Skip to content
GitLab
Menu
Projects
Groups
Snippets
Loading...
Help
Help
Support
Community forum
Keyboard shortcuts
?
Submit feedback
Sign in
Toggle navigation
Menu
Open sidebar
GRANDGERARD Gilles
keycloak-protocol-cas
Commits
7124d21d
Commit
7124d21d
authored
Jan 29, 2017
by
Matthias Piepkorn
Browse files
Fix handling of 'renew' parameter
parent
8a551802
Changes
3
Hide whitespace changes
Inline
Side-by-side
src/main/java/org/keycloak/protocol/cas/CASLoginProtocol.java
View file @
7124d21d
...
...
@@ -31,15 +31,13 @@ public class CASLoginProtocol implements LoginProtocol {
protected
UriInfo
uriInfo
;
protected
HttpHeaders
headers
;
protected
EventBuilder
event
;
private
boolean
requireReauth
;
public
CASLoginProtocol
(
KeycloakSession
session
,
RealmModel
realm
,
UriInfo
uriInfo
,
HttpHeaders
headers
,
EventBuilder
event
,
boolean
requireReauth
)
{
public
CASLoginProtocol
(
KeycloakSession
session
,
RealmModel
realm
,
UriInfo
uriInfo
,
HttpHeaders
headers
,
EventBuilder
event
)
{
this
.
session
=
session
;
this
.
realm
=
realm
;
this
.
uriInfo
=
uriInfo
;
this
.
headers
=
headers
;
this
.
event
=
event
;
this
.
requireReauth
=
requireReauth
;
}
public
CASLoginProtocol
()
{
...
...
@@ -117,7 +115,7 @@ public class CASLoginProtocol implements LoginProtocol {
@Override
public
boolean
requireReauthentication
(
UserSessionModel
userSession
,
ClientSessionModel
clientSession
)
{
return
requireReauth
;
return
"true"
.
equals
(
clientSession
.
getNote
(
CASLoginProtocol
.
RENEW_PARAM
))
;
}
@Override
...
...
src/main/java/org/keycloak/protocol/cas/endpoints/AuthorizationEndpoint.java
View file @
7124d21d
...
...
@@ -35,8 +35,8 @@ public class AuthorizationEndpoint extends AuthorizationEndpointBase {
public
Response
build
()
{
MultivaluedMap
<
String
,
String
>
params
=
uriInfo
.
getQueryParameters
();
String
service
=
params
.
getFirst
(
CASLoginProtocol
.
SERVICE_PARAM
);
boolean
renew
=
"true"
.
equalsIgnoreCase
(
params
.
getFirst
(
CASLoginProtocol
.
RENEW_PARAM
)
)
;
boolean
gateway
=
"true"
.
equalsIgnoreCase
(
params
.
getFirst
(
CASLoginProtocol
.
GATEWAY_PARAM
)
)
;
boolean
renew
=
params
.
containsKey
(
CASLoginProtocol
.
RENEW_PARAM
);
boolean
gateway
=
params
.
containsKey
(
CASLoginProtocol
.
GATEWAY_PARAM
);
checkSsl
();
checkRealm
();
...
...
@@ -46,8 +46,12 @@ public class AuthorizationEndpoint extends AuthorizationEndpointBase {
// So back button doesn't work
CacheControlUtil
.
noBackButtonCacheControlHeader
();
if
(
renew
)
{
clientSession
.
setNote
(
CASLoginProtocol
.
RENEW_PARAM
,
"true"
);
}
this
.
event
.
event
(
EventType
.
LOGIN
);
return
handleBrowserAuthenticationRequest
(
clientSession
,
new
CASLoginProtocol
(
session
,
realm
,
uriInfo
,
headers
,
event
,
renew
),
gateway
,
false
);
return
handleBrowserAuthenticationRequest
(
clientSession
,
new
CASLoginProtocol
(
session
,
realm
,
uriInfo
,
headers
,
event
),
gateway
,
false
);
}
private
void
checkSsl
()
{
...
...
src/main/java/org/keycloak/protocol/cas/endpoints/ValidateEndpoint.java
View file @
7124d21d
...
...
@@ -56,7 +56,7 @@ public class ValidateEndpoint {
MultivaluedMap
<
String
,
String
>
params
=
uriInfo
.
getQueryParameters
();
String
service
=
params
.
getFirst
(
CASLoginProtocol
.
SERVICE_PARAM
);
String
ticket
=
params
.
getFirst
(
CASLoginProtocol
.
TICKET_PARAM
);
boolean
renew
=
"true"
.
equalsIgnoreCase
(
params
.
getFirst
(
CASLoginProtocol
.
RENEW_PARAM
)
)
;
boolean
renew
=
params
.
containsKey
(
CASLoginProtocol
.
RENEW_PARAM
);
event
.
event
(
EventType
.
CODE_TO_TOKEN
);
...
...
@@ -154,6 +154,11 @@ public class ValidateEndpoint {
parseResult
.
getCode
().
setAction
(
null
);
if
(
requireReauth
&&
AuthenticationManager
.
isSSOAuthentication
(
clientSession
))
{
event
.
error
(
Errors
.
SESSION_EXPIRED
);
throw
new
CASValidationException
(
CASErrorCode
.
INVALID_TICKET
,
"Interactive authentication was requested but not performed"
,
Response
.
Status
.
BAD_REQUEST
);
}
UserSessionModel
userSession
=
clientSession
.
getUserSession
();
if
(
userSession
==
null
)
{
...
...
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
.
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment