⚡ 优化会话ID获取

eiam-application/eiam-application-cas/src/main/java/cn/topiam/employee/application/package-info.java

@@ -1,18 +0,0 @@
-/*
- * eiam-application-cas - Employee Identity and Access Management Program
- * Copyright © 2020-2023 TopIAM (support@topiam.cn)
- *
- * This program is free software: you can redistribute it and/or modify
- * it under the terms of the GNU Affero General Public License as published by
- * the Free Software Foundation, either version 3 of the License, or
- * (at your option) any later version.
- *
- * This program is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
- * GNU Affero General Public License for more details.
- *
- * You should have received a copy of the GNU Affero General Public License
- * along with this program.  If not, see <http://www.gnu.org/licenses/>.
- */
-package cn.topiam.employee.application;

eiam-protocol/eiam-protocol-cas/src/main/java/cn/topiam/employee/protocol/cas/idp/endpoint/CasIdpSingleSignOnEndpointFilter.java

@@ -18,19 +18,18 @@
 package cn.topiam.employee.protocol.cas.idp.endpoint;
 
 import java.io.IOException;
-import java.util.List;
 
 import javax.servlet.FilterChain;
 import javax.servlet.ServletException;
 import javax.servlet.http.HttpServletRequest;
 import javax.servlet.http.HttpServletResponse;
 
+import org.jetbrains.annotations.NotNull;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
 import org.springframework.boot.web.servlet.filter.OrderedFilter;
 import org.springframework.core.Ordered;
 import org.springframework.http.HttpMethod;
-import org.springframework.security.core.session.SessionInformation;
 import org.springframework.security.core.session.SessionRegistry;
 import org.springframework.security.web.util.matcher.AntPathRequestMatcher;
 import org.springframework.security.web.util.matcher.RequestMatcher;
@@ -48,12 +47,10 @@ import cn.topiam.employee.core.context.ServerContextHelp;
 import cn.topiam.employee.core.protocol.CasSsoModel;
 import cn.topiam.employee.core.security.savedredirect.HttpSessionRedirectCache;
 import cn.topiam.employee.core.security.savedredirect.RedirectCache;
-import cn.topiam.employee.core.security.userdetails.UserDetails;
 import cn.topiam.employee.core.security.util.SecurityUtils;
 import cn.topiam.employee.protocol.cas.idp.auth.CentralAuthenticationService;
 import cn.topiam.employee.protocol.cas.idp.tickets.ServiceTicket;
 import cn.topiam.employee.protocol.cas.idp.tickets.TicketGrantingTicket;
-import cn.topiam.employee.support.exception.TopIamException;
 import static cn.topiam.employee.common.constants.AuthorizeConstants.FE_LOGIN;
 import static cn.topiam.employee.core.security.util.SecurityUtils.isAuthenticated;
 import static cn.topiam.employee.protocol.cas.idp.constant.ProtocolConstants.SERVICE;
@@ -97,8 +94,10 @@ public class CasIdpSingleSignOnEndpointFilter extends OncePerRequestFilter
     }
 
     @Override
-    protected void doFilterInternal(HttpServletRequest request, HttpServletResponse response,
-                                    FilterChain filterChain) throws ServletException, IOException {
+    protected void doFilterInternal(@NotNull HttpServletRequest request,
+                                    @NotNull HttpServletResponse response,
+                                    @NotNull FilterChain filterChain) throws ServletException,
+                                                                      IOException {
         if (CAS_SSO_REQUEST_MATCHER.matches(request)) {
             if (!isAuthenticated()) {
                 //Saved Redirect
@@ -110,13 +109,7 @@ public class CasIdpSingleSignOnEndpointFilter extends OncePerRequestFilter
                 response.sendRedirect(ServerContextHelp.getPortalPublicBaseUrl() + FE_LOGIN);
                 return;
             }
-            UserDetails userDetails = SecurityUtils.getCurrentUser();
-            List<SessionInformation> sessionInformations = sessionRegistry
-                .getAllSessions(userDetails.getUsername(), false);
-            if (sessionInformations.size() != 1) {
-                throw new TopIamException("用户身份出现异常");
-            }
-            String sessionId = sessionInformations.get(0).getSessionId();
+            String sessionId = request.getSession(false).getId();
             //获取应用配置
             ApplicationContext applicationContext = ApplicationContextHolder
                 .getApplicationContext();
@@ -132,7 +125,7 @@ public class CasIdpSingleSignOnEndpointFilter extends OncePerRequestFilter
 
             if (ticketGrantingTicket == null) {
                 ticketGrantingTicket = centralAuthenticationService
-                    .createTicketGrantingTicket(userDetails, sessionId);
+                    .createTicketGrantingTicket(SecurityUtils.getCurrentUser(), sessionId);
             }
             ServiceTicket serviceTicket = centralAuthenticationService
                 .grantServiceTicket(ticketGrantingTicket.getId(), service);