wybaby168/spring-cas-reactive
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

feat: 初始化仓库

Browse Source
This commit is contained in:
wangyu 2024-10-11 18:04:09 +08:00
commit 4a2cc01993
13 changed files with 1147 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

33
.gitignore vendored Normal file
View File

@ -0,0 +1,33 @@
HELP.md
target/
!.mvn/wrapper/maven-wrapper.jar
!**/src/main/**/target/
!**/src/test/**/target/
### STS ###
.apt_generated
.classpath
.factorypath
.project
.settings
.springBeans
.sts4-cache
### IntelliJ IDEA ###
.idea
*.iws
*.iml
*.ipr
### NetBeans ###
/nbproject/private/
/nbbuild/
/dist/
/nbdist/
/.nb-gradle/
build/
!**/src/main/**/build/
!**/src/test/**/build/
### VS Code ###
.vscode/

19
.mvn/wrapper/maven-wrapper.properties vendored Normal file
View File

@ -0,0 +1,19 @@
# Licensed to the Apache Software Foundation (ASF) under one
# or more contributor license agreements. See the NOTICE file
# distributed with this work for additional information
# regarding copyright ownership. The ASF licenses this file
# to you under the Apache License, Version 2.0 (the
# "License"); you may not use this file except in compliance
# with the License. You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing,
# software distributed under the License is distributed on an
# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
# KIND, either express or implied. See the License for the
# specific language governing permissions and limitations
# under the License.
wrapperVersion=3.3.2
distributionType=only-script
distributionUrl=https://repo.maven.apache.org/maven2/org/apache/maven/apache-maven/3.9.9/apache-maven-3.9.9-bin.zip

BIN
lib/cas-client-core-3.1.12.jar Normal file
View File

Binary file not shown.

BIN
lib/sso-client-java-7.0.8.jar Normal file
View File

Binary file not shown.

