diff --git a/maxkey-core/src/main/java/org/maxkey/web/InitializeContext.java b/maxkey-core/src/main/java/org/maxkey/web/InitializeContext.java index ad52ca460..2dba5337d 100644 --- a/maxkey-core/src/main/java/org/maxkey/web/InitializeContext.java +++ b/maxkey-core/src/main/java/org/maxkey/web/InitializeContext.java @@ -223,7 +223,7 @@ public class InitializeContext extends HttpServlet { _logger.info("+ Version " + WebContext.properties.getProperty("application.formatted-version")); _logger.info("+"); - _logger.info("+ "+ Character.toString(0xA9) + "Copyright 2018-2021 https://www.maxkey.top/"); + _logger.info("+ "+ ((char)0xA9) + "Copyright 2018-2021 https://www.maxkey.top/"); _logger.info("+ Licensed under the Apache License, Version 2.0 "); _logger.info("-----------------------------------------------------------"); } diff --git a/maxkey-protocols/maxkey-protocol-authorize/src/main/java/org/maxkey/authz/singlelogout/SingleLogout.java b/maxkey-protocols/maxkey-protocol-authorize/src/main/java/org/maxkey/authz/singlelogout/SingleLogout.java index 91ef62929..7f02677c1 100644 --- a/maxkey-protocols/maxkey-protocol-authorize/src/main/java/org/maxkey/authz/singlelogout/SingleLogout.java +++ b/maxkey-protocols/maxkey-protocol-authorize/src/main/java/org/maxkey/authz/singlelogout/SingleLogout.java @@ -80,13 +80,14 @@ public abstract class SingleLogout { } catch (UnsupportedEncodingException e) { e.printStackTrace(); } + _logger.debug("Post Message \n" + + httpPost.getEntity().toString() + ); } try { - _logger.debug("Post URL " + url + " , Post Message \n" + - httpPost.getEntity().toString() - ); + _logger.debug("Post URL " + url ); // httpClient对象执行post请求,并返回响应参数对象 httpResponse = httpClient.execute(httpPost); // 从响应对象中获取响应内容 diff --git a/maxkey-protocols/maxkey-protocol-cas/src/main/java/org/maxkey/authz/cas/endpoint/Cas20AuthorizeEndpoint.java b/maxkey-protocols/maxkey-protocol-cas/src/main/java/org/maxkey/authz/cas/endpoint/Cas20AuthorizeEndpoint.java index ec0fc6d19..b89015207 100644 --- a/maxkey-protocols/maxkey-protocol-cas/src/main/java/org/maxkey/authz/cas/endpoint/Cas20AuthorizeEndpoint.java +++ b/maxkey-protocols/maxkey-protocol-cas/src/main/java/org/maxkey/authz/cas/endpoint/Cas20AuthorizeEndpoint.java @@ -22,11 +22,13 @@ package org.maxkey.authz.cas.endpoint; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; - import org.maxkey.authn.SigninPrincipal; import org.maxkey.authz.cas.endpoint.response.ProxyServiceResponseBuilder; import org.maxkey.authz.cas.endpoint.response.ServiceResponseBuilder; import org.maxkey.authz.cas.endpoint.ticket.CasConstants; +import org.maxkey.authz.cas.endpoint.ticket.ProxyGrantingTicketIOUImpl; +import org.maxkey.authz.cas.endpoint.ticket.ProxyGrantingTicketImpl; +import org.maxkey.authz.cas.endpoint.ticket.ProxyTicketImpl; import org.maxkey.authz.cas.endpoint.ticket.Ticket; import org.maxkey.authz.endpoint.adapter.AbstractAuthorizeAdapter; import org.maxkey.constants.Boolean; @@ -38,7 +40,6 @@ import org.springframework.stereotype.Controller; import org.springframework.web.bind.annotation.RequestMapping; import org.springframework.web.bind.annotation.RequestParam; import org.springframework.web.bind.annotation.ResponseBody; - import io.swagger.annotations.Api; import io.swagger.annotations.ApiOperation; @@ -189,11 +190,13 @@ For all error codes, it is RECOMMENDED that CAS provide a more detailed message setContentType(request,response,format); Ticket storedTicket=null; - try { - storedTicket = ticketServices.consumeTicket(ticket); - } catch (Exception e) { - // TODO Auto-generated catch block - e.printStackTrace(); + if(ticket.startsWith(CasConstants.PREFIX.SERVICE_TICKET_PREFIX)) { + try { + storedTicket = ticketServices.consumeTicket(ticket); + } catch (Exception e) { + // TODO Auto-generated catch block + e.printStackTrace(); + } } ServiceResponseBuilder serviceResponseBuilder=new ServiceResponseBuilder(); @@ -202,6 +205,18 @@ For all error codes, it is RECOMMENDED that CAS provide a more detailed message String principal=authentication.getUsername(); _logger.debug("principal "+principal); serviceResponseBuilder.success().setUser(principal); + if(pgtUrl != null && !pgtUrl.equalsIgnoreCase("")) { + ProxyGrantingTicketIOUImpl proxyGrantingTicketIOUImpl =new ProxyGrantingTicketIOUImpl(); + String proxyGrantingTicketIOU=casProxyGrantingTicketServices.createTicket(proxyGrantingTicketIOUImpl); + + ProxyGrantingTicketImpl proxyGrantingTicketImpl=new ProxyGrantingTicketImpl(storedTicket.getAuthentication(),storedTicket.getCasDetails()); + String proxyGrantingTicket=casProxyGrantingTicketServices.createTicket(proxyGrantingTicketImpl); + + serviceResponseBuilder.success().setTicket(proxyGrantingTicketIOU); + serviceResponseBuilder.success().setProxy(pgtUrl); + + postMessage(pgtUrl+"?pgtId="+proxyGrantingTicket+"&pgtIou="+proxyGrantingTicketIOU,null); + } if(Boolean.isTrue(storedTicket.getCasDetails().getIsAdapter())){ AbstractAuthorizeAdapter adapter =(AbstractAuthorizeAdapter)Instance.newInstance(storedTicket.getCasDetails().getAdapter()); @@ -299,16 +314,26 @@ Response on ticket validation failure: setContentType(request,response,format); Ticket storedTicket=null; - try { - storedTicket = ticketServices.consumeTicket(ticket); - } catch (Exception e) { - e.printStackTrace(); + if(ticket.startsWith(CasConstants.PREFIX.PROXY_TICKET_PREFIX)) { + try { + storedTicket = ticketServices.consumeTicket(ticket); + } catch (Exception e) { + e.printStackTrace(); + } } ServiceResponseBuilder serviceResponseBuilder=new ServiceResponseBuilder(); if(storedTicket!