diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index dfcfd6b..b69d864 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -9,107 +9,12 @@ permissions: {} jobs: build: - name: Build - runs-on: ubuntu-latest - steps: - - id: checkout - name: Checkout code - uses: actions/checkout@v4 - - - id: java - name: Install Java and Maven - uses: actions/setup-java@v4 - with: - distribution: zulu - java-version: 17 - - - id: vars - name: Get project variables - run: | - echo -n "keycloakVersion=" >> $GITHUB_OUTPUT - mvn -q help:evaluate -Dexpression=keycloak.version -DforceStdout 2> /dev/null | grep -E '^[0-9a-zA-Z.-]+$' >> $GITHUB_OUTPUT - echo -n "artifactId=" >> $GITHUB_OUTPUT - mvn -q help:evaluate -Dexpression=project.artifactId -DforceStdout 2> /dev/null | grep -E '^[0-9a-zA-Z.-]+$' >> $GITHUB_OUTPUT - echo -n "projectName=" >> $GITHUB_OUTPUT - mvn -q help:evaluate -Dexpression=project.name -DforceStdout 2> /dev/null | grep -E '^[0-9a-zA-Z :,.-]+$' >> $GITHUB_OUTPUT - echo -n "projectVersion=" >> $GITHUB_OUTPUT - mvn -q help:evaluate -Dexpression=project.version -DforceStdout 2> /dev/null | grep -E '^[0-9a-zA-Z.-]+$' >> $GITHUB_OUTPUT - - - name: Build project - run: | - mvn -B test package - - - name: Upload artifact - uses: actions/upload-artifact@v4 - with: - name: jar - path: target/${{ steps.vars.outputs.artifactId }}-${{ steps.vars.outputs.projectVersion }}.jar - if-no-files-found: error - - outputs: - artifact_id: ${{ steps.vars.outputs.artifactId }} - keycloak_version: ${{ steps.vars.outputs.keycloakVersion }} - project_name: ${{ steps.vars.outputs.projectName }} - project_version: ${{ steps.vars.outputs.projectVersion }} - - test: - name: Test - runs-on: ubuntu-latest - needs: build - steps: - - id: checkout - name: Checkout code - uses: actions/checkout@v4 - - - id: download_artifact - name: Download artifact - uses: actions/download-artifact@v4 - with: - name: jar - - - id: create_container - name: Create Keycloak container - run: | - docker run -i -t -d -e KEYCLOAK_ADMIN=admin -e KEYCLOAK_ADMIN_PASSWORD=admin -p 8080:8080 --name keycloak "quay.io/keycloak/keycloak:${{ needs.build.outputs.keycloak_version }}" start-dev - - - id: deploy - name: Deploy artifact - run: | - CONTAINER="keycloak" - NAME="${{ needs.build.outputs.artifact_id }}-${{ needs.build.outputs.project_version }}.jar" - FILE="/opt/keycloak/providers/${NAME}" - docker cp "${NAME}" "${CONTAINER}:${FILE}" - docker restart "${CONTAINER}" - for i in {1..60}; do - if curl --silent --max-time 1 -o /dev/null http://localhost:8080; then - echo && echo "Deployment succeeded!" && exit 0 - else - sleep 1 - echo -n "." - fi - done - echo && echo "Deployment timeout!" && exit 1 - - - id: configure_keycloak - name: Configure Keycloak - run: | - CONTAINER="keycloak" - docker exec -i "${CONTAINER}" /bin/bash <org.keycloak keycloak-protocol-cas - 26.0.0 + 26.0.6 Keycloak CAS Protocol @@ -36,7 +36,7 @@ UTF-8 17 - 1728031754 + 1732265490 @@ -124,13 +124,13 @@ org.glassfish.jersey.core jersey-common - 3.1.8 + 3.1.9 test org.mockito mockito-core - 5.14.1 + 5.14.2 test diff --git a/src/main/java/org/keycloak/protocol/cas/CASLoginProtocol.java b/src/main/java/org/keycloak/protocol/cas/CASLoginProtocol.java index 43ad441..d828d38 100644 --- a/src/main/java/org/keycloak/protocol/cas/CASLoginProtocol.java +++ b/src/main/java/org/keycloak/protocol/cas/CASLoginProtocol.java @@ -47,7 +47,7 @@ public class CASLoginProtocol implements LoginProtocol { public static final String PROXY_GRANTING_TICKET_IOU_PREFIX = "PGTIOU-"; public static final String PROXY_GRANTING_TICKET_PREFIX = "PGT-"; public static final String PROXY_TICKET_PREFIX = "PT-"; - public static final String SESSION_SERVICE_TICKET = "service_ticket"; + public static final String SESSION_TICKET = "service_ticket"; public static final String LOGOUT_REDIRECT_URI = "CAS_LOGOUT_REDIRECT_URI"; @@ -150,7 +150,7 @@ public Response sendError(ClientModel clientModel, ClientData clientData, Error @Override public Response backchannelLogout(UserSessionModel userSession, AuthenticatedClientSessionModel clientSession) { String logoutUrl = clientSession.getRedirectUri(); - String serviceTicket = clientSession.getNote(CASLoginProtocol.SESSION_SERVICE_TICKET); + String serviceTicket = clientSession.getNote(CASLoginProtocol.SESSION_TICKET); //check if session is fully authenticated (i.e. serviceValidate has been called) if (serviceTicket != null && !serviceTicket.isEmpty()) { sendSingleLogoutRequest(logoutUrl, serviceTicket); diff --git a/src/main/java/org/keycloak/protocol/cas/endpoints/AbstractValidateEndpoint.java b/src/main/java/org/keycloak/protocol/cas/endpoints/AbstractValidateEndpoint.java index e166bb0..54f05ca 100644 --- a/src/main/java/org/keycloak/protocol/cas/endpoints/AbstractValidateEndpoint.java +++ b/src/main/java/org/keycloak/protocol/cas/endpoints/AbstractValidateEndpoint.java @@ -151,7 +151,7 @@ protected void checkTicket(String ticket, String prefix, boolean requireReauth) throw new CASValidationException(CASErrorCode.INVALID_TICKET, "Code is expired", Response.Status.BAD_REQUEST); } - clientSession.setNote(prefix, ticket); + clientSession.setNote(CASLoginProtocol.SESSION_TICKET, ticket); if (requireReauth && AuthenticationManager.isSSOAuthentication(clientSession)) { event.error(Errors.SESSION_EXPIRED);