259
mvnw vendored Executable file
View File

@ -0,0 +1,259 @@
#!/bin/sh
# ----------------------------------------------------------------------------
# Licensed to the Apache Software Foundation (ASF) under one
# or more contributor license agreements. See the NOTICE file
# distributed with this work for additional information
# regarding copyright ownership. The ASF licenses this file
# to you under the Apache License, Version 2.0 (the
# "License"); you may not use this file except in compliance
# with the License. You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing,
# software distributed under the License is distributed on an
# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
# KIND, either express or implied. See the License for the
# specific language governing permissions and limitations
# under the License.
# ----------------------------------------------------------------------------
# ----------------------------------------------------------------------------
# Apache Maven Wrapper startup batch script, version 3.3.2
#
# Optional ENV vars
# -----------------
# JAVA_HOME - location of a JDK home dir, required when download maven via java source
# MVNW_REPOURL - repo url base for downloading maven distribution
# MVNW_USERNAME/MVNW_PASSWORD - user and password for downloading maven
# MVNW_VERBOSE - true: enable verbose log; debug: trace the mvnw script; others: silence the output
# ----------------------------------------------------------------------------
set -euf
[ "${MVNW_VERBOSE-}" != debug ] || set -x
# OS specific support.
native_path() { printf %s\\n "$1"; }
case "$(uname)" in
CYGWIN* | MINGW*)
[ -z "${JAVA_HOME-}" ] || JAVA_HOME="$(cygpath --unix "$JAVA_HOME")"
native_path() { cygpath --path --windows "$1"; }
;;
esac
# set JAVACMD and JAVACCMD
set_java_home() {
# For Cygwin and MinGW, ensure paths are in Unix format before anything is touched
if [ -n "${JAVA_HOME-}" ]; then
if [ -x "$JAVA_HOME/jre/sh/java" ]; then
# IBM's JDK on AIX uses strange locations for the executables
JAVACMD="$JAVA_HOME/jre/sh/java"
JAVACCMD="$JAVA_HOME/jre/sh/javac"
else
JAVACMD="$JAVA_HOME/bin/java"
JAVACCMD="$JAVA_HOME/bin/javac"
if [ ! -x "$JAVACMD" ] || [ ! -x "$JAVACCMD" ]; then
echo "The JAVA_HOME environment variable is not defined correctly, so mvnw cannot run." >&2
echo "JAVA_HOME is set to \"$JAVA_HOME\", but \"\$JAVA_HOME/bin/java\" or \"\$JAVA_HOME/bin/javac\" does not exist." >&2
return 1
fi
fi
else
JAVACMD="$(
'set' +e
'unset' -f command 2>/dev/null
'command' -v java
)" || :
JAVACCMD="$(
'set' +e
'unset' -f command 2>/dev/null
'command' -v javac
)" || :
if [ ! -x "${JAVACMD-}" ] || [ ! -x "${JAVACCMD-}" ]; then
echo "The java/javac command does not exist in PATH nor is JAVA_HOME set, so mvnw cannot run." >&2
return 1
fi
fi
}
# hash string like Java String::hashCode
hash_string() {
str="${1:-}" h=0
while [ -n "$str" ]; do
char="${str%"${str#?}"}"
h=$(((h * 31 + $(LC_CTYPE=C printf %d "'$char")) % 4294967296))
str="${str#?}"
done
printf %x\\n $h
}
verbose() { :; }
[ "${MVNW_VERBOSE-}" != true ] || verbose() { printf %s\\n "${1-}"; }
die() {
printf %s\\n "$1" >&2
exit 1
}
trim() {
# MWRAPPER-139:
# Trims trailing and leading whitespace, carriage returns, tabs, and linefeeds.
# Needed for removing poorly interpreted newline sequences when running in more
# exotic environments such as mingw bash on Windows.
printf "%s" "${1}" | tr -d '[:space:]'
}
# parse distributionUrl and optional distributionSha256Sum, requires .mvn/wrapper/maven-wrapper.properties
while IFS="=" read -r key value; do
case "${key-}" in
distributionUrl) distributionUrl=$(trim "${value-}") ;;
distributionSha256Sum) distributionSha256Sum=$(trim "${value-}") ;;
esac
done <"${0%/*}/.mvn/wrapper/maven-wrapper.properties"
[ -n "${distributionUrl-}" ] || die "cannot read distributionUrl property in ${0%/*}/.mvn/wrapper/maven-wrapper.properties"
case "${distributionUrl##*/}" in
maven-mvnd-*bin.*)
MVN_CMD=mvnd.sh _MVNW_REPO_PATTERN=/maven/mvnd/
case "${PROCESSOR_ARCHITECTURE-}${PROCESSOR_ARCHITEW6432-}:$(uname -a)" in
*AMD64:CYGWIN* | *AMD64:MINGW*) distributionPlatform=windows-amd64 ;;
:Darwin*x86_64) distributionPlatform=darwin-amd64 ;;
:Darwin*arm64) distributionPlatform=darwin-aarch64 ;;
:Linux*x86_64*) distributionPlatform=linux-amd64 ;;
*)
echo "Cannot detect native platform for mvnd on $(uname)-$(uname -m), use pure java version" >&2
distributionPlatform=linux-amd64
;;
esac
distributionUrl="${distributionUrl%-bin.*}-$distributionPlatform.zip"
;;
maven-mvnd-*) MVN_CMD=mvnd.sh _MVNW_REPO_PATTERN=/maven/mvnd/ ;;
*) MVN_CMD="mvn${0##*/mvnw}" _MVNW_REPO_PATTERN=/org/apache/maven/ ;;
esac
# apply MVNW_REPOURL and calculate MAVEN_HOME
# maven home pattern: ~/.m2/wrapper/dists/{apache-maven-<version>,maven-mvnd-<version>-<platform>}/<hash>
[ -z "${MVNW_REPOURL-}" ] || distributionUrl="$MVNW_REPOURL$_MVNW_REPO_PATTERN${distributionUrl#*"$_MVNW_REPO_PATTERN"}"
distributionUrlName="${distributionUrl##*/}"
distributionUrlNameMain="${distributionUrlName%.*}"
distributionUrlNameMain="${distributionUrlNameMain%-bin}"