=null){ - serviceResponseBuilder.success() - .setUser(storedTicket.getAuthentication().getPrincipal().toString()); + SigninPrincipal authentication = ((SigninPrincipal)storedTicket.getAuthentication().getPrincipal()); + String principal=authentication.getUsername(); + _logger.debug("principal "+principal); + serviceResponseBuilder.success().setUser(principal); + + if(Boolean.isTrue(storedTicket.getCasDetails().getIsAdapter())){ + AbstractAuthorizeAdapter adapter =(AbstractAuthorizeAdapter)Instance.newInstance(storedTicket.getCasDetails().getAdapter()); + UserInfo userInfo = (UserInfo) userInfoService.loadByUsername(principal); + adapter.generateInfo(authentication,userInfo, serviceResponseBuilder); + } }else{ serviceResponseBuilder.failure() .setCode(CasConstants.ERROR_CODE.INVALID_TICKET) @@ -385,7 +410,13 @@ For all error codes, it is RECOMMENDED that CAS provide a more detailed message +" , format " + format ); setContentType(request,response,format); - + ProxyGrantingTicketImpl proxyGrantingTicketImpl = (ProxyGrantingTicketImpl)casProxyGrantingTicketServices.get(pgt); + if(proxyGrantingTicketImpl != null) { + ProxyTicketImpl ProxyTicketImpl = new ProxyTicketImpl(proxyGrantingTicketImpl.getAuthentication(),proxyGrantingTicketImpl.getCasDetails()); + String proxyTicket =ticketServices.createTicket(ProxyTicketImpl); + ProxyServiceResponseBuilder proxyServiceResponseBuilder=new ProxyServiceResponseBuilder(); + return proxyServiceResponseBuilder.success().setTicket(proxyTicket).setFormat(format).serviceResponseBuilder(); + } ProxyServiceResponseBuilder proxyServiceResponseBuilder=new ProxyServiceResponseBuilder(); return proxyServiceResponseBuilder.success().setTicket("").setFormat(format).serviceResponseBuilder(); } diff --git a/maxkey-protocols/maxkey-protocol-cas/src/main/java/org/maxkey/authz/cas/endpoint/Cas30AuthorizeEndpoint.java b/maxkey-protocols/maxkey-protocol-cas/src/main/java/org/maxkey/authz/cas/endpoint/Cas30AuthorizeEndpoint.java index 6c9f6fffc..8e7fec65a 100644 --- a/maxkey-protocols/maxkey-protocol-cas/src/main/java/org/maxkey/authz/cas/endpoint/Cas30AuthorizeEndpoint.java +++ b/maxkey-protocols/maxkey-protocol-cas/src/main/java/org/maxkey/authz/cas/endpoint/Cas30AuthorizeEndpoint.java @@ -24,8 +24,12 @@ import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; import org.maxkey.authn.SigninPrincipal; +import org.maxkey.authz.cas.endpoint.response.ProxyServiceResponseBuilder; import org.maxkey.authz.cas.endpoint.response.ServiceResponseBuilder; import org.maxkey.authz.cas.endpoint.ticket.CasConstants; +import org.maxkey.authz.cas.endpoint.ticket.ProxyGrantingTicketIOUImpl; +import org.maxkey.authz.cas.endpoint.ticket.ProxyGrantingTicketImpl; +import org.maxkey.authz.cas.endpoint.ticket.ProxyTicketImpl; import org.maxkey.authz.cas.endpoint.ticket.Ticket; import org.maxkey.authz.endpoint.adapter.AbstractAuthorizeAdapter; import org.maxkey.constants.Boolean; @@ -51,7 +55,7 @@ public class Cas30AuthorizeEndpoint extends CasBaseAuthorizeEndpoint{ final static Logger _logger = LoggerFactory.getLogger(Cas30AuthorizeEndpoint.class); - @ApiOperation(value = "CAS 2.0 ticket验证接口", notes = "通过ticket获取当前登录用户信息",httpMethod="POST") + @ApiOperation(value = "CAS 3.0 ticket验证接口", notes = "通过ticket获取当前登录用户信息",httpMethod="POST") @RequestMapping("/authz/cas/p3/serviceValidate") @ResponseBody public String serviceValidate( @@ -70,20 +74,36 @@ public class Cas30AuthorizeEndpoint extends CasBaseAuthorizeEndpoint{ +" , format " + format ); - setContentType(request,response,format); +setContentType(request,response,format); Ticket storedTicket=null; - try { - storedTicket = ticketServices.consumeTicket(ticket); - } catch (Exception e) { - e.printStackTrace(); + if(ticket.startsWith(CasConstants.PREFIX.SERVICE_TICKET_PREFIX)) { + try { + storedTicket = ticketServices.consumeTicket(ticket); + } catch (Exception e) { + // TODO Auto-generated catch block + e.printStackTrace(); + } } ServiceResponseBuilder serviceResponseBuilder=new ServiceResponseBuilder(); if(storedTicket!=null){ SigninPrincipal authentication = ((SigninPrincipal)storedTicket.getAuthentication().getPrincipal()); String principal=authentication.getUsername(); + _logger.debug("principal "+principal); serviceResponseBuilder.success().setUser(principal); + if(pgtUrl != null && !pgtUrl.equalsIgnoreCase("")) { + ProxyGrantingTicketIOUImpl proxyGrantingTicketIOUImpl =new ProxyGrantingTicketIOUImpl(); + String proxyGrantingTicketIOU=casProxyGrantingTicketServices.createTicket(proxyGrantingTicketIOUImpl); + + ProxyGrantingTicketImpl proxyGrantingTicketImpl=new ProxyGrantingTicketImpl(storedTicket.getAuthentication(),storedTicket.getCasDetails()); + String proxyGrantingTicket=casProxyGrantingTicketServices.createTicket(proxyGrantingTicketImpl); + + serviceResponseBuilder.success().setTicket(proxyGrantingTicketIOU); + serviceResponseBuilder.success().setProxy(pgtUrl); + + postMessage(pgtUrl+"?pgtId="+proxyGrantingTicket+"&pgtIou="+proxyGrantingTicketIOU,null); + } if(Boolean.isTrue(storedTicket.getCasDetails().getIsAdapter())){ AbstractAuthorizeAdapter adapter =(AbstractAuthorizeAdapter)Instance.newInstance(storedTicket.getCasDetails().getAdapter()); @@ -99,7 +119,33 @@ public class Cas30AuthorizeEndpoint extends CasBaseAuthorizeEndpoint{ return serviceResponseBuilder.serviceResponseBuilder(); } - @ApiOperation(value = "CAS 3.0 ticket代理验证接口", notes = "通过ticket获取当前登录用户信息",httpMethod="POST") + @ApiOperation(value = "CAS 3.0 ProxyTicket代理验证接口", notes = "通过ProxyGrantingTicket获取ProxyTicket",httpMethod="POST") + @RequestMapping("/authz/cas/p3/proxy") + @ResponseBody + public String proxy( + HttpServletRequest request, + HttpServletResponse response, + @RequestParam(value = CasConstants.PARAMETER.PROXY_GRANTING_TICKET) String pgt, + @RequestParam(value = CasConstants.PARAMETER.TARGET_SERVICE) String targetService, + @RequestParam(value = CasConstants.PARAMETER.FORMAT,required=false,defaultValue=CasConstants.FORMAT_TYPE.XML) String format){ + _logger.debug("proxy " + + " pgt " + pgt + +" , targetService " + targetService + +" , format " + format + ); + setContentType(request,response,format); + ProxyGrantingTicketImpl proxyGrantingTicketImpl = (ProxyGrantingTicketImpl)casProxyGrantingTicketServices.get(pgt); + if(proxyGrantingTicketImpl != null) { + ProxyTicketImpl ProxyTicketImpl = new ProxyTicketImpl(proxyGrantingTicketImpl.getAuthentication(),proxyGrantingTicketImpl.getCasDetails()); + String proxyTicket =ticketServices.createTicket(ProxyTicketImpl); + ProxyServiceResponseBuilder proxyServiceResponseBuilder=new ProxyServiceResponseBuilder(); + return proxyServiceResponseBuilder.success().setTicket(proxyTicket).setFormat(format).serviceResponseBuilder(); + } + ProxyServiceResponseBuilder proxyServiceResponseBuilder=new ProxyServiceResponseBuilder(); + return proxyServiceResponseBuilder.success().setTicket("").setFormat(format).serviceResponseBuilder(); + } + + @ApiOperation(value = "CAS 3.0 ticket代理验证接口", notes = "通过ProxyTicket获取当前登录用户信息",httpMethod="POST") @RequestMapping("/authz/cas/p3/proxyValidate") @ResponseBody public String proxy( @@ -118,18 +164,21 @@ public class Cas30AuthorizeEndpoint extends CasBaseAuthorizeEndpoint{ +" , format " + format ); setContentType(request,response,format); - + Ticket storedTicket=null; - try { - storedTicket = ticketServices.consumeTicket(ticket); - } catch (Exception e) { - e.printStackTrace(); + if(ticket.startsWith(CasConstants.PREFIX.PROXY_TICKET_PREFIX)) { + try { + storedTicket = ticketServices.consumeTicket(ticket); + } catch (Exception e) { + e.printStackTrace(); + } } ServiceResponseBuilder serviceResponseBuilder=new ServiceResponseBuilder(); if(storedTicket!