From e75606c01154a9fe261bf27219ac7ecd36052746 Mon Sep 17 00:00:00 2001
From: smallbun <2689170096@qq.com>
Date: Tue, 3 Jan 2023 13:44:40 +0800
Subject: [PATCH] =?UTF-8?q?:zap:=20=E4=BC=98=E5=8C=96=E4=BC=9A=E8=AF=9DID?=
=?UTF-8?q?=E8=8E=B7=E5=8F=96?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
---
.../employee/application/package-info.java | 18 ----------------
.../CasIdpSingleSignOnEndpointFilter.java | 21 +++++++------------
2 files changed, 7 insertions(+), 32 deletions(-)
delete mode 100644 eiam-application/eiam-application-cas/src/main/java/cn/topiam/employee/application/package-info.java
diff --git a/eiam-application/eiam-application-cas/src/main/java/cn/topiam/employee/application/package-info.java b/eiam-application/eiam-application-cas/src/main/java/cn/topiam/employee/application/package-info.java
deleted file mode 100644
index 4c1a1809..00000000
--- a/eiam-application/eiam-application-cas/src/main/java/cn/topiam/employee/application/package-info.java
+++ /dev/null
@@ -1,18 +0,0 @@
-/*
- * eiam-application-cas - Employee Identity and Access Management Program
- * Copyright © 2020-2023 TopIAM (support@topiam.cn)
- *
- * This program is free software: you can redistribute it and/or modify
- * it under the terms of the GNU Affero General Public License as published by
- * the Free Software Foundation, either version 3 of the License, or
- * (at your option) any later version.
- *
- * This program is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
- * GNU Affero General Public License for more details.
- *
- * You should have received a copy of the GNU Affero General Public License
- * along with this program. If not, see .
- */
-package cn.topiam.employee.application;
\ No newline at end of file
diff --git a/eiam-protocol/eiam-protocol-cas/src/main/java/cn/topiam/employee/protocol/cas/idp/endpoint/CasIdpSingleSignOnEndpointFilter.java b/eiam-protocol/eiam-protocol-cas/src/main/java/cn/topiam/employee/protocol/cas/idp/endpoint/CasIdpSingleSignOnEndpointFilter.java
index 71ae1d6b..14c72c64 100644
--- a/eiam-protocol/eiam-protocol-cas/src/main/java/cn/topiam/employee/protocol/cas/idp/endpoint/CasIdpSingleSignOnEndpointFilter.java
+++ b/eiam-protocol/eiam-protocol-cas/src/main/java/cn/topiam/employee/protocol/cas/idp/endpoint/CasIdpSingleSignOnEndpointFilter.java
@@ -18,19 +18,18 @@
package cn.topiam.employee.protocol.cas.idp.endpoint;
import java.io.IOException;
-import java.util.List;
import javax.servlet.FilterChain;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
+import org.jetbrains.annotations.NotNull;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.boot.web.servlet.filter.OrderedFilter;
import org.springframework.core.Ordered;
import org.springframework.http.HttpMethod;
-import org.springframework.security.core.session.SessionInformation;
import org.springframework.security.core.session.SessionRegistry;
import org.springframework.security.web.util.matcher.AntPathRequestMatcher;
import org.springframework.security.web.util.matcher.RequestMatcher;
@@ -48,12 +47,10 @@ import cn.topiam.employee.core.context.ServerContextHelp;
import cn.topiam.employee.core.protocol.CasSsoModel;
import cn.topiam.employee.core.security.savedredirect.HttpSessionRedirectCache;
import cn.topiam.employee.core.security.savedredirect.RedirectCache;
-import cn.topiam.employee.core.security.userdetails.UserDetails;
import cn.topiam.employee.core.security.util.SecurityUtils;
import cn.topiam.employee.protocol.cas.idp.auth.CentralAuthenticationService;
import cn.topiam.employee.protocol.cas.idp.tickets.ServiceTicket;
import cn.topiam.employee.protocol.cas.idp.tickets.TicketGrantingTicket;
-import cn.topiam.employee.support.exception.TopIamException;
import static cn.topiam.employee.common.constants.AuthorizeConstants.FE_LOGIN;
import static cn.topiam.employee.core.security.util.SecurityUtils.isAuthenticated;
import static cn.topiam.employee.protocol.cas.idp.constant.ProtocolConstants.SERVICE;
@@ -97,8 +94,10 @@ public class CasIdpSingleSignOnEndpointFilter extends OncePerRequestFilter
}
@Override
- protected void doFilterInternal(HttpServletRequest request, HttpServletResponse response,
- FilterChain filterChain) throws ServletException, IOException {
+ protected void doFilterInternal(@NotNull HttpServletRequest request,
+ @NotNull HttpServletResponse response,
+ @NotNull FilterChain filterChain) throws ServletException,
+ IOException {
if (CAS_SSO_REQUEST_MATCHER.matches(request)) {
if (!isAuthenticated()) {
//Saved Redirect
@@ -110,13 +109,7 @@ public class CasIdpSingleSignOnEndpointFilter extends OncePerRequestFilter
response.sendRedirect(ServerContextHelp.getPortalPublicBaseUrl() + FE_LOGIN);
return;
}
- UserDetails userDetails = SecurityUtils.getCurrentUser();
- List sessionInformations = sessionRegistry
- .getAllSessions(userDetails.getUsername(), false);
- if (sessionInformations.size() != 1) {
- throw new TopIamException("用户身份出现异常");
- }
- String sessionId = sessionInformations.get(0).getSessionId();
+ String sessionId = request.getSession(false).getId();
//获取应用配置
ApplicationContext applicationContext = ApplicationContextHolder
.getApplicationContext();
@@ -132,7 +125,7 @@ public class CasIdpSingleSignOnEndpointFilter extends OncePerRequestFilter
if (ticketGrantingTicket == null) {
ticketGrantingTicket = centralAuthenticationService
- .createTicketGrantingTicket(userDetails, sessionId);
+ .createTicketGrantingTicket(SecurityUtils.getCurrentUser(), sessionId);
}
ServiceTicket serviceTicket = centralAuthenticationService
.grantServiceTicket(ticketGrantingTicket.getId(), service);