MAVEN_USER_HOME="${MAVEN_USER_HOME:-${HOME}/.m2}"
MAVEN_HOME="${MAVEN_USER_HOME}/wrapper/dists/${distributionUrlNameMain-}/$(hash_string "$distributionUrl")"
exec_maven() {
unset MVNW_VERBOSE MVNW_USERNAME MVNW_PASSWORD MVNW_REPOURL || :
exec "$MAVEN_HOME/bin/$MVN_CMD" "$@" || die "cannot exec $MAVEN_HOME/bin/$MVN_CMD"
}
if [ -d "$MAVEN_HOME" ]; then
verbose "found existing MAVEN_HOME at $MAVEN_HOME"
exec_maven "$@"
fi
case "${distributionUrl-}" in
*?-bin.zip | *?maven-mvnd-?*-?*.zip) ;;
*) die "distributionUrl is not valid, must match *-bin.zip or maven-mvnd-*.zip, but found '${distributionUrl-}'" ;;
esac
# prepare tmp dir
if TMP_DOWNLOAD_DIR="$(mktemp -d)" && [ -d "$TMP_DOWNLOAD_DIR" ]; then
clean() { rm -rf -- "$TMP_DOWNLOAD_DIR"; }
trap clean HUP INT TERM EXIT
else
die "cannot create temp dir"
fi
mkdir -p -- "${MAVEN_HOME%/*}"
# Download and Install Apache Maven
verbose "Couldn't find MAVEN_HOME, downloading and installing it ..."
verbose "Downloading from: $distributionUrl"
verbose "Downloading to: $TMP_DOWNLOAD_DIR/$distributionUrlName"
# select .zip or .tar.gz
if ! command -v unzip >/dev/null; then
distributionUrl="${distributionUrl%.zip}.tar.gz"
distributionUrlName="${distributionUrl##*/}"
fi
# verbose opt
__MVNW_QUIET_WGET=--quiet __MVNW_QUIET_CURL=--silent __MVNW_QUIET_UNZIP=-q __MVNW_QUIET_TAR=''
[ "${MVNW_VERBOSE-}" != true ] || __MVNW_QUIET_WGET='' __MVNW_QUIET_CURL='' __MVNW_QUIET_UNZIP='' __MVNW_QUIET_TAR=v
# normalize http auth
case "${MVNW_PASSWORD:+has-password}" in
'') MVNW_USERNAME='' MVNW_PASSWORD='' ;;
has-password) [ -n "${MVNW_USERNAME-}" ] || MVNW_USERNAME='' MVNW_PASSWORD='' ;;
esac
if [ -z "${MVNW_USERNAME-}" ] && command -v wget >/dev/null; then
verbose "Found wget ... using wget"
wget ${__MVNW_QUIET_WGET:+"$__MVNW_QUIET_WGET"} "$distributionUrl" -O "$TMP_DOWNLOAD_DIR/$distributionUrlName" || die "wget: Failed to fetch $distributionUrl"
elif [ -z "${MVNW_USERNAME-}" ] && command -v curl >/dev/null; then
verbose "Found curl ... using curl"
curl ${__MVNW_QUIET_CURL:+"$__MVNW_QUIET_CURL"} -f -L -o "$TMP_DOWNLOAD_DIR/$distributionUrlName" "$distributionUrl" || die "curl: Failed to fetch $distributionUrl"
elif set_java_home; then
verbose "Falling back to use Java to download"
javaSource="$TMP_DOWNLOAD_DIR/Downloader.java"
targetZip="$TMP_DOWNLOAD_DIR/$distributionUrlName"
cat >"$javaSource" <<-END
public class Downloader extends java.net.Authenticator
{
protected java.net.PasswordAuthentication getPasswordAuthentication()
{
return new java.net.PasswordAuthentication( System.getenv( "MVNW_USERNAME" ), System.getenv( "MVNW_PASSWORD" ).toCharArray() );
}
public static void main( String[] args ) throws Exception
{
setDefault( new Downloader() );
java.nio.file.Files.copy( java.net.URI.create( args[0] ).toURL().openStream(), java.nio.file.Paths.get( args[1] ).toAbsolutePath().normalize() );
}
}
END
# For Cygwin/MinGW, switch paths to Windows format before running javac and java
verbose " - Compiling Downloader.java ..."
"$(native_path "$JAVACCMD")" "$(native_path "$javaSource")" || die "Failed to compile Downloader.java"
verbose " - Running Downloader.java ..."
"$(native_path "$JAVACMD")" -cp "$(native_path "$TMP_DOWNLOAD_DIR")" Downloader "$distributionUrl" "$(native_path "$targetZip")"
fi
# If specified, validate the SHA-256 sum of the Maven distribution zip file
if [ -n "${distributionSha256Sum-}" ]; then
distributionSha256Result=false
if [ "$MVN_CMD" = mvnd.sh ]; then
echo "Checksum validation is not supported for maven-mvnd." >&2
echo "Please disable validation by removing 'distributionSha256Sum' from your maven-wrapper.properties." >&2
exit 1
elif command -v sha256sum >/dev/null; then
if echo "$distributionSha256Sum $TMP_DOWNLOAD_DIR/$distributionUrlName" | sha256sum -c >/dev/null 2>&1; then
distributionSha256Result=true
fi
elif command -v shasum >/dev/null; then
if echo "$distributionSha256Sum $TMP_DOWNLOAD_DIR/$distributionUrlName" | shasum -a 256 -c >/dev/null 2>&1; then
distributionSha256Result=true
fi
else
echo "Checksum validation was requested but neither 'sha256sum' or 'shasum' are available." >&2
echo "Please install either command, or disable validation by removing 'distributionSha256Sum' from your maven-wrapper.properties." >&2
exit 1
fi
if [ $distributionSha256Result = false ]; then
echo "Error: Failed to validate Maven distribution SHA-256, your Maven distribution might be compromised." >&2
echo "If you updated your Maven version, you need to update the specified distributionSha256Sum property." >&2
exit 1
fi
fi
# unzip and move
if command -v unzip >/dev/null; then
unzip ${__MVNW_QUIET_UNZIP:+"$__MVNW_QUIET_UNZIP"} "$TMP_DOWNLOAD_DIR/$distributionUrlName" -d "$TMP_DOWNLOAD_DIR" || die "failed to unzip"
else
tar xzf${__MVNW_QUIET_TAR:+"$__MVNW_QUIET_TAR"} "$TMP_DOWNLOAD_DIR/$distributionUrlName" -C "$TMP_DOWNLOAD_DIR" || die "failed to untar"
fi
printf %s\\n "$distributionUrl" >"$TMP_DOWNLOAD_DIR/$distributionUrlNameMain/mvnw.url"
mv -- "$TMP_DOWNLOAD_DIR/$distributionUrlNameMain" "$MAVEN_HOME" || [ -d "$MAVEN_HOME" ] || die "fail to move MAVEN_HOME"
clean || :
exec_maven "$@"