=null){ SigninPrincipal authentication = ((SigninPrincipal)storedTicket.getAuthentication().getPrincipal()); String principal=authentication.getUsername(); + _logger.debug("principal "+principal); serviceResponseBuilder.success().setUser(principal); if(Boolean.isTrue(storedTicket.getCasDetails().getIsAdapter())){ diff --git a/maxkey-protocols/maxkey-protocol-cas/src/main/java/org/maxkey/authz/cas/endpoint/CasAuthorizeEndpoint.java b/maxkey-protocols/maxkey-protocol-cas/src/main/java/org/maxkey/authz/cas/endpoint/CasAuthorizeEndpoint.java index 911c4fa35..a83221d0a 100644 --- a/maxkey-protocols/maxkey-protocol-cas/src/main/java/org/maxkey/authz/cas/endpoint/CasAuthorizeEndpoint.java +++ b/maxkey-protocols/maxkey-protocol-cas/src/main/java/org/maxkey/authz/cas/endpoint/CasAuthorizeEndpoint.java @@ -36,15 +36,12 @@ import org.maxkey.web.WebConstants; import org.maxkey.web.WebContext; import org.slf4j.Logger; import org.slf4j.LoggerFactory; -import org.springframework.security.core.Authentication; import org.springframework.security.core.annotation.AuthenticationPrincipal; -import org.springframework.security.core.context.SecurityContextHolder; import org.springframework.stereotype.Controller; import org.springframework.web.bind.annotation.PathVariable; import org.springframework.web.bind.annotation.RequestMapping; import org.springframework.web.bind.annotation.RequestParam; import org.springframework.web.servlet.ModelAndView; - import io.swagger.annotations.Api; import io.swagger.annotations.ApiOperation; @@ -105,8 +102,6 @@ public class CasAuthorizeEndpoint extends CasBaseAuthorizeEndpoint{ @AuthenticationPrincipal Object user, HttpServletRequest request, HttpServletResponse response){ - - Authentication authentication = SecurityContextHolder.getContext().getAuthentication(); AppsCasDetails casDetails=(AppsCasDetails)WebContext.getAttribute(CasConstants.PARAMETER.ENDPOINT_CAS_DETAILS); ServiceTicketImpl serviceTicket=new ServiceTicketImpl(WebContext.getAuthentication(),casDetails); diff --git a/maxkey-protocols/maxkey-protocol-cas/src/main/java/org/maxkey/authz/cas/endpoint/CasBaseAuthorizeEndpoint.java b/maxkey-protocols/maxkey-protocol-cas/src/main/java/org/maxkey/authz/cas/endpoint/CasBaseAuthorizeEndpoint.java index 6d1519a96..0d0e96399 100644 --- a/maxkey-protocols/maxkey-protocol-cas/src/main/java/org/maxkey/authz/cas/endpoint/CasBaseAuthorizeEndpoint.java +++ b/maxkey-protocols/maxkey-protocol-cas/src/main/java/org/maxkey/authz/cas/endpoint/CasBaseAuthorizeEndpoint.java @@ -17,12 +17,31 @@ package org.maxkey.authz.cas.endpoint; +import java.io.IOException; +import java.io.UnsupportedEncodingException; +import java.util.ArrayList; +import java.util.Iterator; +import java.util.List; +import java.util.Map; +import java.util.Set; +import java.util.Map.Entry; + import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; +import org.apache.http.HttpEntity; +import org.apache.http.NameValuePair; +import org.apache.http.client.config.RequestConfig; +import org.apache.http.client.entity.UrlEncodedFormEntity; +import org.apache.http.client.methods.CloseableHttpResponse; +import org.apache.http.client.methods.HttpPost; +import org.apache.http.impl.client.CloseableHttpClient; +import org.apache.http.impl.client.HttpClients; +import org.apache.http.message.BasicNameValuePair; +import org.apache.http.util.EntityUtils; import org.maxkey.authn.online.OnlineTicketServices; import org.maxkey.authz.cas.endpoint.ticket.CasConstants; -import org.maxkey.authz.cas.endpoint.ticket.service.TicketServices; +import org.maxkey.authz.cas.endpoint.ticket.TicketServices; import org.maxkey.authz.endpoint.AuthorizeBaseEndpoint; import org.maxkey.constants.ContentType; import org.maxkey.persistence.service.AppsCasDetailsService; @@ -55,6 +74,10 @@ public class CasBaseAuthorizeEndpoint extends AuthorizeBaseEndpoint{ @Qualifier("onlineTicketServices") protected OnlineTicketServices onlineTicketServices; + @Autowired + @Qualifier("casProxyGrantingTicketServices") + protected TicketServices casProxyGrantingTicketServices; + public void setContentType( HttpServletRequest request, @@ -67,4 +90,74 @@ public class CasBaseAuthorizeEndpoint extends AuthorizeBaseEndpoint{ response.setContentType(ContentType.APPLICATION_JSON_UTF8); } } + + public void postMessage(String url,Map paramMap) { + // 创建httpClient实例 + CloseableHttpClient httpClient = HttpClients.createDefault(); + CloseableHttpResponse httpResponse = null; + // 创建httpPost远程连接实例 + HttpPost httpPost = new HttpPost(url); + // 配置请求参数实例 + RequestConfig requestConfig = RequestConfig.custom().setConnectTimeout(35000)// 设置连接主机服务超时时间 + .setConnectionRequestTimeout(35000)// 设置连接请求超时时间 + .setSocketTimeout(60000)// 设置读取数据连接超时时间 + .build(); + // 为httpPost实例设置配置 + httpPost.setConfig(requestConfig); + // 设置请求头 + httpPost.addHeader("Content-Type", "application/x-www-form-urlencoded"); + // 封装post请求参数 + if (null != paramMap && paramMap.size() > 0) { + List nvps = new ArrayList(); + // 通过map集成entrySet方法获取entity + Set> entrySet = paramMap.entrySet(); + // 循环遍历,获取迭代器 + Iterator> iterator = entrySet.iterator(); + while (iterator.hasNext()) { + Entry mapEntry = iterator.next(); + _logger.debug("Name " + mapEntry.getKey() + " , Value " +mapEntry.getValue()); + nvps.add(new BasicNameValuePair(mapEntry.getKey(), mapEntry.getValue().toString())); + } + + // 为httpPost设置封装好的请求参数 + try { + httpPost.setEntity(new UrlEncodedFormEntity(nvps, "UTF-8")); + } catch (UnsupportedEncodingException e) { + e.printStackTrace(); + } + _logger.debug("Post Message \n" + + httpPost.getEntity().toString() + ); + } + + + try { + // httpClient对象执行post请求,并返回响应参数对象 + httpResponse = httpClient.execute(httpPost); + // 从响应对象中获取响应内容 + HttpEntity entity = httpResponse.getEntity(); + _logger.debug("Http Response StatusCode " + + httpResponse.getStatusLine().getStatusCode()+ + " , Content " +EntityUtils.toString(entity) + ); + } catch (Exception e) { + e.printStackTrace(); + } finally { + // 关闭资源 + if (null != httpResponse) { + try { + httpResponse.close(); + } catch (IOException e) { + e.printStackTrace(); + } + } + if (null != httpClient) { + try { + httpClient.close(); + } catch (IOException e) { + e.printStackTrace(); + } + } + } + } } diff --git a/maxkey-protocols/maxkey-protocol-cas/src/main/java/org/maxkey/authz/cas/endpoint/ticket/ProxyGrantingTicketIOUImpl.java b/maxkey-protocols/maxkey-protocol-cas/src/main/java/org/maxkey/authz/cas/endpoint/ticket/ProxyGrantingTicketIOUImpl.java new file mode 100644 index 000000000..2e24e8864 --- /dev/null +++ b/maxkey-protocols/maxkey-protocol-cas/src/main/java/org/maxkey/authz/cas/endpoint/ticket/ProxyGrantingTicketIOUImpl.java @@ -0,0 +1,56 @@ +/* + * Copyright [2020] [MaxKey of copyright http://www.maxkey.top] + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + + +package org.maxkey.authz.cas.endpoint.ticket; + +import org.maxkey.domain.apps.AppsCasDetails; +import org.springframework.security.core.Authentication; + +/** + * The {@link ProxyGrantingTicketIOUImpl} is a concrete implementation of the {@link ProxyTicket}. + * + * @author Misagh Moayyed + * @since 4.2 + */ +public class ProxyGrantingTicketIOUImpl extends ServiceTicketImpl implements Ticket { + private static final long serialVersionUID = -4469960563289285371L; + + /** + * Instantiates a new Proxy ticket. + */ + public ProxyGrantingTicketIOUImpl() { + } + + /** + * Instantiates a new Proxy ticket. + * + * @param id the id + * @param ticket the ticket + * @param service the service + * @param credentialProvided the credential that prompted this ticket. Could be false. + * @param policy the expiration policy + */ + public ProxyGrantingTicketIOUImpl(final String id, final Service service, + final boolean credentialProvided) { + + } + + public ProxyGrantingTicketIOUImpl(Authentication authentication, AppsCasDetails casDetails) { + this.authentication=authentication; + this.casDetails=casDetails; + } +} diff --git a/maxkey-protocols/maxkey-protocol-cas/src/main/java/org/maxkey/authz/cas/endpoint/ticket/ProxyGrantingTicketImpl.java b/maxkey-protocols/maxkey-protocol-cas/src/main/java/org/maxkey/authz/cas/endpoint/ticket/ProxyGrantingTicketImpl.java new file mode 100644 index 000000000..edee8f7fe --- /dev/null +++ b/maxkey-protocols/maxkey-protocol-cas/src/main/java/org/maxkey/authz/cas/endpoint/ticket/ProxyGrantingTicketImpl.java @@ -0,0 +1,56 @@ +/* + * Copyright [2020] [MaxKey of copyright http://www.maxkey.top] + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + + +package org.maxkey.authz.cas.endpoint.ticket; + +import org.maxkey.domain.apps.AppsCasDetails; +import org.springframework.security.core.Authentication; + +/** + * The {@link ProxyGrantingTicketImpl} is a concrete implementation of the {@link ProxyTicket}. + * + * @author Misagh Moayyed + * @since 4.2 + */ +public class ProxyGrantingTicketImpl extends ServiceTicketImpl implements Ticket { + private static final long serialVersionUID = -4469960563289285371L; + + /** + * Instantiates a new Proxy ticket. + */ + public ProxyGrantingTicketImpl() { + } + + /** + * Instantiates a new Proxy ticket. + * + * @param id the id + * @param ticket the ticket + * @param service the service + * @param credentialProvided the credential that prompted this ticket. Could be false. + * @param policy the expiration policy + */ + public ProxyGrantingTicketImpl(final String id, final Service service, + final boolean credentialProvided) { + + } + + public ProxyGrantingTicketImpl(Authentication authentication, AppsCasDetails casDetails) { + this.authentication=authentication; + this.casDetails=casDetails; + } +} diff --git a/maxkey-protocols/maxkey-protocol-cas/src/main/java/org/maxkey/authz/cas/endpoint/ticket/ProxyTicketImpl.java b/maxkey-protocols/maxkey-protocol-cas/src/main/java/org/maxkey/authz/cas/endpoint/ticket/ProxyTicketImpl.java index 0bba1c6d1..2fd034f87 100644 --- a/maxkey-protocols/maxkey-protocol-cas/src/main/java/org/maxkey/authz/cas/endpoint/ticket/ProxyTicketImpl.java +++ b/maxkey-protocols/maxkey-protocol-cas/src/main/java/org/maxkey/authz/cas/endpoint/ticket/ProxyTicketImpl.java @@ -17,6 +17,9 @@ package org.maxkey.authz.cas.endpoint.ticket; +import org.maxkey.domain.apps.AppsCasDetails; +import org.springframework.security.core.Authentication; + /** * The {@link ProxyTicketImpl} is a concrete implementation of the {@link ProxyTicket}. * @@ -45,4 +48,9 @@ public class ProxyTicketImpl extends ServiceTicketImpl implements Ticket { final boolean credentialProvided) { } + + public ProxyTicketImpl(Authentication authentication, AppsCasDetails casDetails) { + this.authentication=authentication; + this.casDetails=casDetails; + } } diff --git a/maxkey-protocols/maxkey-protocol-cas/src/main/java/org/maxkey/authz/cas/endpoint/ticket/service/RandomServiceTicketServices.java b/maxkey-protocols/maxkey-protocol-cas/src/main/java/org/maxkey/authz/cas/endpoint/ticket/RandomServiceTicketServices.java similarity index 82% rename from maxkey-protocols/maxkey-protocol-cas/src/main/java/org/maxkey/authz/cas/endpoint/ticket/service/RandomServiceTicketServices.java rename to maxkey-protocols/maxkey-protocol-cas/src/main/java/org/maxkey/authz/cas/endpoint/ticket/RandomServiceTicketServices.java index e2d4f7de9..b220fd8b4 100644 --- a/maxkey-protocols/maxkey-protocol-cas/src/main/java/org/maxkey/authz/cas/endpoint/ticket/service/RandomServiceTicketServices.java +++ b/maxkey-protocols/maxkey-protocol-cas/src/main/java/org/maxkey/authz/cas/endpoint/ticket/RandomServiceTicketServices.java @@ -15,10 +15,8 @@ */ -package org.maxkey.authz.cas.endpoint.ticket.service; +package org.maxkey.authz.cas.endpoint.ticket; -import org.maxkey.authz.cas.endpoint.ticket.CasConstants; -import org.maxkey.authz.cas.endpoint.ticket.Ticket; import org.maxkey.authz.cas.endpoint.ticket.generator.DefaultUniqueTicketIdGenerator; @@ -43,9 +41,15 @@ public abstract class RandomServiceTicketServices implements TicketServices { ticketId = generator.getNewTicketId(CasConstants.PREFIX.PROXY_TICKET_PREFIX); }else if(ticket.getClass().getSimpleName().equalsIgnoreCase("TicketGrantingTicketImpl")){ ticketId = generator.getNewTicketId(CasConstants.PREFIX.TICKET_GRANTING_TICKET_PREFIX); + }else if(ticket.getClass().getSimpleName().equalsIgnoreCase("ProxyGrantingTicketImpl")){ + ticketId = generator.getNewTicketId(CasConstants.PREFIX.PROXY_GRANTING_TICKET_PREFIX); + }else if(ticket.getClass().getSimpleName().equalsIgnoreCase("ProxyGrantingTicketIOUImpl")){ + ticketId = generator.getNewTicketId(CasConstants.PREFIX.PROXY_GRANTING_TICKET_IOU_PREFIX); + return ticketId; }else { - ticketId = generator.getNewTicketId(CasConstants.PREFIX.PROXY_TICKET_PREFIX); + ticketId = generator.getNewTicketId(CasConstants.PREFIX.SERVICE_TICKET_PREFIX); } + store(ticketId, ticket); return ticketId; } diff --git a/maxkey-protocols/maxkey-protocol-cas/src/main/java/org/maxkey/authz/cas/endpoint/ticket/ServiceTicket.java b/maxkey-protocols/maxkey-protocol-cas/src/main/java/org/maxkey/authz/cas/endpoint/ticket/ServiceTicket.java index 18f9a4c9c..be352fd69 100644 --- a/maxkey-protocols/maxkey-protocol-cas/src/main/java/org/maxkey/authz/cas/endpoint/ticket/ServiceTicket.java +++ b/maxkey-protocols/maxkey-protocol-cas/src/main/java/org/maxkey/authz/cas/endpoint/ticket/ServiceTicket.java @@ -17,7 +17,7 @@ package org.maxkey.authz.cas.endpoint.ticket; -import org.maxkey.authz.cas.endpoint.ticket.proxy.ProxyGrantingTicket; +import org.maxkey.authz.cas.endpoint.ticket.pgt.ProxyGrantingTicket; import org.springframework.security.core.Authentication; import com.fasterxml.jackson.annotation.JsonTypeInfo; diff --git a/maxkey-protocols/maxkey-protocol-cas/src/main/java/org/maxkey/authz/cas/endpoint/ticket/ServiceTicketImpl.java b/maxkey-protocols/maxkey-protocol-cas/src/main/java/org/maxkey/authz/cas/endpoint/ticket/ServiceTicketImpl.java index 7f667ad33..27115dcbf 100644 --- a/maxkey-protocols/maxkey-protocol-cas/src/main/java/org/maxkey/authz/cas/endpoint/ticket/ServiceTicketImpl.java +++ b/maxkey-protocols/maxkey-protocol-cas/src/main/java/org/maxkey/authz/cas/endpoint/ticket/ServiceTicketImpl.java @@ -18,7 +18,7 @@ package org.maxkey.authz.cas.endpoint.ticket; import org.apache.commons.lang3.builder.EqualsBuilder; -import org.maxkey.authz.cas.endpoint.ticket.proxy.ProxyGrantingTicket; +import org.maxkey.authz.cas.endpoint.ticket.pgt.ProxyGrantingTicket; import org.maxkey.domain.apps.AppsCasDetails; import org.springframework.security.core.Authentication; diff --git a/maxkey-protocols/maxkey-protocol-cas/src/main/java/org/maxkey/authz/cas/endpoint/ticket/service/TicketServices.java b/maxkey-protocols/maxkey-protocol-cas/src/main/java/org/maxkey/authz/cas/endpoint/ticket/TicketServices.java similarity index 92% rename from maxkey-protocols/maxkey-protocol-cas/src/main/java/org/maxkey/authz/cas/endpoint/ticket/service/TicketServices.java rename to maxkey-protocols/maxkey-protocol-cas/src/main/java/org/maxkey/authz/cas/endpoint/ticket/TicketServices.java index c41557580..a60edecb1 100644 --- a/maxkey-protocols/maxkey-protocol-cas/src/main/java/org/maxkey/authz/cas/endpoint/ticket/service/TicketServices.java +++ b/maxkey-protocols/maxkey-protocol-cas/src/main/java/org/maxkey/authz/cas/endpoint/ticket/TicketServices.java @@ -15,9 +15,7 @@ */ -package org.maxkey.authz.cas.endpoint.ticket.service; - -import org.maxkey.authz.cas.endpoint.ticket.Ticket; +package org.maxkey.authz.cas.endpoint.ticket; public interface TicketServices { diff --git a/maxkey-protocols/maxkey-protocol-cas/src/main/java/org/maxkey/authz/cas/endpoint/ticket/pgt/InMemoryProxyGrantingTicketServices.java b/maxkey-protocols/maxkey-protocol-cas/src/main/java/org/maxkey/authz/cas/endpoint/ticket/pgt/InMemoryProxyGrantingTicketServices.java new file mode 100644 index 000000000..81f9ab92d --- /dev/null +++ b/maxkey-protocols/maxkey-protocol-cas/src/main/java/org/maxkey/authz/cas/endpoint/ticket/pgt/InMemoryProxyGrantingTicketServices.java @@ -0,0 +1,55 @@ +/* + * Copyright [2020] [MaxKey of copyright http://www.maxkey.top] + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + + +package org.maxkey.authz.cas.endpoint.ticket.pgt; + +import java.time.Duration; + +import org.ehcache.UserManagedCache; +import org.ehcache.config.builders.ExpiryPolicyBuilder; +import org.ehcache.config.builders.UserManagedCacheBuilder; +import org.maxkey.authz.cas.endpoint.ticket.RandomServiceTicketServices; +import org.maxkey.authz.cas.endpoint.ticket.Ticket; + + +public class InMemoryProxyGrantingTicketServices extends RandomServiceTicketServices { + + protected final static UserManagedCache casTicketStore = + UserManagedCacheBuilder.newUserManagedCacheBuilder(String.class, Ticket.class) + .withExpiry(ExpiryPolicyBuilder.timeToLiveExpiration(Duration.ofHours(1))) + .build(true); + + + @Override + public void store(String ticketId, Ticket ticket) { + casTicketStore.put(ticketId, ticket); + } + + @Override + public Ticket remove(String ticketId) { + Ticket ticket=casTicketStore.get(ticketId); + casTicketStore.remove(ticketId); + return ticket; + } + + @Override + public Ticket get(String ticket) { + // TODO Auto-generated method stub + return casTicketStore.get(ticket); + } + +} diff --git a/maxkey-protocols/maxkey-protocol-cas/src/main/java/org/maxkey/authz/cas/endpoint/ticket/proxy/ProxyGrantingTicket.java b/maxkey-protocols/maxkey-protocol-cas/src/main/java/org/maxkey/authz/cas/endpoint/ticket/pgt/ProxyGrantingTicket.java similarity index 97% rename from maxkey-protocols/maxkey-protocol-cas/src/main/java/org/maxkey/authz/cas/endpoint/ticket/proxy/ProxyGrantingTicket.java rename to maxkey-protocols/maxkey-protocol-cas/src/main/java/org/maxkey/authz/cas/endpoint/ticket/pgt/ProxyGrantingTicket.java index 218e83840..8448dc717 100644 --- a/maxkey-protocols/maxkey-protocol-cas/src/main/java/org/maxkey/authz/cas/endpoint/ticket/proxy/ProxyGrantingTicket.java +++ b/maxkey-protocols/maxkey-protocol-cas/src/main/java/org/maxkey/authz/cas/endpoint/ticket/pgt/ProxyGrantingTicket.java @@ -15,7 +15,7 @@ */ -package org.maxkey.authz.cas.endpoint.ticket.proxy; +package org.maxkey.authz.cas.endpoint.ticket.pgt; import org.maxkey.authz.cas.endpoint.ticket.ExpirationPolicy; import org.maxkey.authz.cas.endpoint.ticket.Service; diff --git a/maxkey-protocols/maxkey-protocol-cas/src/main/java/org/maxkey/authz/cas/endpoint/ticket/pgt/ProxyGrantingTicketServicesFactory.java