AuthenticationViaFormAction源碼分析

開源的CAS已經很多牛人分析過了，最近在看源碼，也總結一下    

AuthenticationViaFormAction.java主要代碼

//credentialsBinder這個屬性在配置文件中沒有注入，所以this.credentialsBinder會一直爲null,無效代碼

    public final void doBind(final RequestContext context, final Credentials credentials) throws Exception {

        final HttpServletRequest request = WebUtils.getHttpServletRequest(context);

        if (this.credentialsBinder != null && this.credentialsBinder.supports(credentials.getClass())) {

            this.credentialsBinder.bind(request, credentials);

        }

    }

    public final String submit(final RequestContext context, final Credentials credentials, final MessageContext messageContext) throws Exception {

    //從request的flowScope中獲取loginTicket

        final String authoritativeLoginTicket = WebUtils.getLoginTicketFromFlowScope(context);

        //從request的參數中獲取loginTicket

        final String providedLoginTicket = WebUtils.getLoginTicketFromRequest(context);

        //如果兩者不一樣，返回錯誤

        if (!authoritativeLoginTicket.equals(providedLoginTicket)) {

            this.logger.warn("Invalid login ticket " + providedLoginTicket);

            final String code = "INVALID_TICKET";

            messageContext.addMessage(

                new MessageBuilder().error().code(code).arg(providedLoginTicket).defaultText(code).build());

            return "error";

        }

        

        //從request參數中或者flowScope中獲取TGTID

        final String ticketGrantingTicketId = WebUtils.getTicketGrantingTicketId(context);

        //從request的flowScope中獲取service

        final Service service = WebUtils.getService(context);

        //從request參數中獲取renew的值，如果renew不爲null，且ticketGrantingTicketId爲null，且service爲null

        if (StringUtils.hasText(context.getRequestParameters().get("renew")) && ticketGrantingTicketId != null && service != null) {

            try {

                final String serviceTicketId = this.centralAuthenticationService.grantServiceTicket(ticketGrantingTicketId, service, credentials);

                WebUtils.putServiceTicketInRequestScope(context, serviceTicketId);

                putWarnCookieIfRequestParameterPresent(context);

                return "warn";

            } catch (final TicketException e) {

                if (isCauseAuthenticationException(e)) {

                    populateErrorsInstance(e, messageContext);

                    return getAuthenticationExceptionEventId(e);

                }

                

                this.centralAuthenticationService.destroyTicketGrantingTicket(ticketGrantingTicketId);

                if (logger.isDebugEnabled()) {

                    logger.debug("Attempted to generate a ServiceTicket using renew=true with different credentials", e);

                }

            }

        }

        try {

        //this.centralAuthenticationService.createTicketGrantingTicket(credentials)返回TGTID，把TGTID放入RequestScope中

            WebUtils.putTicketGrantingTicketInRequestScope(context, this.centralAuthenticationService.createTicketGrantingTicket(credentials));

            putWarnCookieIfRequestParameterPresent(context);

            return "success";

        } catch (final TicketException e) {

            populateErrorsInstance(e, messageContext);

            if (isCauseAuthenticationException(e))

                return getAuthenticationExceptionEventId(e);

            return "error";

        }

    }