149
mvnw.cmd vendored Normal file
View File

@ -0,0 +1,149 @@
<# : batch portion
@REM ----------------------------------------------------------------------------
@REM Licensed to the Apache Software Foundation (ASF) under one
@REM or more contributor license agreements. See the NOTICE file
@REM distributed with this work for additional information
@REM regarding copyright ownership. The ASF licenses this file
@REM to you under the Apache License, Version 2.0 (the
@REM "License"); you may not use this file except in compliance
@REM with the License. You may obtain a copy of the License at
@REM
@REM http://www.apache.org/licenses/LICENSE-2.0
@REM
@REM Unless required by applicable law or agreed to in writing,
@REM software distributed under the License is distributed on an
@REM "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
@REM KIND, either express or implied. See the License for the
@REM specific language governing permissions and limitations
@REM under the License.
@REM ----------------------------------------------------------------------------
@REM ----------------------------------------------------------------------------
@REM Apache Maven Wrapper startup batch script, version 3.3.2
@REM
@REM Optional ENV vars
@REM MVNW_REPOURL - repo url base for downloading maven distribution
@REM MVNW_USERNAME/MVNW_PASSWORD - user and password for downloading maven
@REM MVNW_VERBOSE - true: enable verbose log; others: silence the output
@REM ----------------------------------------------------------------------------
@IF "%__MVNW_ARG0_NAME__%"=="" (SET __MVNW_ARG0_NAME__=%~nx0)
@SET __MVNW_CMD__=
@SET __MVNW_ERROR__=
@SET __MVNW_PSMODULEP_SAVE=%PSModulePath%
@SET PSModulePath=
@FOR /F "usebackq tokens=1* delims==" %%A IN (`powershell -noprofile "& {$scriptDir='%~dp0'; $script='%__MVNW_ARG0_NAME__%'; icm -ScriptBlock ([Scriptblock]::Create((Get-Content -Raw '%~f0'))) -NoNewScope}"`) DO @(
IF "%%A"=="MVN_CMD" (set __MVNW_CMD__=%%B) ELSE IF "%%B"=="" (echo %%A) ELSE (echo %%A=%%B)
)
@SET PSModulePath=%__MVNW_PSMODULEP_SAVE%
@SET __MVNW_PSMODULEP_SAVE=
@SET __MVNW_ARG0_NAME__=
@SET MVNW_USERNAME=
@SET MVNW_PASSWORD=
@IF NOT "%__MVNW_CMD__%"=="" (%__MVNW_CMD__% %*)
@echo Cannot start maven from wrapper >&2 && exit /b 1
@GOTO :EOF
: end batch / begin powershell #>
$ErrorActionPreference = "Stop"
if ($env:MVNW_VERBOSE -eq "true") {
$VerbosePreference = "Continue"
}
# calculate distributionUrl, requires .mvn/wrapper/maven-wrapper.properties
$distributionUrl = (Get-Content -Raw "$scriptDir/.mvn/wrapper/maven-wrapper.properties" | ConvertFrom-StringData).distributionUrl
if (!$distributionUrl) {
Write-Error "cannot read distributionUrl property in $scriptDir/.mvn/wrapper/maven-wrapper.properties"
}
switch -wildcard -casesensitive ( $($distributionUrl -replace '^.*/','') ) {
"maven-mvnd-*" {
$USE_MVND = $true
$distributionUrl = $distributionUrl -replace '-bin\.[^.]*$',"-windows-amd64.zip"
$MVN_CMD = "mvnd.cmd"
break
}
default {
$USE_MVND = $false
$MVN_CMD = $script -replace '^mvnw','mvn'
break
}
}
# apply MVNW_REPOURL and calculate MAVEN_HOME
# maven home pattern: ~/.m2/wrapper/dists/{apache-maven-<version>,maven-mvnd-<version>-<platform>}/<hash>
if ($env:MVNW_REPOURL) {
$MVNW_REPO_PATTERN = if ($USE_MVND) { "/org/apache/maven/" } else { "/maven/mvnd/" }
$distributionUrl = "$env:MVNW_REPOURL$MVNW_REPO_PATTERN$($distributionUrl -replace '^.*'+$MVNW_REPO_PATTERN,'')"
}
$distributionUrlName = $distributionUrl -replace '^.*/',''
$distributionUrlNameMain = $distributionUrlName -replace '\.[^.]*$','' -replace '-bin$',''
$MAVEN_HOME_PARENT = "$HOME/.m2/wrapper/dists/$distributionUrlNameMain"
if ($env:MAVEN_USER_HOME) {
$MAVEN_HOME_PARENT = "$env:MAVEN_USER_HOME/wrapper/dists/$distributionUrlNameMain"
}
$MAVEN_HOME_NAME = ([System.Security.Cryptography.MD5]::Create().ComputeHash([byte[]][char[]]$distributionUrl) | ForEach-Object {$_.ToString("x2")}) -join ''
$MAVEN_HOME = "$MAVEN_HOME_PARENT/$MAVEN_HOME_NAME"
if (Test-Path -Path "$MAVEN_HOME" -PathType Container) {
Write-Verbose "found existing MAVEN_HOME at $MAVEN_HOME"
Write-Output "MVN_CMD=$MAVEN_HOME/bin/$MVN_CMD"
exit $?
}
if (! $distributionUrlNameMain -or ($distributionUrlName -eq $distributionUrlNameMain)) {
Write-Error "distributionUrl is not valid, must end with *-bin.zip, but found $distributionUrl"
}
# prepare tmp dir
$TMP_DOWNLOAD_DIR_HOLDER = New-TemporaryFile
$TMP_DOWNLOAD_DIR = New-Item -Itemtype Directory -Path "$TMP_DOWNLOAD_DIR_HOLDER.dir"
$TMP_DOWNLOAD_DIR_HOLDER.Delete() | Out-Null
trap {
if ($TMP_DOWNLOAD_DIR.Exists) {
try { Remove-Item $TMP_DOWNLOAD_DIR -Recurse -Force | Out-Null }
catch { Write-Warning "Cannot remove $TMP_DOWNLOAD_DIR" }
}
}
New-Item -Itemtype Directory -Path "$MAVEN_HOME_PARENT" -Force | Out-Null
# Download and Install Apache Maven
Write-Verbose "Couldn't find MAVEN_HOME, downloading and installing it ..."
Write-Verbose "Downloading from: $distributionUrl"
Write-Verbose "Downloading to: $TMP_DOWNLOAD_DIR/$distributionUrlName"
$webclient = New-Object System.Net.WebClient
if ($env:MVNW_USERNAME -and $env:MVNW_PASSWORD) {
$webclient.Credentials = New-Object System.Net.NetworkCredential($env:MVNW_USERNAME, $env:MVNW_PASSWORD)
}
[Net.ServicePointManager]::SecurityProtocol = [Net.SecurityProtocolType]::Tls12
$webclient.DownloadFile($distributionUrl, "$TMP_DOWNLOAD_DIR/$distributionUrlName") | Out-Null
# If specified, validate the SHA-256 sum of the Maven distribution zip file
$distributionSha256Sum = (Get-Content -Raw "$scriptDir/.mvn/wrapper/maven-wrapper.properties" | ConvertFrom-StringData).distributionSha256Sum
if ($distributionSha256Sum) {
if ($USE_MVND) {
Write-Error "Checksum validation is not supported for maven-mvnd. `nPlease disable validation by removing 'distributionSha256Sum' from your maven-wrapper.properties."
}
Import-Module $PSHOME\Modules\Microsoft.PowerShell.Utility -Function Get-FileHash
if ((Get-FileHash "$TMP_DOWNLOAD_DIR/$distributionUrlName" -Algorithm SHA256).Hash.ToLower() -ne $distributionSha256Sum) {
Write-Error "Error: Failed to validate Maven distribution SHA-256, your Maven distribution might be compromised. If you updated your Maven version, you need to update the specified distributionSha256Sum property."
}
}
# unzip and move
Expand-Archive "$TMP_DOWNLOAD_DIR/$distributionUrlName" -DestinationPath "$TMP_DOWNLOAD_DIR" | Out-Null
Rename-Item -Path "$TMP_DOWNLOAD_DIR/$distributionUrlNameMain" -NewName $MAVEN_HOME_NAME | Out-Null
try {
Move-Item -Path "$TMP_DOWNLOAD_DIR/$MAVEN_HOME_NAME" -Destination $MAVEN_HOME_PARENT | Out-Null
} catch {
if (! (Test-Path -Path "$MAVEN_HOME" -PathType Container)) {
Write-Error "fail to move MAVEN_HOME"
}
} finally {
try { Remove-Item $TMP_DOWNLOAD_DIR -Recurse -Force | Out-Null }
catch { Write-Warning "Cannot remove $TMP_DOWNLOAD_DIR" }
}
Write-Output "MVN_CMD=$MAVEN_HOME/bin/$MVN_CMD"