b/maxkey-protocols/maxkey-protocol-cas/src/main/java/org/maxkey/authz/cas/endpoint/ticket/pgt/ProxyGrantingTicketServicesFactory.java new file mode 100644 index 000000000..d08aa94bc --- /dev/null +++ b/maxkey-protocols/maxkey-protocol-cas/src/main/java/org/maxkey/authz/cas/endpoint/ticket/pgt/ProxyGrantingTicketServicesFactory.java @@ -0,0 +1,30 @@ +package org.maxkey.authz.cas.endpoint.ticket.pgt; + +import org.maxkey.authz.cas.endpoint.ticket.TicketServices; +import org.maxkey.constants.ConstantsPersistence; +import org.maxkey.persistence.redis.RedisConnectionFactory; +import org.slf4j.Logger; +import org.slf4j.LoggerFactory; +import org.springframework.jdbc.core.JdbcTemplate; + +public class ProxyGrantingTicketServicesFactory { + private static final Logger _logger = LoggerFactory.getLogger(ProxyGrantingTicketServicesFactory.class); + + public TicketServices getService( + int persistence, + JdbcTemplate jdbcTemplate, + RedisConnectionFactory redisConnFactory) { + TicketServices casTicketServices = null; + if (persistence == ConstantsPersistence.INMEMORY) { + casTicketServices = new InMemoryProxyGrantingTicketServices(); + _logger.debug("InMemoryTicketServices"); + } else if (persistence == ConstantsPersistence.JDBC) { + //casTicketServices = new JdbcTicketServices(jdbcTemplate); + _logger.debug("JdbcTicketServices not support "); + } else if (persistence == ConstantsPersistence.REDIS) { + casTicketServices = new RedisProxyGrantingTicketServices(redisConnFactory); + _logger.debug("RedisTicketServices"); + } + return casTicketServices; + } +} diff --git a/maxkey-protocols/maxkey-protocol-cas/src/main/java/org/maxkey/authz/cas/endpoint/ticket/proxy/ProxyTicket.java b/maxkey-protocols/maxkey-protocol-cas/src/main/java/org/maxkey/authz/cas/endpoint/ticket/pgt/ProxyTicket.java similarity index 96% rename from maxkey-protocols/maxkey-protocol-cas/src/main/java/org/maxkey/authz/cas/endpoint/ticket/proxy/ProxyTicket.java rename to maxkey-protocols/maxkey-protocol-cas/src/main/java/org/maxkey/authz/cas/endpoint/ticket/pgt/ProxyTicket.java index 496da0737..93306fc84 100644 --- a/maxkey-protocols/maxkey-protocol-cas/src/main/java/org/maxkey/authz/cas/endpoint/ticket/proxy/ProxyTicket.java +++ b/maxkey-protocols/maxkey-protocol-cas/src/main/java/org/maxkey/authz/cas/endpoint/ticket/pgt/ProxyTicket.java @@ -15,7 +15,7 @@ */ -package org.maxkey.authz.cas.endpoint.ticket.proxy; +package org.maxkey.authz.cas.endpoint.ticket.pgt; import org.maxkey.authz.cas.endpoint.ticket.ServiceTicket; diff --git a/maxkey-protocols/maxkey-protocol-cas/src/main/java/org/maxkey/authz/cas/endpoint/ticket/pgt/RedisProxyGrantingTicketServices.java b/maxkey-protocols/maxkey-protocol-cas/src/main/java/org/maxkey/authz/cas/endpoint/ticket/pgt/RedisProxyGrantingTicketServices.java new file mode 100644 index 000000000..4d916b612 --- /dev/null +++ b/maxkey-protocols/maxkey-protocol-cas/src/main/java/org/maxkey/authz/cas/endpoint/ticket/pgt/RedisProxyGrantingTicketServices.java @@ -0,0 +1,78 @@ +/* + * Copyright [2020] [MaxKey of copyright http://www.maxkey.top] + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + + +package org.maxkey.authz.cas.endpoint.ticket.pgt; + +import org.maxkey.authz.cas.endpoint.ticket.RandomServiceTicketServices; +import org.maxkey.authz.cas.endpoint.ticket.Ticket; +import org.maxkey.persistence.redis.RedisConnection; +import org.maxkey.persistence.redis.RedisConnectionFactory; + + +public class RedisProxyGrantingTicketServices extends RandomServiceTicketServices { + + + protected int serviceTicketValiditySeconds = 60 * 60; //default 60 minutes. + + RedisConnectionFactory connectionFactory; + + public static String PREFIX="REDIS_CAS_TICKET_PGT_"; + /** + * @param connectionFactory + */ + public RedisProxyGrantingTicketServices(RedisConnectionFactory connectionFactory) { + super(); + this.connectionFactory = connectionFactory; + } + + /** + * + */ + public RedisProxyGrantingTicketServices() { + + } + + public void setConnectionFactory(RedisConnectionFactory connectionFactory) { + this.connectionFactory = connectionFactory; + } + + @Override + public void store(String ticketId, Ticket ticket) { + RedisConnection conn=connectionFactory.getConnection(); + conn.setexObject(PREFIX+ticketId, serviceTicketValiditySeconds, ticket); + conn.close(); + } + + @Override + public Ticket remove(String ticketId) { + RedisConnection conn=connectionFactory.getConnection(); + Ticket ticket = conn.getObject(PREFIX+ticketId); + conn.delete(PREFIX+ticketId); + conn.close(); + return ticket; + } + + @Override + public Ticket get(String ticketId) { + RedisConnection conn=connectionFactory.getConnection(); + Ticket ticket = conn.getObject(PREFIX+ticketId); + conn.close(); + return ticket; + } + + +} diff --git a/maxkey-protocols/maxkey-protocol-cas/src/main/java/org/maxkey/authz/cas/endpoint/ticket/service/JdbcTicketServices.java b/maxkey-protocols/maxkey-protocol-cas/src/main/java/org/maxkey/authz/cas/endpoint/ticket/service/JdbcTicketServices.java deleted file mode 100644 index 0c83a6c3a..000000000 --- a/maxkey-protocols/maxkey-protocol-cas/src/main/java/org/maxkey/authz/cas/endpoint/ticket/service/JdbcTicketServices.java +++ /dev/null @@ -1,95 +0,0 @@ -/* - * Copyright [2020] [MaxKey of copyright http://www.maxkey.top] - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ - - -package org.maxkey.authz.cas.endpoint.ticket.service; - -import java.sql.ResultSet; -import java.sql.SQLException; -import java.sql.Types; -import org.maxkey.authz.cas.endpoint.ticket.Ticket; -import org.maxkey.util.SerializationUtils; -import org.springframework.dao.EmptyResultDataAccessException; -import org.springframework.jdbc.core.JdbcTemplate; -import org.springframework.jdbc.core.RowMapper; -import org.springframework.jdbc.core.support.SqlLobValue; -import org.springframework.util.Assert; - - -public class JdbcTicketServices extends RandomServiceTicketServices { - - private static final String DEFAULT_SELECT_STATEMENT = "select id, ticket from cas_ticket where id = ?"; - private static final String DEFAULT_INSERT_STATEMENT = "insert into cas_ticket (id, ticket) values (?, ?)"; - private static final String DEFAULT_DELETE_STATEMENT = "delete from cas_ticket where id = ?"; - - private String selectAuthenticationSql = DEFAULT_SELECT_STATEMENT; - private String insertAuthenticationSql = DEFAULT_INSERT_STATEMENT; - private