCredential loginCredential =new LoginCredential(username,password,"CASREST");
|
||||
|
||||
authenticationProvider.basicAuthenticate(authentication);
|
||||
authenticationProvider.basicAuthenticate(loginCredential);
|
||||
UserInfo userInfo =WebContext.getUserInfo();
|
||||
TicketGrantingTicketImpl ticketGrantingTicket=new TicketGrantingTicketImpl("Random",WebContext.getAuthentication(),null);
|
||||
|
||||
|
||||
@@ -20,6 +20,7 @@ package org.maxkey.authz.cas.endpoint.adapter;
|
||||
import java.io.UnsupportedEncodingException;
|
||||
|
||||
import org.apache.commons.codec.binary.Base64;
|
||||
import org.maxkey.authn.SigninPrincipal;
|
||||
import org.maxkey.authz.cas.endpoint.response.ServiceResponseBuilder;
|
||||
import org.maxkey.authz.endpoint.adapter.AbstractAuthorizeAdapter;
|
||||
import org.maxkey.domain.UserInfo;
|
||||
@@ -47,7 +48,7 @@ public class CasDefaultAdapter extends AbstractAuthorizeAdapter {
|
||||
}
|
||||
|
||||
@Override
|
||||
public String generateInfo(UserInfo userInfo, Object serviceResponseObject) {
|
||||
public String generateInfo(SigninPrincipal authentication,UserInfo userInfo, Object serviceResponseObject) {
|
||||
ServiceResponseBuilder serviceResponseBuilder=(ServiceResponseBuilder)serviceResponseObject;
|
||||
//for user
|
||||
serviceResponseBuilder.setAttribute("uid", userInfo.getId());
|
||||
@@ -66,7 +67,7 @@ public class CasDefaultAdapter extends AbstractAuthorizeAdapter {
|
||||
serviceResponseBuilder.setAttribute("departmentId", userInfo.getDepartmentId());
|
||||
serviceResponseBuilder.setAttribute("workRegion",base64Attr(userInfo.getWorkRegion()));
|
||||
|
||||
serviceResponseBuilder.setAttribute(WebConstants.ONLINE_TICKET_NAME,userInfo.getOnlineTicket().getTicketId());
|
||||
serviceResponseBuilder.setAttribute(WebConstants.ONLINE_TICKET_NAME,authentication.getOnlineTicket());
|
||||
|
||||
return null;
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user