92
pom.xml Normal file
View File

@ -0,0 +1,92 @@
<?xml version="1.0" encoding="UTF-8"?>
<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 https://maven.apache.org/xsd/maven-4.0.0.xsd">
<modelVersion>4.0.0</modelVersion>
<parent>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-parent</artifactId>
<version>3.3.4</version>
<relativePath/> <!-- lookup parent from repository -->
</parent>
<groupId>dev.flyfish.boot</groupId>
<artifactId>cas</artifactId>
<version>0.0.1-SNAPSHOT</version>
<name>cas</name>
<description>cas</description>
<url/>
<licenses>
<license/>
</licenses>
<developers>
<developer/>
</developers>
<scm>
<connection/>
<developerConnection/>
<tag/>
<url/>
</scm>
<properties>
<java.version>21</java.version>
</properties>
<dependencies>
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-webflux</artifactId>
</dependency>
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-configuration-processor</artifactId>
<optional>true</optional>
</dependency>
<dependency>
<groupId>org.projectlombok</groupId>
<artifactId>lombok</artifactId>
<optional>true</optional>
</dependency>
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-test</artifactId>
<scope>test</scope>
</dependency>
<dependency>
<groupId>io.projectreactor</groupId>
<artifactId>reactor-test</artifactId>
<scope>test</scope>
</dependency>
<dependency>
<groupId>org.jasig.cas</groupId>
<artifactId>cas-client-core</artifactId>
<version>3.1.12</version>
<scope>system</scope>
<systemPath>${project.basedir}/lib/cas-client-core-3.1.12.jar</systemPath>
</dependency>
<dependency>
<groupId>edu.yale.its</groupId>
<artifactId>cas-client-java</artifactId>
<version>7.0.8</version>
<scope>system</scope>
<systemPath>${project.basedir}/lib/sso-client-java-7.0.8.jar</systemPath>
</dependency>
</dependencies>
<build>
<plugins>
<plugin>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-maven-plugin</artifactId>
<configuration>
<excludes>
<exclude>
<groupId>org.projectlombok</groupId>
<artifactId>lombok</artifactId>
</exclude>
</excludes>
</configuration>
</plugin>
</plugins>
</build>
</project>

13
src/main/java/dev/flyfish/boot/cas/CasApplication.java Normal file
View File

@ -0,0 +1,13 @@
package dev.flyfish.boot.cas;
import org.springframework.boot.SpringApplication;
import org.springframework.boot.autoconfigure.SpringBootApplication;
@SpringBootApplication
public class CasApplication {
public static void main(String[] args) {
SpringApplication.run(CasApplication.class, args);
}
}

426
src/main/java/dev/flyfish/boot/cas/filter/CASFilter.java Normal file
View File

