CASは/v 1/tickets/{TGT id}と/serviceValidateを統合し、STを生成する際にその正当性を直接検証する.
5481 ワード
CASは/v 1/tickets/{TGT id}と/serviceValidateを統合し、STを生成する際にその正当性を直接検証する.
クライアント(C/S構造)呼び出しサーバをシミュレートしてTGTの正当性を検証し,呼び出し/serviceValidateを省略することを目的とする.
次のように変更します.
TicketGrantingTicketResource.java
成功したら直接戻る(true/false)
クライアント(C/S構造)呼び出しサーバをシミュレートしてTGTの正当性を検証し,呼び出し/serviceValidateを省略することを目的とする.
次のように変更します.
TicketGrantingTicketResource.java
成功したら直接戻る(true/false)
/*
* Licensed to Jasig under one or more contributor license
* agreements. See the NOTICE file distributed with this work
* for additional information regarding copyright ownership.
* Jasig licenses this file to you under the Apache License,
* Version 2.0 (the "License"); you may not use this file
* except in compliance with the License. You may obtain a
* copy of the License at the following location:
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing,
* software distributed under the License is distributed on an
* "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
* KIND, either express or implied. See the License for the
* specific language governing permissions and limitations
* under the License.
*/
package org.jasig.cas.integration.restlet;
import javax.validation.constraints.NotNull;
import org.jasig.cas.CentralAuthenticationService;
import org.jasig.cas.authentication.principal.SimpleWebApplicationServiceImpl;
import org.jasig.cas.ticket.InvalidTicketException;
import org.jasig.cas.validation.Assertion;
import org.jasig.cas.validation.Cas20ProtocolValidationSpecification;
import org.jasig.cas.validation.ValidationSpecification;
import org.jasig.cas.web.support.ArgumentExtractor;
import org.restlet.Context;
import org.restlet.Request;
import org.restlet.Response;
import org.restlet.data.Form;
import org.restlet.data.MediaType;
import org.restlet.data.Status;
import org.restlet.representation.Representation;
import org.restlet.representation.Variant;
import org.restlet.resource.Delete;
import org.restlet.resource.Post;
import org.restlet.resource.ServerResource;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Autowired;
/**
* Implementation of a Restlet resource for creating Service Tickets from a
* TicketGrantingTicket, as well as deleting a TicketGrantingTicket.
*
* @author Scott Battaglia
* @since 3.3
*
*/
public final class TicketGrantingTicketResource extends ServerResource {
private static final Logger LOGGER = LoggerFactory.getLogger(TicketGrantingTicketResource.class);
@Autowired
private CentralAuthenticationService centralAuthenticationService;
/** Extracts parameters from Request object. */
@NotNull
private ArgumentExtractor argumentExtractor;
@NotNull
private Class> validationSpecificationClass = Cas20ProtocolValidationSpecification.class;
private String ticketGrantingTicketId;
public void init(final Context context, final Request request, final Response response) {
super.init(context, request, response);
this.ticketGrantingTicketId = (String) request.getAttributes().get("ticketGrantingTicketId");
this.setNegotiated(false);
this.getVariants().add(new Variant(MediaType.APPLICATION_WWW_FORM));
}
@Delete
public void removeRepresentations() {
this.centralAuthenticationService.destroyTicketGrantingTicket(this.ticketGrantingTicketId);
getResponse().setStatus(Status.SUCCESS_OK);
}
@Post
public void acceptRepresentation(final Representation entity) {
final Form form = new Form(entity);
final String serviceUrl = form.getFirstValue("service");
try {
final String serviceTicketId = this.centralAuthenticationService.grantServiceTicket(
this.ticketGrantingTicketId,
new SimpleWebApplicationServiceImpl(serviceUrl));
//Modify by lumz for validate Service Tickets 2016 4 6 15:09:41
String resultReturn = "false";
if (new SimpleWebApplicationServiceImpl(serviceUrl) == null || serviceTicketId == null) {
LOGGER.debug("Could not identify service and/or service ticket. Service: {}, Service ticket id: {}", new SimpleWebApplicationServiceImpl(serviceUrl), serviceTicketId);
return;
}
final Assertion assertion = centralAuthenticationService.validateServiceTicket(serviceTicketId, new SimpleWebApplicationServiceImpl(serviceUrl));
final ValidationSpecification validationSpecification = this.getCommandClass();
if (validationSpecification.isSatisfiedBy(assertion)) {
resultReturn = "ture";
}else{
resultReturn = "false";
}
getResponse().setEntity(resultReturn, MediaType.TEXT_PLAIN);
// getResponse().setEntity(serviceTicketId, MediaType.TEXT_PLAIN);
} catch (final InvalidTicketException e) {
getResponse().setStatus(Status.CLIENT_ERROR_NOT_FOUND, "TicketGrantingTicket could not be found.");
} catch (final Exception e) {
LOGGER.error(e.getMessage(), e);
getResponse().setStatus(Status.CLIENT_ERROR_BAD_REQUEST, e.getMessage());
}
}
private ValidationSpecification getCommandClass() {
try {
return (ValidationSpecification) this.validationSpecificationClass.newInstance();
} catch (final Exception e) {
throw new RuntimeException(e);
}
}
}