diff --git a/maxkey-protocols/maxkey-protocol-cas/src/main/java/org/maxkey/authz/cas/endpoint/Cas10AuthorizeEndpoint.java b/maxkey-protocols/maxkey-protocol-cas/src/main/java/org/maxkey/authz/cas/endpoint/Cas10AuthorizeEndpoint.java index 7568251c6..a5eddbcf9 100644 --- a/maxkey-protocols/maxkey-protocol-cas/src/main/java/org/maxkey/authz/cas/endpoint/Cas10AuthorizeEndpoint.java +++ b/maxkey-protocols/maxkey-protocol-cas/src/main/java/org/maxkey/authz/cas/endpoint/Cas10AuthorizeEndpoint.java @@ -82,7 +82,7 @@ renew [OPTIONAL] - if this parameter is set, ticket validation will only succeed */ @ApiOperation(value = "CAS 1.0 ticket验证接口", notes = "通过ticket获取当前登录用户信息",httpMethod="POST") - @RequestMapping("/authz/cas/validate") + @RequestMapping(CasConstants.ENDPOINT.ENDPOINT_VALIDATE) @ResponseBody public String validate( HttpServletRequest request, diff --git a/maxkey-protocols/maxkey-protocol-cas/src/main/java/org/maxkey/authz/cas/endpoint/Cas20AuthorizeEndpoint.java b/maxkey-protocols/maxkey-protocol-cas/src/main/java/org/maxkey/authz/cas/endpoint/Cas20AuthorizeEndpoint.java index 320bfb293..889b407b9 100644 --- a/maxkey-protocols/maxkey-protocol-cas/src/main/java/org/maxkey/authz/cas/endpoint/Cas20AuthorizeEndpoint.java +++ b/maxkey-protocols/maxkey-protocol-cas/src/main/java/org/maxkey/authz/cas/endpoint/Cas20AuthorizeEndpoint.java @@ -171,7 +171,7 @@ INTERNAL_ERROR - an internal error occurred during ticket validation For all error codes, it is RECOMMENDED that CAS provide a more detailed message as the body of the \ block of the XML response. */ @ApiOperation(value = "CAS 2.0 ticket验证接口", notes = "通过ticket获取当前登录用户信息",httpMethod="POST") - @RequestMapping(value="/authz/cas/serviceValidate",produces =MediaType.APPLICATION_XML_VALUE) + @RequestMapping(value=CasConstants.ENDPOINT.ENDPOINT_SERVICE_VALIDATE,produces =MediaType.APPLICATION_XML_VALUE) @ResponseBody public String serviceValidate( HttpServletRequest request, @@ -294,7 +294,7 @@ Response on ticket validation failure: */ @ApiOperation(value = "CAS 2.0 ticket代理验证接口", notes = "通过ticket获取当前登录用户信息",httpMethod="POST") - @RequestMapping(value="/authz/cas/proxyValidate",produces =MediaType.APPLICATION_XML_VALUE) + @RequestMapping(value=CasConstants.ENDPOINT.ENDPOINT_PROXY_VALIDATE,produces =MediaType.APPLICATION_XML_VALUE) @ResponseBody public String proxy( HttpServletRequest request, @@ -395,7 +395,7 @@ INTERNAL_ERROR - an internal error occurred during ticket validation For all error codes, it is RECOMMENDED that CAS provide a more detailed message as the body of the block of the XML response. */ - @RequestMapping(value="/authz/cas/proxy" ,produces =MediaType.APPLICATION_XML_VALUE) + @RequestMapping(value=CasConstants.ENDPOINT.ENDPOINT_PROXY ,produces =MediaType.APPLICATION_XML_VALUE) @ResponseBody public String proxy( HttpServletRequest request, diff --git a/maxkey-protocols/maxkey-protocol-cas/src/main/java/org/maxkey/authz/cas/endpoint/Cas30AuthorizeEndpoint.java