@ -0,0 +1,426 @@
package dev.flyfish.boot.cas.filter;
import edu.yale.its.tp.cas.client.*;
import edu.yale.its.tp.cas.util.XmlUtils;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.springframework.http.HttpMethod;
import org.springframework.http.MediaType;
import org.springframework.http.codec.HttpMessageReader;
import org.springframework.http.codec.ServerCodecConfigurer;
import org.springframework.http.server.reactive.ServerHttpRequest;
import org.springframework.lang.NonNull;
import org.springframework.util.MultiValueMap;
import org.springframework.util.StringUtils;
import org.springframework.web.server.ServerWebExchange;
import org.springframework.web.server.WebFilter;
import org.springframework.web.server.WebFilterChain;
import org.springframework.web.server.WebSession;
import reactor.core.publisher.Mono;
import java.io.IOException;
import java.lang.reflect.InvocationTargetException;
import java.lang.reflect.Method;
import java.net.URLEncoder;
import java.util.List;
import java.util.Objects;
/**
* cas filter的webflux实现
*
* @author wangyu
* 实现相关核心逻辑完成鉴权信息抽取
*/
public class CASFilter implements WebFilter {
private static final Log log = LogFactory.getLog(CASFilter.class);
public static final String LOGIN_INIT_PARAM = "edu.yale.its.tp.cas.client.filter.loginUrl";
public static final String VALIDATE_INIT_PARAM = "edu.yale.its.tp.cas.client.filter.validateUrl";
public static final String SERVICE_INIT_PARAM = "edu.yale.its.tp.cas.client.filter.serviceUrl";
public static final String SERVERNAME_INIT_PARAM = "edu.yale.its.tp.cas.client.filter.serverName";
public static final String RENEW_INIT_PARAM = "edu.yale.its.tp.cas.client.filter.renew";
public static final String AUTHORIZED_PROXY_INIT_PARAM = "edu.yale.its.tp.cas.client.filter.authorizedProxy";
public static final String PROXY_CALLBACK_INIT_PARAM = "edu.yale.its.tp.cas.client.filter.proxyCallbackUrl";
public static final String WRAP_REQUESTS_INIT_PARAM = "edu.yale.its.tp.cas.client.filter.wrapRequest";
public static final String GATEWAY_INIT_PARAM = "edu.yale.its.tp.cas.client.filter.gateway";
public static final String CAS_FILTER_USER = "edu.yale.its.tp.cas.client.filter.user";
public static final String CAS_FILTER_RECEIPT = "edu.yale.its.tp.cas.client.filter.receipt";
static final String CAS_FILTER_GATEWAYED = "edu.yale.its.tp.cas.client.filter.didGateway";
static final String CAS_FILTER_INITCONTEXTCLASS = "edu.yale.its.tp.cas.client.filter.initContextClass";
static final String CAS_FILTER_USERLOGINMARK = "edu.yale.its.tp.cas.client.filter.userLoginMark";
static final String CAS_FILTER_EXCLUSION = "edu.yale.its.tp.cas.client.filter.filterExclusion";
private final CASParameter parameter;
private static SessionMappingStorage SESSION_MAPPING_STORAGE = new HashMapBackedSessionMappingStorage();
private List<HttpMessageReader<?>> messageReaders;
public CASFilter(CASParameter parameter, ServerCodecConfigurer codecConfigurer) {
parameter.check();
this.parameter = parameter;
this.messageReaders = codecConfigurer.getReaders();
}
private boolean isReceiptAcceptable(CASReceipt receipt) {
if (receipt == null) {
throw new IllegalArgumentException("Cannot evaluate a null receipt.");
} else if (parameter.casRenew && !receipt.isPrimaryAuthentication()) {
return false;
} else {
return !receipt.isProxied() || parameter.authorizedProxies.contains(receipt.getProxyingService());
}
}
private CASReceipt getAuthenticatedUser(ServerWebExchange exchange, String ticket) throws CASAuthenticationException {
log.trace("entering getAuthenticatedUser()");
ProxyTicketValidator pv = new ProxyTicketValidator();
pv.setCasValidateUrl(parameter.casValidate);
pv.setServiceTicket(ticket);
pv.setService(this.getService(exchange.getRequest()));
pv.setRenew(parameter.casRenew);
if (parameter.casProxyCallbackUrl != null) {
pv.setProxyCallbackUrl(parameter.casProxyCallbackUrl);
}
if (log.isDebugEnabled()) {
log.debug("about to validate ProxyTicketValidator: [" + pv + "]");
}
return CASReceipt.getReceipt(pv);
}
private String getService(ServerHttpRequest request) throws ServletException {
log.trace("entering getService()");
if (this.casServerName == null && this.casServiceUrl == null) {
throw new ServletException("need one of the following configuration parameters: edu.yale.its.tp.cas.client.filter.serviceUrl or edu.yale.its.tp.cas.client.filter.serverName");
} else {
String serviceString;
if (this.casServiceUrl != null) {
serviceString = URLEncoder.encode(this.casServiceUrl);
} else {
serviceString = Util.getService(request, this.casServerName);
}
if (log.isTraceEnabled()) {
log.trace("returning from getService() with service [" + serviceString + "]");
}
return serviceString;
}
}
private void redirectToCAS(HttpServletRequest request, HttpServletResponse response) throws IOException, ServletException {
if (log.isTraceEnabled()) {
log.trace("entering redirectToCAS()");
}
String casLoginString = this.casLogin + "?service=" + this.getService(request) + (this.casRenew ? "&renew=true" : "") + (this.casGateway ? "&gateway=true" : "");
String sCookie;
if (request.getAttribute("sessionId") != null) {
sCookie = this.casServerName + request.getContextPath();
casLoginString = casLoginString + "&appId=" + sCookie + "&sessionId=" + request.getAttribute("sessionId");
}
sCookie = request.getHeader("Cookie");
String cookie = null;
if (sCookie != null) {
String[] sCookies = sCookie.split(";");
for (int i = 0; i < sCookies.length; ++i) {
if (sCookies[i].indexOf("JSESSIONID=") != -1) {
cookie = sCookies[i].split("JSESSIONID=")[1];
}
}
}
if (cookie != null && !cookie.equals("null") && !cookie.equals(request.getSession().getId())) {
casLoginString = casLoginString + "&timeOut=" + cookie;
if (log.isDebugEnabled()) {
log.debug("Session is timeout. The timeout session is " + cookie);
}
}
if (log.isDebugEnabled()) {
log.debug("Redirecting browser to [" + casLoginString + ")");
}
response.sendRedirect(casLoginString);
if (log.isTraceEnabled()) {
log.trace("returning from redirectToCAS()");
}
}
private void redirectToInitFailure(HttpServletRequest request, HttpServletResponse response, String cause) throws IOException, ServletException {
if (log.isTraceEnabled()) {
log.trace("entering redirectToInitFailure()");
}
String casLoginString = this.casLogin + "?action=initFailure";
if (cause != null && cause.equals("Illegal user")) {
casLoginString = casLoginString + "&userIllegal=true";
}
String locale = request.getParameter("locale");
if (locale != null) {
casLoginString = casLoginString + "&locale=" + locale;
}
if (log.isDebugEnabled()) {
log.debug("Redirecting browser to [" + casLoginString + ")");
}
response.sendRedirect(casLoginString);
if (log.isTraceEnabled()) {
log.trace("returning from redirectToInitFailure()");
}
}
public static SessionMappingStorage getSessionMappingStorage() {
return SESSION_MAPPING_STORAGE;
}
private boolean isExclusion(ServerHttpRequest request) {
if (parameter.exclusions == null) {
return false;
} else {
String url = request.getPath().value();
return parameter.exclusions.contains(url);
}
}
private Mono<Void> translate(ServerWebExchange exchange, WebFilterChain chain, WebSession session) {
ServerHttpRequest request = exchange.getRequest();
MultiValueMap<String, String> params = request.getQueryParams();
String userName;
String artifact;
if (parameter.casProxyCallbackUrl != null && parameter.casProxyCallbackUrl.endsWith(request.getPath().value())
&& params.getFirst("pgtId") != null && params.getFirst("pgtIou") != null) {