String deleteAuthenticationSql = DEFAULT_DELETE_STATEMENT; - - private final JdbcTemplate jdbcTemplate; - - public JdbcTicketServices(JdbcTemplate jdbcTemplate) { - Assert.notNull(jdbcTemplate, "jdbcTemplate required"); - this.jdbcTemplate = jdbcTemplate; - } - - @Override - public void store(String ticketId, Ticket ticket) { - jdbcTemplate.update(insertAuthenticationSql, - new Object[] { ticket, new SqlLobValue(SerializationUtils.serialize(ticket)) }, new int[] { - Types.VARCHAR, Types.BLOB }); - } - - public Ticket remove(String ticketId) { - Ticket ticket; - - try { - ticket = jdbcTemplate.queryForObject(selectAuthenticationSql, - new RowMapper() { - public Ticket mapRow(ResultSet rs, int rowNum) - throws SQLException { - return SerializationUtils.deserialize(rs.getBytes("ticket")); - } - }, ticketId); - } catch (EmptyResultDataAccessException e) { - return null; - } - - if (ticket != null) { - jdbcTemplate.update(deleteAuthenticationSql, ticket); - } - - return ticket; - } - - public void setSelectAuthenticationSql(String selectAuthenticationSql) { - this.selectAuthenticationSql = selectAuthenticationSql; - } - - public void setInsertAuthenticationSql(String insertAuthenticationSql) { - this.insertAuthenticationSql = insertAuthenticationSql; - } - - public void setDeleteAuthenticationSql(String deleteAuthenticationSql) { - this.deleteAuthenticationSql = deleteAuthenticationSql; - } - - @Override - public Ticket get(String ticketId) { - // TODO Auto-generated method stub - return null; - } -} diff --git a/maxkey-protocols/maxkey-protocol-cas/src/main/java/org/maxkey/authz/cas/endpoint/ticket/service/InMemoryTicketServices.java b/maxkey-protocols/maxkey-protocol-cas/src/main/java/org/maxkey/authz/cas/endpoint/ticket/st/InMemoryTicketServices.java similarity index 92% rename from maxkey-protocols/maxkey-protocol-cas/src/main/java/org/maxkey/authz/cas/endpoint/ticket/service/InMemoryTicketServices.java rename to maxkey-protocols/maxkey-protocol-cas/src/main/java/org/maxkey/authz/cas/endpoint/ticket/st/InMemoryTicketServices.java index 5cd898ca7..7c6cbe5e3 100644 --- a/maxkey-protocols/maxkey-protocol-cas/src/main/java/org/maxkey/authz/cas/endpoint/ticket/service/InMemoryTicketServices.java +++ b/maxkey-protocols/maxkey-protocol-cas/src/main/java/org/maxkey/authz/cas/endpoint/ticket/st/InMemoryTicketServices.java @@ -15,13 +15,14 @@ */ -package org.maxkey.authz.cas.endpoint.ticket.service; +package org.maxkey.authz.cas.endpoint.ticket.st; import java.time.Duration; import org.ehcache.UserManagedCache; import org.ehcache.config.builders.ExpiryPolicyBuilder; import org.ehcache.config.builders.UserManagedCacheBuilder; +import org.maxkey.authz.cas.endpoint.ticket.RandomServiceTicketServices; import org.maxkey.authz.cas.endpoint.ticket.Ticket; diff --git a/maxkey-protocols/maxkey-protocol-cas/src/main/java/org/maxkey/authz/cas/endpoint/ticket/service/RedisTicketServices.java b/maxkey-protocols/maxkey-protocol-cas/src/main/java/org/maxkey/authz/cas/endpoint/ticket/st/RedisTicketServices.java similarity index 94% rename from maxkey-protocols/maxkey-protocol-cas/src/main/java/org/maxkey/authz/cas/endpoint/ticket/service/RedisTicketServices.java rename to maxkey-protocols/maxkey-protocol-cas/src/main/java/org/maxkey/authz/cas/endpoint/ticket/st/RedisTicketServices.java index cf91e3073..53b760ef9 100644 --- a/maxkey-protocols/maxkey-protocol-cas/src/main/java/org/maxkey/authz/cas/endpoint/ticket/service/RedisTicketServices.java +++ b/maxkey-protocols/maxkey-protocol-cas/src/main/java/org/maxkey/authz/cas/endpoint/ticket/st/RedisTicketServices.java @@ -15,8 +15,9 @@ */ -package org.maxkey.authz.cas.endpoint.ticket.service; +package org.maxkey.authz.cas.endpoint.ticket.st; +import org.maxkey.authz.cas.endpoint.ticket.RandomServiceTicketServices; import org.maxkey.authz.cas.endpoint.ticket.Ticket; import org.maxkey.persistence.redis.RedisConnection; import org.maxkey.persistence.redis.RedisConnectionFactory; diff --git a/maxkey-protocols/maxkey-protocol-cas/src/main/java/org/maxkey/authz/cas/endpoint/ticket/service/TicketServicesFactory.java b/maxkey-protocols/maxkey-protocol-cas/src/main/java/org/maxkey/authz/cas/endpoint/ticket/st/TicketServicesFactory.java similarity index 91% rename from maxkey-protocols/maxkey-protocol-cas/src/main/java/org/maxkey/authz/cas/endpoint/ticket/service/TicketServicesFactory.java rename to maxkey-protocols/maxkey-protocol-cas/src/main/java/org/maxkey/authz/cas/endpoint/ticket/st/TicketServicesFactory.java index a530a0e14..f77dad88f 100644 --- a/maxkey-protocols/maxkey-protocol-cas/src/main/java/org/maxkey/authz/cas/endpoint/ticket/service/TicketServicesFactory.java +++ b/maxkey-protocols/maxkey-protocol-cas/src/main/java/org/maxkey/authz/cas/endpoint/ticket/st/TicketServicesFactory.java @@ -1,5 +1,6 @@ -package org.maxkey.authz.cas.endpoint.ticket.service; +package org.maxkey.authz.cas.endpoint.ticket.st; +import org.maxkey.authz.cas.endpoint.ticket.TicketServices; import org.maxkey.constants.ConstantsPersistence; import org.maxkey.persistence.redis.RedisConnectionFactory; import org.slf4j.Logger; diff --git a/maxkey-protocols/maxkey-protocol-cas/src/main/java/org/maxkey/authz/cas/endpoint/ticket/service/package-info.java b/maxkey-protocols/maxkey-protocol-cas/src/main/java/org/maxkey/authz/cas/endpoint/ticket/st/package-info.java similarity index 92% rename from maxkey-protocols/maxkey-protocol-cas/src/main/java/org/maxkey/authz/cas/endpoint/ticket/service/package-info.java rename to maxkey-protocols/maxkey-protocol-cas/src/main/java/org/maxkey/authz/cas/endpoint/ticket/st/package-info.java index fdd1c2dfc..567f488cd 100644 --- a/maxkey-protocols/maxkey-protocol-cas/src/main/java/org/maxkey/authz/cas/endpoint/ticket/service/package-info.java +++ b/maxkey-protocols/maxkey-protocol-cas/src/main/java/org/maxkey/authz/cas/endpoint/ticket/st/package-info.java @@ -22,4 +22,4 @@ * @author Administrator * */ -package org.maxkey.authz.cas.endpoint.ticket.service; +package org.maxkey.authz.cas.endpoint.ticket.st; diff --git a/maxkey-protocols/maxkey-protocol-cas/src/main/java/org/maxkey/authz/cas/endpoint/ticket/service/InMemoryTicketGrantingTicketServices.java b/maxkey-protocols/maxkey-protocol-cas/src/main/java/org/maxkey/authz/cas/endpoint/ticket/tgt/InMemoryTicketGrantingTicketServices.java similarity