llvy.ltd/casdoor
1
0
Fork 0
mirror of https://github.com/casdoor/casdoor.git synced 2025-05-23 02:35:49 +08:00
Code Issues Packages Projects Releases Wiki Activity

Revert "feat: restrict redirectUrls for CAS login (#2118)"

Browse Source 
This reverts commit b7a37126ad2a7568426d6410480829d9ece51ef0.
This commit is contained in:
hsluoyz 2023-08-19 00:22:35 +08:00 committed by GitHub
parent 134541acde
commit 0c194ab47e
4 changed files with 6 additions and 29 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
controllers/organization.go
View File

@ -183,8 +183,6 @@ func (c *ApiController) DeleteOrganization() {
func (c *ApiController) GetDefaultApplication() {
userId := c.GetSessionUsername()
id := c.Input().Get("id")
redirectUri := c.Input().Get("redirectUri")
typ := c.Input().Get("type")
application, err := object.GetDefaultApplication(id)
if err != nil {
@ -192,14 +190,6 @@ func (c *ApiController) GetDefaultApplication() {
return
}
if typ == "cas" {
err = object.CheckCasRestrict(application, c.GetAcceptLanguage(), redirectUri)
if err != nil {
c.ResponseError(err.Error())
return
}
}
maskedApplication := object.GetMaskedApplication(application, userId)
c.ResponseOk(maskedApplication)
}

8
object/token_cas.go
View File

@ -26,7 +26,6 @@ import (
"time"
"github.com/beevik/etree"
"github.com/casdoor/casdoor/i18n"
"github.com/casdoor/casdoor/util"
dsig "github.com/russellhaering/goxmldsig"
)
@ -123,13 +122,6 @@ var stToServiceResponse sync.Map
// pgt is short for proxy granting ticket
var pgtToServiceResponse sync.Map
func CheckCasRestrict(application *Application, lang string, service string) error {
if len(application.RedirectUris) > 0 && !application.IsRedirectUriValid(service) {
return fmt.Errorf(i18n.Translate(lang, "token:Redirect URI: %s doesn't exist in the allowed Redirect URI list"), service)
}
return nil
}
func StoreCasTokenForPgt(token *CasAuthenticationSuccess, service, userId string) string {
pgt := fmt.Sprintf("PGT-%s", util.GenerateId())
pgtToServiceResponse.Store(pgt, &CasAuthenticationSuccessWrapper{

13
web/src/auth/LoginPage.js
View File

@ -173,12 +173,7 @@ class LoginPage extends React.Component {
this.onUpdateApplication(res.data);
});
} else {
let redirectUri = "";
if (this.state.type === "cas") {
const casParams = Util.getCasParameters();
redirectUri = casParams.service;
}
OrganizationBackend.getDefaultApplication("admin", this.state.owner, this.state.type, redirectUri)
OrganizationBackend.getDefaultApplication("admin", this.state.owner)
.then((res) => {
if (res.status === "ok") {
const application = res.data;
@ -188,9 +183,9 @@ class LoginPage extends React.Component {
});
} else {
this.onUpdateApplication(null);
this.setState({
msg: res.msg,
});
Setting.showMessage("error", res.msg);
this.props.history.push("/404");
}
});
}

4
web/src/backend/OrganizationBackend.js
View File

@ -70,8 +70,8 @@ export function deleteOrganization(organization) {
}).then(res => res.json());
}
export function getDefaultApplication(owner, name, type = "", redirectUri = "") {
return fetch(`${Setting.ServerUrl}/api/get-default-application?id=${owner}/${encodeURIComponent(name)}&type=${type}&redirectUri=${redirectUri}`, {
export function getDefaultApplication(owner, name) {
return fetch(`${Setting.ServerUrl}/api/get-default-application?id=${owner}/${encodeURIComponent(name)}`, {
method: "GET",
credentials: "include",
headers: {