mirror of https://gitee.com/topiam/eiam
⚡ 优化会话ID获取
smallbun
parent
4b9cf1e4c6
commit
e75606c011
|
|
@ -1,18 +0,0 @@
|
|||
/*
|
||||
* eiam-application-cas - Employee Identity and Access Management Program
|
||||
* Copyright © 2020-2023 TopIAM (support@topiam.cn)
|
||||
*
|
||||
* This program is free software: you can redistribute it and/or modify
|
||||
* it under the terms of the GNU Affero General Public License as published by
|
||||
* the Free Software Foundation, either version 3 of the License, or
|
||||
* (at your option) any later version.
|
||||
*
|
||||
* This program is distributed in the hope that it will be useful,
|
||||
* but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||
* GNU Affero General Public License for more details.
|
||||
*
|
||||
* You should have received a copy of the GNU Affero General Public License
|
||||
* along with this program. If not, see <http://www.gnu.org/licenses/>.
|
||||
*/
|
||||
package cn.topiam.employee.application;
|
||||
|
|
@ -18,19 +18,18 @@
|
|||
package cn.topiam.employee.protocol.cas.idp.endpoint;
|
||||
|
||||
import java.io.IOException;
|
||||
import java.util.List;
|
||||
|
||||
import javax.servlet.FilterChain;
|
||||
import javax.servlet.ServletException;
|
||||
import javax.servlet.http.HttpServletRequest;
|
||||
import javax.servlet.http.HttpServletResponse;
|
||||
|
||||
import org.jetbrains.annotations.NotNull;
|
||||
import org.slf4j.Logger;
|
||||
import org.slf4j.LoggerFactory;
|
||||
import org.springframework.boot.web.servlet.filter.OrderedFilter;
|
||||
import org.springframework.core.Ordered;
|
||||
import org.springframework.http.HttpMethod;
|
||||
import org.springframework.security.core.session.SessionInformation;
|
||||
import org.springframework.security.core.session.SessionRegistry;
|
||||
import org.springframework.security.web.util.matcher.AntPathRequestMatcher;
|
||||
import org.springframework.security.web.util.matcher.RequestMatcher;
|
||||
|
|
@ -48,12 +47,10 @@ import cn.topiam.employee.core.context.ServerContextHelp;
|
|||
import cn.topiam.employee.core.protocol.CasSsoModel;
|
||||
import cn.topiam.employee.core.security.savedredirect.HttpSessionRedirectCache;
|
||||
import cn.topiam.employee.core.security.savedredirect.RedirectCache;
|
||||
import cn.topiam.employee.core.security.userdetails.UserDetails;
|
||||
import cn.topiam.employee.core.security.util.SecurityUtils;
|
||||
import cn.topiam.employee.protocol.cas.idp.auth.CentralAuthenticationService;
|
||||
import cn.topiam.employee.protocol.cas.idp.tickets.ServiceTicket;
|
||||
import cn.topiam.employee.protocol.cas.idp.tickets.TicketGrantingTicket;
|
||||
import cn.topiam.employee.support.exception.TopIamException;
|
||||
import static cn.topiam.employee.common.constants.AuthorizeConstants.FE_LOGIN;
|
||||
import static cn.topiam.employee.core.security.util.SecurityUtils.isAuthenticated;
|
||||
import static cn.topiam.employee.protocol.cas.idp.constant.ProtocolConstants.SERVICE;
|
||||
|
|
@ -97,8 +94,10 @@ public class CasIdpSingleSignOnEndpointFilter extends OncePerRequestFilter
|
|||
}
|
||||
|
||||
@Override
|
||||
protected void doFilterInternal(HttpServletRequest request, HttpServletResponse response,
|
||||
FilterChain filterChain) throws ServletException, IOException {
|
||||
protected void doFilterInternal(@NotNull HttpServletRequest request,
|
||||
@NotNull HttpServletResponse response,
|
||||
@NotNull FilterChain filterChain) throws ServletException,
|
||||
IOException {
|
||||
if (CAS_SSO_REQUEST_MATCHER.matches(request)) {
|
||||
if (!isAuthenticated()) {
|
||||
//Saved Redirect
|
||||
|
|
@ -110,13 +109,7 @@ public class CasIdpSingleSignOnEndpointFilter extends OncePerRequestFilter
|
|||
response.sendRedirect(ServerContextHelp.getPortalPublicBaseUrl() + FE_LOGIN);
|
||||
return;
|
||||
}
|
||||
UserDetails userDetails = SecurityUtils.getCurrentUser();
|
||||
List<SessionInformation> sessionInformations = sessionRegistry
|
||||
.getAllSessions(userDetails.getUsername(), false);
|
||||
if (sessionInformations.size() != 1) {
|
||||
throw new TopIamException("用户身份出现异常");
|
||||
}
|
||||
String sessionId = sessionInformations.get(0).getSessionId();
|
||||
String sessionId = request.getSession(false).getId();
|
||||
//获取应用配置
|
||||
ApplicationContext applicationContext = ApplicationContextHolder
|
||||
.getApplicationContext();
|
||||
|
|
@ -132,7 +125,7 @@ public class CasIdpSingleSignOnEndpointFilter extends OncePerRequestFilter
|
|||
|
||||
if (ticketGrantingTicket == null) {
|
||||
ticketGrantingTicket = centralAuthenticationService
|
||||
.createTicketGrantingTicket(userDetails, sessionId);
|
||||
.createTicketGrantingTicket(SecurityUtils.getCurrentUser(), sessionId);
|
||||
}
|
||||
ServiceTicket serviceTicket = centralAuthenticationService
|
||||
.grantServiceTicket(ticketGrantingTicket.getId(), service);
|
||||
|
|
|
|||
Loading…
Reference in New Issue