cas客户端集成单点登录代码

/** * Licensed to Jasig under one or more contributor license * agreements. See the NOTICE file distributed with this work * for additional information regarding copyright ownership. * Jasig licenses this file to you under the Apache License, * Version 2.0 (the "License"); you may not use this file * except in compliance with the License. You may obtain a * copy of the License at: * * http://www.apache.org/licenses/LICENSE-2.0 * * Unless required by applicable law or agreed to in writing, * software distributed under the License is distributed on * an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY * KIND, either express or implied. See the License for the * specific language governing permissions and limitations * under the License. */ package org.jasig.cas.client.validation; import org.jasig.cas.client.authentication.AttributePrincipal; import org.jasig.cas.client.authentication.AttributePrincipalImpl; import org.jasig.cas.client.proxy.Cas20ProxyRetriever; import org.jasig.cas.client.proxy.ProxyGrantingTicketStorage; import org.jasig.cas.client.proxy.ProxyRetriever; import org.jasig.cas.client.util.CommonUtils; import org.jasig.cas.client.util.XmlUtils; import java.io.BufferedReader; import java.io.IOException; import java.io.StringReader; import java.util.ArrayList; import java.util.Collections; import java.util.HashMap; import java.util.List; import java.util.Map; /** * Implementation of the TicketValidator that will validate Service Tickets in compliance with the CAS 2. * * @author Scott Battaglia * @version $Revision$ $Date$ * @since 3.1 */ public class Cas20ServiceTicketValidator extends AbstractCasProtocolUrlBasedTicketValidator { /** The CAS 2.0 protocol proxy callback url. */ private String proxyCallbackUrl; /** The storage location of the proxy granting tickets. */ private ProxyGrantingTicketStorage proxyGrantingTicketStorage; /** Implementation of the proxy retriever. */ private ProxyRetriever proxyRetriever; /** * Constructs an instance of the CAS 2.0 Service Ticket Validator with the supplied * CAS server url prefix. * * @param casServerUrlPrefix the CAS Server URL prefix. */ public Cas20ServiceTicketValidator(final String casServerUrlPrefix) { super(casServerUrlPrefix); this.proxyRetriever = new Cas20ProxyRetriever(casServerUrlPrefix, getEncoding()); } /** * Constructs an instance of the CAS 2.0 Service Ticket Validator with the supplied * CAS server url prefix. * * @param casServerUrlPrefix the CAS Server URL prefix. * @author zouping * encoding容섋�ㅴ맏null竊뚪?싪퓝�엫�?졾눦�빊溫양쉰煐뽫쟻�댍 */ public Cas20ServiceTicketValidator(final String casServerUrlPrefix, String encoding) { super(casServerUrlPrefix); this.proxyRetriever = new Cas20ProxyRetriever(casServerUrlPrefix, encoding); this.setEncoding(encoding); } /** * Adds the pgtUrl to the list of parameters to pass to the CAS server. * * @param urlParameters the Map containing the existing parameters to send to the server. */ protected final void populateUrlAttributeMap(final Map<String,String> urlParameters) { urlParameters.put("pgtUrl", encodeUrl(this.proxyCallbackUrl)); } protected String getUrlSuffix() { return "serviceValidate"; } protected final Assertion parseResponseFromServer(final String response) throws TicketValidationException { final String error = XmlUtils.getTextForElement(response, "authenticationFailure"); if (CommonUtils.isNotBlank(error)) { throw new TicketValidationException(error); } final String principal = XmlUtils.getTextForElement(response, "user"); final String proxyGrantingTicketIou = XmlUtils.getTextForElement(response, "proxyGrantingTicket"); final String proxyGrantingTicket = this.proxyGrantingTicketStorage != null ? this.proxyGrantingTicketStorage.retrieve(proxyGrantingTicketIou) : null; if (CommonUtils.isEmpty(principal)) { throw new TicketValidationException("No principal was found in the response from the CAS server."); } final Assertion assertion; final Map<String,Object> attributes = extractCustomAttributes(response); if (CommonUtils.isNotBlank(proxyGrantingTicket)) { final AttributePrincipal attributePrincipal = new AttributePrincipalImpl(principal, attributes, proxyGrantingTicket, this.proxyRetriever); assertion = new AssertionImpl(attributePrincipal); } else { assertion = new AssertionImpl(new AttributePrincipalImpl(principal, attributes)); } customParseResponse(response, assertion); return assertion; } /** * Default attribute parsing of attributes that look like the following: * &lt;cas:attributes&gt; * &lt;cas:attribute1&gt;value&lt;/cas:attribute1&gt; * &lt;cas:attribute2&gt;value&lt;/cas:attribute2&gt; * &lt;/cas:attributes&gt; * <p> * This code is here merely for sample/demonstration purposes for those wishing to modify the CAS2 protocol. You'll * probably want a more robust implementation or to use SAML 1.1 * * @param xml the XML to parse. * @return the map of attributes. */ protected Map<String,Object> extractCustomAttributes(final String xml) { final int pos1 = xml.indexOf("<cas:attributes>"); final int pos2 = xml.indexOf("</cas:attributes>"); if (pos1 == -1) { return Collections.emptyMap(); } final String attributesText = xml.substring(pos1+16, pos2); final Map<String,Object> attributes = new HashMap<String,Object>(); final BufferedReader br = new BufferedReader(new StringReader(attributesText)); String line; final List<String> attributeNames = new ArrayList<String>(); try { while ((line = br.readLine()) != null) { final String trimmedLine = line.trim(); if (trimmedLine.length() > 0) { final int leftPos = trimmedLine.indexOf(":"); final int rightPos = trimmedLine.indexOf(">"); if(rightPos > leftPos) attributeNames.add(trimmedLine.substring(leftPos+1, rightPos)); else attributeNames.add(trimmedLine); } } br.close(); } catch (final IOException e) { //ignore } for (final String name : attributeNames) { final List<String> values = XmlUtils.getTextForElements(xml, name); if (values.size() == 1) { attributes.put(name, values.get(0)); } else { attributes.put(name, values); } } return attributes; } /** * Template method if additional custom parsing (such as Proxying) needs to be done. * * @param response the original response from the CAS server. * @param assertion the partially constructed assertion. * @throws TicketValidationException if there is a problem constructing the Assertion. */ protected void customParseResponse(final String response, final Assertion assertion) throws TicketValidationException { // nothing to do } public final void setProxyCallbackUrl(final String proxyCallbackUrl) { this.proxyCallbackUrl = proxyCallbackUrl; } public final void setProxyGrantingTicketStorage(final ProxyGrantingTicketStorage proxyGrantingTicketStorage) { this.proxyGrantingTicketStorage = proxyGrantingTicketStorage; } public final void setProxyRetriever(final ProxyRetriever proxyRetriever) { this.proxyRetriever = proxyRetriever; } }