package org.apereo.cas.web.flow;
|
|
|
import java.net.URISyntaxException;
|
import java.util.HashMap;
|
import java.util.Map;
|
|
|
import org.apache.http.client.utils.URIBuilder;
|
import org.apereo.cas.CentralAuthenticationService;
|
import org.apereo.cas.authentication.Authentication;
|
import org.apereo.cas.authentication.AuthenticationException;
|
import org.apereo.cas.authentication.AuthenticationResult;
|
import org.apereo.cas.authentication.AuthenticationResultBuilder;
|
import org.apereo.cas.authentication.AuthenticationSystemSupport;
|
import org.apereo.cas.authentication.Credential;
|
import org.apereo.cas.authentication.DefaultAuthenticationSystemSupport;
|
import org.apereo.cas.authentication.principal.WebApplicationService;
|
import org.apereo.cas.services.RegisteredService;
|
import org.apereo.cas.services.ServicesManager;
|
import org.apereo.cas.ticket.AbstractTicketException;
|
import org.apereo.cas.ticket.InvalidTicketException;
|
import org.apereo.cas.ticket.ServiceTicket;
|
import org.apereo.cas.ticket.registry.TicketRegistrySupport;
|
import org.apereo.cas.web.landtool.terra.TerraProperties;
|
import org.apereo.cas.web.landtool.utils.HttpUtils;
|
import org.apereo.cas.web.support.WebUtils;
|
import org.springframework.beans.factory.annotation.Autowired;
|
import org.springframework.util.StringUtils;
|
import org.springframework.webflow.action.AbstractAction;
|
import org.springframework.webflow.action.EventFactorySupport;
|
import org.springframework.webflow.core.collection.LocalAttributeMap;
|
import org.springframework.webflow.execution.Event;
|
import org.springframework.webflow.execution.RequestContext;
|
|
/**
|
* @author Tanbin
|
* @date 2018-12-12
|
*/
|
public class GenerateServiceTicketAction extends AbstractAction {
|
private CentralAuthenticationService centralAuthenticationService;
|
|
private AuthenticationSystemSupport authenticationSystemSupport = new DefaultAuthenticationSystemSupport();
|
|
private TicketRegistrySupport ticketRegistrySupport;
|
|
private ServicesManager servicesManager;
|
@Autowired
|
public TerraProperties properties;
|
|
private static String mFalse="false";
|
|
@Override
|
protected Event doExecute(RequestContext context) {
|
WebApplicationService webApplicationService = WebUtils.getService(context);
|
String ticketGrantingTicket = WebUtils.getTicketGrantingTicketId(context);
|
try {
|
Authentication authentication = this.ticketRegistrySupport.getAuthenticationFrom(ticketGrantingTicket);
|
//进行判断,判断service是可以被该用户访问
|
String url=properties.getAdmissionQueryUrl();
|
//String url="http://192.168.1.40:8081/api/sys/systeminfo/isAdmitSysByUserid";
|
Map<String,Object> map =new HashMap<>(5);
|
|
String rep = null;
|
map.put("userid", authentication.getPrincipal().getId());
|
URIBuilder uriBuilder = null;
|
try {
|
uriBuilder = new URIBuilder(webApplicationService.getOriginalUrl());
|
} catch (URISyntaxException e1) {
|
// TODO Auto-generated catch block
|
e1.printStackTrace();
|
}
|
String serv=uriBuilder.getHost();
|
try {
|
rep= HttpUtils.get(url,map);
|
|
} catch (Exception e) {
|
// TODO Auto-generated catch block
|
e.printStackTrace();
|
}
|
if(rep==null||mFalse.equals(rep)){
|
System.out.print(rep);
|
return new Event(this,"error");
|
}
|
if (authentication == null) {
|
throw new InvalidTicketException(new AuthenticationException("No authentication found for ticket " + ticketGrantingTicket), ticketGrantingTicket);
|
}
|
RegisteredService registeredService = this.servicesManager.findServiceBy(webApplicationService);
|
WebUtils.putRegisteredService(context, registeredService);
|
WebUtils.putService(context, webApplicationService);
|
WebUtils.putUnauthorizedRedirectUrlIntoFlowScope(context, registeredService
|
.getAccessStrategy().getUnauthorizedRedirectUrl());
|
if (WebUtils.getWarningCookie(context)) {
|
return result("warn");
|
}
|
Credential credential = WebUtils.getCredential(context);
|
AuthenticationResultBuilder builder = this.authenticationSystemSupport.establishAuthenticationContextFromInitial(authentication, credential);
|
AuthenticationResult authenticationResult = builder.build(webApplicationService);
|
ServiceTicket serviceTicketId = this.centralAuthenticationService.grantServiceTicket(ticketGrantingTicket, webApplicationService, authenticationResult);
|
WebUtils.putServiceTicketInRequestScope(context, serviceTicketId);
|
return success();
|
} catch (AbstractTicketException e) {
|
if (e instanceof InvalidTicketException) {
|
this.centralAuthenticationService.destroyTicketGrantingTicket(ticketGrantingTicket);
|
}
|
if (isGatewayPresent(context)) {
|
return result("gateway");
|
}
|
return newEvent("authenticationFailure", e);
|
}
|
}
|
|
public void setCentralAuthenticationService(CentralAuthenticationService centralAuthenticationService) { this.centralAuthenticationService = centralAuthenticationService; }
|
|
public void setAuthenticationSystemSupport(AuthenticationSystemSupport authenticationSystemSupport) { this.authenticationSystemSupport = authenticationSystemSupport; }
|
|
public void setTicketRegistrySupport(TicketRegistrySupport ticketRegistrySupport) { this.ticketRegistrySupport = ticketRegistrySupport; }
|
|
public void setServicesManager(ServicesManager servicesManager) { this.servicesManager = servicesManager; }
|
|
protected boolean isGatewayPresent(RequestContext context) {
|
return StringUtils.hasText(context.getExternalContext()
|
.getRequestParameterMap().get("gateway"));
|
}
|
|
private Event newEvent(String id, Exception error) { return (new EventFactorySupport()).event(this, id, new LocalAttributeMap("error", error)); }
|
}
|