log.trace("passing through what we hope is CAS's request for proxy ticket receptor.");
return chain.filter(exchange);
} else {
if (parameter.wrapRequest) {
log.trace("Wrapping request with CASFilterRequestWrapper.");
// todo 暂时啥也不干看看有无问题
// request = new CASFilterRequestWrapper((HttpServletRequest) request);
}
// 使用了用户标记快速跳过
if (parameter.userLoginMark != null && session.getAttribute(parameter.userLoginMark) != null) {
return chain.filter(exchange);
}
// 获取receipt
CASReceipt receipt = session.getAttribute(CAS_FILTER_RECEIPT);
if (receipt != null && this.isReceiptAcceptable(receipt)) {
log.trace("CAS_FILTER_RECEIPT attribute was present and acceptable - passing request through filter..");
return chain.filter(exchange);
}
// 跳过请求
if (this.isExclusion(request)) {
return chain.filter(exchange);
}
return getParameter(exchange, "ticket")
.flatMap(ticket -> {
if (StringUtils.hasText(ticket)) {
try {
receipt = this.getAuthenticatedUser(exchange, ticket);
} catch (CASAuthenticationException var22) {
((HttpServletRequest) request).setAttribute("sessionId", session.getId());
this.redirectToCAS((HttpServletRequest) request, (HttpServletResponse) response);
return;
}
if (!this.isReceiptAcceptable(receipt)) {
throw new ServletException("Authentication was technically successful but rejected as a matter of policy. [" + receipt + "]");
} else {
if (pt != null && pt != "") {
session.setAttribute(pt, receipt);
}
if (session != null) {
userName = receipt.getUserName();
if (this.casInitContextClass != null && !"".equals(this.casInitContextClass)) {
try {
Class cls = Class.forName(this.casInitContextClass);
Object obj = cls.newInstance();
if (obj instanceof IContextInit) {
Method translatorMethod = cls.getMethod("getTranslatorUser", String.class);
userName = (String) translatorMethod.invoke(obj, userName);
Method initContextMethod = cls.getMethod("initContext", ServletRequest.class, ServletResponse.class, FilterChain.class, String.class);
initContextMethod.invoke(obj, request, response, fc, userName);
}
} catch (ClassNotFoundException var15) {
ClassNotFoundException e = var15;
e.printStackTrace();
} catch (InstantiationException var16) {
InstantiationException e = var16;
e.printStackTrace();
} catch (IllegalAccessException var17) {
IllegalAccessException e = var17;
e.printStackTrace();
} catch (IllegalArgumentException var18) {
IllegalArgumentException e = var18;
e.printStackTrace();
} catch (InvocationTargetException var19) {
InvocationTargetException e = var19;
String cause = e.getCause().getMessage();
session.setAttribute("initFailure", cause);
this.redirectToInitFailure((HttpServletRequest) request, (HttpServletResponse) response, cause);
e.printStackTrace();
return;
} catch (SecurityException var20) {
SecurityException e = var20;
e.printStackTrace();
} catch (NoSuchMethodException var21) {
NoSuchMethodException e = var21;
e.printStackTrace();
}
}
session.setAttribute("edu.yale.its.tp.cas.client.filter.user", userName);
session.setAttribute("edu.yale.its.tp.cas.client.filter.receipt", receipt);
session.removeAttribute("edu.yale.its.tp.cas.client.filter.didGateway");
}
if (log.isTraceEnabled()) {
log.trace("validated ticket to get authenticated receipt [" + receipt + "], now passing request along filter chain.");
}
fc.doFilter((ServletRequest) request, response);
log.trace("returning from doFilter()");
}
} else {
log.trace("CAS ticket was not present on request.");
boolean didGateway = Boolean.valueOf((String) session.getAttribute("edu.yale.its.tp.cas.client.filter.didGateway"));
if (this.casLogin == null) {
log.fatal("casLogin was not set, so filter cannot redirect request for authentication.");
throw new ServletException("When CASFilter protects pages that do not receive a 'ticket' parameter, it needs a edu.yale.its.tp.cas.client.filter.loginUrl filter parameter");
} else if (!didGateway) {
log.trace("Did not previously gateway. Setting session attribute to true.");
((HttpServletRequest) request).setAttribute("sessionId", session.getId());
session.setAttribute("edu.yale.its.tp.cas.client.filter.didGateway", "true");
this.redirectToCAS((HttpServletRequest) request, (HttpServletResponse) response);
} else {
log.trace("Previously gatewayed.");
if (!this.casGateway && session.getAttribute("edu.yale.its.tp.cas.client.filter.user") == null) {
if (session.getAttribute("initFailure") != null) {
String cause = (String) session.getAttribute("initFailure");
this.redirectToInitFailure((HttpServletRequest) request, (HttpServletResponse) response, cause);
} else {
((HttpServletRequest) request).setAttribute("sessionId", session.getId());
session.setAttribute("edu.yale.its.tp.cas.client.filter.didGateway", "true");
this.redirectToCAS((HttpServletRequest) request, (HttpServletResponse) response);
}
} else {
log.trace("casGateway was true and CAS_FILTER_USER set: passing request along filter chain.");
fc.doFilter((ServletRequest) request, response);
}
}
}
})
}
}
/**
* 二阶段处理预处理特殊情况提前中断请求
*
* @param exchange 交换信息
* @param chain 过滤器链
* @param session 会话
* @return 结果
*/
private Mono<Void> handle(ServerWebExchange exchange, WebFilterChain chain, @NonNull WebSession session) {
// 下一步处理信号提前生成
Mono<Void> translate = this.translate(exchange, chain, session);
// post请求需要特殊处理
if (exchange.getRequest().getMethod() == HttpMethod.POST) {
// 此处可能要求安全的获取参数单独针对退出请求
return exchange.getFormData()
.flatMap(formData -> {
String payload = formData.getFirst("logoutRequest");
if (StringUtils.hasText(payload)) {
if (log.isTraceEnabled()) {
log.trace("Logout request=[" + payload + "]");
}
String sessionIdentifier = XmlUtils.getTextForElement(payload, "SessionIndex");
if (StringUtils.hasText(sessionIdentifier)) {
// 命中该请求中断执行
return SESSION_MAPPING_STORAGE.removeSessionByMappingId(sessionIdentifier)
.filter(Objects::nonNull)
.flatMap(savedSession -> {
String sessionId = savedSession.getId();
if (log.isDebugEnabled()) {
log.debug("Invalidating session [" + sessionId + "] for ST [" + sessionIdentifier + "]");
}
try {
return savedSession.invalidate();
} catch (IllegalStateException e) {
log.debug(e, e);
}
// 中断处理
return Mono.empty();
});
}
}
return translate;
});
} else {
String ticket = exchange.getRequest().getQueryParams().getFirst("ticket");
if (log.isDebugEnabled()) {
log.debug("Storing session identifier for " + session.getId());
}
// 包括ticket尝试重新替换session
if (StringUtils.hasText(ticket)) {
return SESSION_MAPPING_STORAGE.removeBySessionById(session.getId())
.onErrorResume(e -> SESSION_MAPPING_STORAGE.addSessionById(ticket, session))
.then(translate);
}
return translate;
}
}
private Mono<String> getParameter(ServerWebExchange exchange, String key) {
ServerHttpRequest request = exchange.getRequest();
String query = request.getQueryParams().getFirst(key);
if (StringUtils.hasText(query)) {
return Mono.just(query);
}
MediaType mediaType = request.getHeaders().getContentType();
if (null != mediaType && mediaType.isCompatibleWith(MediaType.APPLICATION_FORM_URLENCODED)) {
return exchange.getFormData().mapNotNull(formData -> formData.getFirst(key));
}
return Mono.empty();
}
@Override
public Mono<Void> filter(ServerWebExchange exchange, WebFilterChain chain) {
// 拦截器需要基于session判定故提前使用
return exchange.getSession()
.flatMap(session -> {
if (log.isTraceEnabled()) {
log.trace("entering doFilter()");
}
// 执行中断策略
String pt = exchange.getRequest().getQueryParams().getFirst("pt");
if (StringUtils.hasText(pt)) {
if (session.getAttribute(pt) != null) {
return chain.filter(exchange);
}
}
return handle(exchange, chain, session);
});
}
}