b/maxkey-protocols/maxkey-protocol-cas/src/main/java/org/maxkey/authz/cas/endpoint/Cas30AuthorizeEndpoint.java index 42ba16a56..8b9bdfec2 100644 --- a/maxkey-protocols/maxkey-protocol-cas/src/main/java/org/maxkey/authz/cas/endpoint/Cas30AuthorizeEndpoint.java +++ b/maxkey-protocols/maxkey-protocol-cas/src/main/java/org/maxkey/authz/cas/endpoint/Cas30AuthorizeEndpoint.java @@ -55,7 +55,7 @@ public class Cas30AuthorizeEndpoint extends CasBaseAuthorizeEndpoint{ final static Logger _logger = LoggerFactory.getLogger(Cas30AuthorizeEndpoint.class); @ApiOperation(value = "CAS 3.0 ticket验证接口", notes = "通过ticket获取当前登录用户信息",httpMethod="POST") - @RequestMapping(value="/authz/cas/p3/serviceValidate") + @RequestMapping(value=CasConstants.ENDPOINT.ENDPOINT_SERVICE_VALIDATE_V3) public void serviceValidate( HttpServletRequest request, HttpServletResponse response, @@ -116,7 +116,7 @@ public class Cas30AuthorizeEndpoint extends CasBaseAuthorizeEndpoint{ } @ApiOperation(value = "CAS 3.0 ProxyTicket代理验证接口", notes = "通过ProxyGrantingTicket获取ProxyTicket",httpMethod="POST") - @RequestMapping("/authz/cas/p3/proxy") + @RequestMapping(CasConstants.ENDPOINT.ENDPOINT_PROXY_V3) public void proxy( HttpServletRequest request, HttpServletResponse response, @@ -142,7 +142,7 @@ public class Cas30AuthorizeEndpoint extends CasBaseAuthorizeEndpoint{ } @ApiOperation(value = "CAS 3.0 ticket代理验证接口", notes = "通过ProxyTicket获取当前登录用户信息",httpMethod="POST") - @RequestMapping("/authz/cas/p3/proxyValidate") + @RequestMapping(CasConstants.ENDPOINT.ENDPOINT_PROXY_VALIDATE_V3) public void proxy( HttpServletRequest request, HttpServletResponse response, diff --git a/maxkey-protocols/maxkey-protocol-cas/src/main/java/org/maxkey/authz/cas/endpoint/CasAuthorizeEndpoint.java b/maxkey-protocols/maxkey-protocol-cas/src/main/java/org/maxkey/authz/cas/endpoint/CasAuthorizeEndpoint.java index 72db6eb30..0c1c04c9b 100644 --- a/maxkey-protocols/maxkey-protocol-cas/src/main/java/org/maxkey/authz/cas/endpoint/CasAuthorizeEndpoint.java +++ b/maxkey-protocols/maxkey-protocol-cas/src/main/java/org/maxkey/authz/cas/endpoint/CasAuthorizeEndpoint.java @@ -56,7 +56,7 @@ public class CasAuthorizeEndpoint extends CasBaseAuthorizeEndpoint{ final static Logger _logger = LoggerFactory.getLogger(CasAuthorizeEndpoint.class); @ApiOperation(value = "CAS页面跳转service认证接口", notes = "传递参数service",httpMethod="GET") - @RequestMapping("/authz/cas/login") + @RequestMapping(CasConstants.ENDPOINT.ENDPOINT_LOGIN) public ModelAndView casLogin( HttpServletRequest request, HttpServletResponse response, @@ -69,7 +69,7 @@ public class CasAuthorizeEndpoint extends CasBaseAuthorizeEndpoint{ } @ApiOperation(value = "CAS页面跳转应用ID认证接口", notes = "传递参数应用ID",httpMethod="GET") - @RequestMapping("/authz/cas/{id}") + @RequestMapping(CasConstants.ENDPOINT.ENDPOINT_BASE + "/{id}") public ModelAndView authorize( HttpServletRequest request, HttpServletResponse response, @@ -94,10 +94,10 @@ public class CasAuthorizeEndpoint extends CasBaseAuthorizeEndpoint{ WebContext.setAttribute(CasConstants.PARAMETER.ENDPOINT_CAS_DETAILS, casDetails); WebContext.setAttribute(WebConstants.SINGLE_SIGN_ON_APP_ID, casDetails.getId()); WebContext.setAttribute(WebConstants.AUTHORIZE_SIGN_ON_APP,casDetails); - return WebContext.redirect("/authz/cas/granting"); + return WebContext.redirect(CasConstants.ENDPOINT.ENDPOINT_SERVICE_TICKET_GRANTING); } - @RequestMapping("/authz/cas/granting") + @RequestMapping(CasConstants.ENDPOINT.ENDPOINT_SERVICE_TICKET_GRANTING) public ModelAndView grantingTicket(Principal principal, @AuthenticationPrincipal Object user, HttpServletRequest request, @@ -157,7 +157,7 @@ public class CasAuthorizeEndpoint extends CasBaseAuthorizeEndpoint{ * @return */ @ApiOperation(value = "CAS注销接口", notes = "CAS注销接口",httpMethod="GET") - @RequestMapping("/authz/cas/logout") + @RequestMapping(CasConstants.ENDPOINT.ENDPOINT_LOGOUT) public ModelAndView logout( HttpServletRequest request, HttpServletResponse response, diff --git a/maxkey-protocols/maxkey-protocol-cas/src/main/java/org/maxkey/authz/cas/endpoint/CasRestV1Endpoint.java b/maxkey-protocols/maxkey-protocol-cas/src/main/java/org/maxkey/authz/cas/endpoint/CasRestV1Endpoint.java index 65556eb85..3f4ad0a34 100644 --- a/maxkey-protocols/maxkey-protocol-cas/src/main/java/org/maxkey/authz/cas/endpoint/CasRestV1Endpoint.java +++ b/maxkey-protocols/maxkey-protocol-cas/src/main/java/org/maxkey/authz/cas/endpoint/CasRestV1Endpoint.java @@ -66,7 +66,7 @@ public class CasRestV1Endpoint extends CasBaseAuthorizeEndpoint{ AbstractAuthenticationProvider authenticationProvider ; @ApiOperation(value = "CAS REST认证接口", notes = "通过用户名密码获取TGT",httpMethod="POST") - @RequestMapping(value="/authz/cas/v1/tickets", + @RequestMapping(value=CasConstants.ENDPOINT.ENDPOINT_REST_TICKET_V1, method=RequestMethod.POST, consumes = MediaType.APPLICATION_FORM_URLENCODED_VALUE) public ResponseEntity casLoginRestTickets( @@ -87,9 +87,11 @@ public class CasRestV1Endpoint extends CasBaseAuthorizeEndpoint{ TicketGrantingTicketImpl ticketGrantingTicket=new TicketGrantingTicketImpl("Random",WebContext.getAuthentication(),null); String ticket=casTicketGrantingTicketServices.createTicket(ticketGrantingTicket); - String location = applicationConfig.getServerPrefix()+"/authz/cas/v1/tickets/" + ticket; + String location = applicationConfig.getServerPrefix()+CasConstants.ENDPOINT.ENDPOINT_REST_TICKET_V1 +"/" + ticket; HttpHeaders headers = new HttpHeaders(); headers.add("location", location); + _logger.trace("ticket "+ticket); + _logger.trace("location "+location); return new ResponseEntity<>("Location: " + location, headers ,HttpStatus.CREATED); } catch (final AuthenticationException e) { @@ -103,7 +105,7 @@ public class CasRestV1Endpoint extends CasBaseAuthorizeEndpoint{ } @ApiOperation(value = "CAS REST认证接口", notes = "通过TGT获取ST",httpMethod="POST") - @RequestMapping(value="/authz/cas/v1/tickets/{ticketGrantingTicket}", + @RequestMapping(value=CasConstants.ENDPOINT.ENDPOINT_REST_TICKET_V1+"/{ticketGrantingTicket}", method=RequestMethod.POST, consumes = MediaType.APPLICATION_FORM_URLENCODED_VALUE) public ResponseEntity requestServiceTicket( @@ -131,7 +133,7 @@ public class CasRestV1Endpoint extends CasBaseAuthorizeEndpoint{ return new ResponseEntity<>("", HttpStatus.BAD_REQUEST); } @ApiOperation(value = "CAS REST认证接口", notes = "检查TGT状态",httpMethod="GET") - @RequestMapping(value="/authz/cas/v1/tickets/{ticketGrantingTicket}", + @RequestMapping(value=CasConstants.ENDPOINT.ENDPOINT_REST_TICKET_V1 + "/{ticketGrantingTicket}", method=RequestMethod.GET) public ResponseEntity verifyTicketGrantingTicketStatus( @PathVariable("ticketGrantingTicket") String ticketGrantingTicket, @@ -151,7 +153,7 @@ public class CasRestV1Endpoint extends CasBaseAuthorizeEndpoint{ } @ApiOperation(value = "CAS REST认证接口", notes = "注销TGT状态",httpMethod="DELETE") - @RequestMapping(value="/authz/cas/v1/tickets/{ticketGrantingTicket}", + @RequestMapping(value=CasConstants.ENDPOINT.ENDPOINT_REST_TICKET_V1+"/{ticketGrantingTicket}", method=RequestMethod.DELETE) public ResponseEntity destroyTicketGrantingTicket( @PathVariable("ticketGrantingTicket") String ticketGrantingTicket, @@ -171,7 +173,7 @@ public class CasRestV1Endpoint extends CasBaseAuthorizeEndpoint{ } @ApiOperation(value = "CAS REST认证接口", notes = "用户名密码登录接口",httpMethod="POST") - @RequestMapping(value="/authz/cas/v1/users", + @RequestMapping(value=CasConstants.ENDPOINT.ENDPOINT_REST_USERS_V1, method=RequestMethod.POST, consumes = MediaType.APPLICATION_FORM_URLENCODED_VALUE) public ResponseEntity casLoginRestUsers( @@ -192,7 +194,7 @@ public class CasRestV1Endpoint extends CasBaseAuthorizeEndpoint{ TicketGrantingTicketImpl ticketGrantingTicket=new TicketGrantingTicketImpl("Random",WebContext.getAuthentication(),null); String ticket=casTicketGrantingTicketServices.createTicket(ticketGrantingTicket); - String location = applicationConfig.getServerPrefix()+"/authz/cas/v1/tickets/" + ticket; + String location = applicationConfig.getServerPrefix() + CasConstants.ENDPOINT.ENDPOINT_REST_TICKET_V1 + ticket; HttpHeaders headers = new HttpHeaders(); headers.add("location", location); ServiceResponseBuilder serviceResponseBuilder=new ServiceResponseBuilder(); diff --git a/maxkey-protocols/maxkey-protocol-cas/src/main/java/org/maxkey/authz/cas/endpoint/ticket/CasConstants.java b/maxkey-protocols/maxkey-protocol-cas/src/main/java/org/maxkey/authz/cas/endpoint/ticket/CasConstants.java index 63fb6531f..5891b916f 100644 --- a/maxkey-protocols/maxkey-protocol-cas/src/main/java/org/maxkey/authz/cas/endpoint/ticket/CasConstants.java +++ b/maxkey-protocols/maxkey-protocol-cas/src/main/java/org/maxkey/authz/cas/endpoint/ticket/CasConstants.java @@ -83,7 +83,7 @@ public class CasConstants { /* CAS Protocol Error Codes. **/ public static class ERROR_CODE{ /** Constant representing an invalid request for validation. */ - public static String INVALID_REQUEST = "INVALID_REQUEST"; + public static String INVALID_REQUEST = "INVALID_REQUEST"; /** Constant representing an invalid pgt