index 93% rename from maxkey-protocols/maxkey-protocol-cas/src/main/java/org/maxkey/authz/cas/endpoint/ticket/service/InMemoryTicketGrantingTicketServices.java rename to maxkey-protocols/maxkey-protocol-cas/src/main/java/org/maxkey/authz/cas/endpoint/ticket/tgt/InMemoryTicketGrantingTicketServices.java index 21c80f9d0..4d20a6c89 100644 --- a/maxkey-protocols/maxkey-protocol-cas/src/main/java/org/maxkey/authz/cas/endpoint/ticket/service/InMemoryTicketGrantingTicketServices.java +++ b/maxkey-protocols/maxkey-protocol-cas/src/main/java/org/maxkey/authz/cas/endpoint/ticket/tgt/InMemoryTicketGrantingTicketServices.java @@ -15,13 +15,14 @@ */ -package org.maxkey.authz.cas.endpoint.ticket.service; +package org.maxkey.authz.cas.endpoint.ticket.tgt; import java.time.Duration; import org.ehcache.UserManagedCache; import org.ehcache.config.builders.ExpiryPolicyBuilder; import org.ehcache.config.builders.UserManagedCacheBuilder; +import org.maxkey.authz.cas.endpoint.ticket.RandomServiceTicketServices; import org.maxkey.authz.cas.endpoint.ticket.Ticket; diff --git a/maxkey-protocols/maxkey-protocol-cas/src/main/java/org/maxkey/authz/cas/endpoint/ticket/service/RedisTicketGrantingTicketServices.java b/maxkey-protocols/maxkey-protocol-cas/src/main/java/org/maxkey/authz/cas/endpoint/ticket/tgt/RedisTicketGrantingTicketServices.java similarity index 94% rename from maxkey-protocols/maxkey-protocol-cas/src/main/java/org/maxkey/authz/cas/endpoint/ticket/service/RedisTicketGrantingTicketServices.java rename to maxkey-protocols/maxkey-protocol-cas/src/main/java/org/maxkey/authz/cas/endpoint/ticket/tgt/RedisTicketGrantingTicketServices.java index ec5154d50..444417273 100644 --- a/maxkey-protocols/maxkey-protocol-cas/src/main/java/org/maxkey/authz/cas/endpoint/ticket/service/RedisTicketGrantingTicketServices.java +++ b/maxkey-protocols/maxkey-protocol-cas/src/main/java/org/maxkey/authz/cas/endpoint/ticket/tgt/RedisTicketGrantingTicketServices.java @@ -15,8 +15,9 @@ */ -package org.maxkey.authz.cas.endpoint.ticket.service; +package org.maxkey.authz.cas.endpoint.ticket.tgt; +import org.maxkey.authz.cas.endpoint.ticket.RandomServiceTicketServices; import org.maxkey.authz.cas.endpoint.ticket.Ticket; import org.maxkey.persistence.redis.RedisConnection; import org.maxkey.persistence.redis.RedisConnectionFactory; diff --git a/maxkey-protocols/maxkey-protocol-cas/src/main/java/org/maxkey/authz/cas/endpoint/ticket/service/TicketGrantingTicketServicesFactory.java b/maxkey-protocols/maxkey-protocol-cas/src/main/java/org/maxkey/authz/cas/endpoint/ticket/tgt/TicketGrantingTicketServicesFactory.java similarity index 92% rename from maxkey-protocols/maxkey-protocol-cas/src/main/java/org/maxkey/authz/cas/endpoint/ticket/service/TicketGrantingTicketServicesFactory.java rename to maxkey-protocols/maxkey-protocol-cas/src/main/java/org/maxkey/authz/cas/endpoint/ticket/tgt/TicketGrantingTicketServicesFactory.java index 62dd1c872..aa4852436 100644 --- a/maxkey-protocols/maxkey-protocol-cas/src/main/java/org/maxkey/authz/cas/endpoint/ticket/service/TicketGrantingTicketServicesFactory.java +++ b/maxkey-protocols/maxkey-protocol-cas/src/main/java/org/maxkey/authz/cas/endpoint/ticket/tgt/TicketGrantingTicketServicesFactory.java @@ -1,5 +1,6 @@ -package org.maxkey.authz.cas.endpoint.ticket.service; +package org.maxkey.authz.cas.endpoint.ticket.tgt; +import org.maxkey.authz.cas.endpoint.ticket.TicketServices; import org.maxkey.constants.ConstantsPersistence; import org.maxkey.persistence.redis.RedisConnectionFactory; import org.slf4j.Logger; diff --git a/maxkey-protocols/maxkey-protocol-cas/src/main/java/org/maxkey/autoconfigure/CasAutoConfiguration.java b/maxkey-protocols/maxkey-protocol-cas/src/main/java/org/maxkey/autoconfigure/CasAutoConfiguration.java index aa856deaf..b797ca35f 100644 --- a/maxkey-protocols/maxkey-protocol-cas/src/main/java/org/maxkey/autoconfigure/CasAutoConfiguration.java +++ b/maxkey-protocols/maxkey-protocol-cas/src/main/java/org/maxkey/autoconfigure/CasAutoConfiguration.java @@ -17,9 +17,10 @@ package org.maxkey.autoconfigure; -import org.maxkey.authz.cas.endpoint.ticket.service.TicketGrantingTicketServicesFactory; -import org.maxkey.authz.cas.endpoint.ticket.service.TicketServices; -import org.maxkey.authz.cas.endpoint.ticket.service.TicketServicesFactory; +import org.maxkey.authz.cas.endpoint.ticket.TicketServices; +import org.maxkey.authz.cas.endpoint.ticket.pgt.ProxyGrantingTicketServicesFactory; +import org.maxkey.authz.cas.endpoint.ticket.st.TicketServicesFactory; +import org.maxkey.authz.cas.endpoint.ticket.tgt.TicketGrantingTicketServicesFactory; import org.maxkey.constants.ConstantsProperties; import org.maxkey.persistence.redis.RedisConnectionFactory; import org.slf4j.Logger; @@ -72,6 +73,17 @@ public class CasAutoConfiguration implements InitializingBean { return new TicketGrantingTicketServicesFactory().getService(persistence, jdbcTemplate, redisConnFactory); } + @Bean(name = "casProxyGrantingTicketServices") + public TicketServices casProxyGrantingTicketServices( + @Value("${config.server.persistence}") int persistence, + @Value("${config.login.remeberme.validity}") int validity, + JdbcTemplate jdbcTemplate, + RedisConnectionFactory redisConnFactory) { + _logger.debug("init casTicketGrantingTicketServices."); + return new ProxyGrantingTicketServicesFactory().getService(persistence, jdbcTemplate, redisConnFactory); + } + + @Override public void afterPropertiesSet() throws Exception { // TODO Auto-generated method stub diff --git a/maxkey-web-maxkey/src/main/java/org/maxkey/MaxKeyMvcConfig.java b/maxkey-web-maxkey/src/main/java/org/maxkey/MaxKeyMvcConfig.java index 164733cd5..183e888f6 100644 --- a/maxkey-web-maxkey/src/main/java/org/maxkey/MaxKeyMvcConfig.java +++ b/maxkey-web-maxkey/src/main/java/org/maxkey/MaxKeyMvcConfig.java @@ -170,9 +170,11 @@ public class MaxKeyMvcConfig implements WebMvcConfigurer { //cas2.0 Validate .excludePathPatterns("/authz/cas/serviceValidate") .excludePathPatterns("/authz/cas/proxyValidate") + .excludePathPatterns("/authz/cas/proxy") //cas3.0 Validate .excludePathPatterns("/authz/cas/p3/serviceValidate") .excludePathPatterns("/authz/cas/p3/proxyValidate") + .excludePathPatterns("/authz/cas/p3/proxy") //rest .excludePathPatterns("/authz/cas/v1/tickets") .excludePathPatterns("/authz/cas/v1/tickets/*")