77
src/main/java/dev/flyfish/boot/cas/filter/CASParameter.java Normal file
View File

@ -0,0 +1,77 @@
package dev.flyfish.boot.cas.filter;
import com.fasterxml.jackson.annotation.JsonAlias;
import lombok.Data;
import java.util.ArrayList;
import java.util.List;
import java.util.Set;
import java.util.StringTokenizer;
@Data
public class CASParameter {
// 排除的过滤地址
@JsonAlias(CASFilter.CAS_FILTER_EXCLUSION)
Set<String> exclusions;
@JsonAlias(CASFilter.LOGIN_INIT_PARAM)
String casLogin;
@JsonAlias(CASFilter.VALIDATE_INIT_PARAM)
String casValidate;
@JsonAlias(CASFilter.SERVICE_INIT_PARAM)
String casServiceUrl;
@JsonAlias(CASFilter.SERVERNAME_INIT_PARAM)
String casServerName;
@JsonAlias(CASFilter.PROXY_CALLBACK_INIT_PARAM)
String casProxyCallbackUrl;
@JsonAlias(CASFilter.CAS_FILTER_INITCONTEXTCLASS)
String casInitContextClass;
@JsonAlias(CASFilter.RENEW_INIT_PARAM)
boolean casRenew;
@JsonAlias(CASFilter.WRAP_REQUESTS_INIT_PARAM)
boolean wrapRequest;
@JsonAlias(CASFilter.GATEWAY_INIT_PARAM)
boolean casGateway = false;
@JsonAlias(CASFilter.CAS_FILTER_USERLOGINMARK)
String userLoginMark = null;
// 已授权的代理地址列表
@JsonAlias(CASFilter.AUTHORIZED_PROXY_INIT_PARAM)
List<String> authorizedProxies = new ArrayList<>();
public void setAuthorizedProxies(String casAuthorizedProxy) {
if (casAuthorizedProxy != null) {
StringTokenizer casProxies = new StringTokenizer(casAuthorizedProxy);
while (casProxies.hasMoreTokens()) {
String anAuthorizedProxy = casProxies.nextToken();
this.authorizedProxies.add(anAuthorizedProxy);
}
}
}
/**
* 检查配置参数是否有误
*/
public void check() {
if (this.casGateway && this.casRenew) {
throw new IllegalArgumentException("gateway and renew cannot both be true in filter configuration");
} else if (this.casServerName != null && this.casServiceUrl != null) {
throw new IllegalArgumentException("serverName and serviceUrl cannot both be set: choose one.");
} else if (this.casServerName == null && this.casServiceUrl == null) {
throw new IllegalArgumentException("one of serverName or serviceUrl must be set.");
} else if (this.casValidate == null) {
throw new IllegalArgumentException("validateUrl parameter must be set.");
}
}
}

65
src/main/java/dev/flyfish/boot/cas/filter/SessionMappingStorage.java Normal file
View File

@ -0,0 +1,65 @@
package dev.flyfish.boot.cas.filter;
import lombok.extern.slf4j.Slf4j;
import org.springframework.web.server.WebSession;
import reactor.core.publisher.Mono;
import java.util.HashMap;
import java.util.Map;
/**
* webflux的session mapping存储
*
* @author wangyu
*/
public interface SessionMappingStorage {
Mono<WebSession> removeSessionByMappingId(String mappingId);
Mono<Void> removeBySessionById(String mappingId);
Mono<Void> addSessionById(String mappingId, WebSession session);
@Slf4j
class HashMapBackedSessionStorage implements SessionMappingStorage {
private final Map<String, WebSession> MANAGED_SESSIONS = new HashMap<>();
private final Map<String, String> ID_TO_SESSION_KEY_MAPPING = new HashMap<>();
@Override
public Mono<WebSession> removeSessionByMappingId(String mappingId) {
WebSession session = this.MANAGED_SESSIONS.get(mappingId);
if (session != null) {
this.removeBySessionById(session.getId());
}
return Mono.just(session);
}
@Override
public Mono<Void> removeBySessionById(String sessionId) {
if (log.isDebugEnabled()) {
log.debug("Attempting to remove Session=[" + sessionId + "]");
}
String key = this.ID_TO_SESSION_KEY_MAPPING.get(sessionId);
if (log.isDebugEnabled()) {
if (key != null) {
log.debug("Found mapping for session. Session Removed.");
} else {
log.debug("No mapping for session found. Ignoring.");
}
}
this.MANAGED_SESSIONS.remove(key);
this.ID_TO_SESSION_KEY_MAPPING.remove(sessionId);
return Mono.empty();
}
@Override
public Mono<Void> addSessionById(String mappingId, WebSession session) {
this.ID_TO_SESSION_KEY_MAPPING.put(session.getId(), mappingId);
this.MANAGED_SESSIONS.put(mappingId, session);
return Mono.empty();
}
}
}

1
src/main/resources/application.properties Normal file
View File

@ -0,0 +1 @@
spring.application.name=cas

13
src/test/java/dev/flyfish/boot/cas/CasApplicationTests.java Normal file
View File

@ -0,0 +1,13 @@
package dev.flyfish.boot.cas;
import org.junit.jupiter.api.Test;
import org.springframework.boot.test.context.SpringBootTest;
@SpringBootTest
class CasApplicationTests {
@Test
void contextLoads() {
}
}