request. */ public static String INVALID_REQUEST_PROXY = "INVALID_REQUEST_PROXY"; public static String INVALID_TICKET_SPEC = "INVALID_TICKET_SPEC"; @@ -99,4 +99,61 @@ public class CasConstants { /** Constant representing an invalid service request. */ public static String UNAUTHORIZED_SERVICE = "UNAUTHORIZED_SERVICE"; } + + /* CAS Protocol endpoint. **/ + public static class ENDPOINT{ + public static final String ENDPOINT_BASE = "/authz/cas"; + /** + * Constant representing login. + */ + public static final String ENDPOINT_LOGIN = ENDPOINT_BASE + "/login"; + + /** + * Constant representing logout. + */ + public static final String ENDPOINT_LOGOUT = ENDPOINT_BASE + "/logout"; + + /** + * Constant representing proxy validate. + */ + public static final String ENDPOINT_PROXY_VALIDATE = ENDPOINT_BASE + "/proxyValidate"; + + /** + * Constant representing v3 proxy validate. + */ + public static final String ENDPOINT_PROXY_VALIDATE_V3 = ENDPOINT_BASE + "/p3/proxyValidate"; + + /** + * Constant representing legacy validate. + */ + public static final String ENDPOINT_VALIDATE = ENDPOINT_BASE + "/validate"; + + /** + * Constant representing service validate. + */ + public static final String ENDPOINT_SERVICE_VALIDATE = ENDPOINT_BASE + "/serviceValidate"; + + /** + * Constant representing v3 service validate. + */ + public static final String ENDPOINT_SERVICE_VALIDATE_V3 = ENDPOINT_BASE + "/p3/serviceValidate"; + + /** + * Constant representing proxy endpoint. + */ + public static final String ENDPOINT_PROXY = ENDPOINT_BASE + "/proxy"; + + /** + * Constant representing v3 proxy endpoint. + */ + public static final String ENDPOINT_PROXY_V3 = ENDPOINT_BASE + "/p3/proxy"; + + public static final String ENDPOINT_SERVICE_TICKET_GRANTING = ENDPOINT_BASE + "/granting"; + + public static final String ENDPOINT_REST_TICKET_V1 = ENDPOINT_BASE + "/v1/tickets"; + + public static final String ENDPOINT_REST_USERS_V1 = ENDPOINT_BASE + "/v1/users"; + + + } } diff --git a/maxkey-protocols/maxkey-protocol-cas/src/test/java/org/maxkey/web/authorize/endpoint/RestTestClient.java b/maxkey-protocols/maxkey-protocol-cas/src/test/java/org/maxkey/web/authorize/endpoint/RestTestClient.java index d02cbe008..4a1767965 100644 --- a/maxkey-protocols/maxkey-protocol-cas/src/test/java/org/maxkey/web/authorize/endpoint/RestTestClient.java +++ b/maxkey-protocols/maxkey-protocol-cas/src/test/java/org/maxkey/web/authorize/endpoint/RestTestClient.java @@ -40,7 +40,7 @@ public class RestTestClient { final String casUrlPrefix = "http://sso.maxkey.top/maxkey/authz/cas/"; String username ="admin"; String password ="maxkey"; - String serviceUrl = "http://cas.demo.maxkey.top:8080/demo-cas/"; + String serviceUrl = "http://cas.demo.maxkey.top:9521/demo-cas/"; CasConfiguration casConfiguration = new CasConfiguration(casUrlPrefix); final CasRestAuthenticator authenticator = new CasRestAuthenticator(casConfiguration); final CasRestFormClient client = new CasRestFormClient(casConfiguration,"username","password");