Merge pull request #386 from patriot1burke/master

check ssl required in adapter
2014-05-14 15:24:22 -04:00 · 2014-05-14 15:24:22 -04:00 · 07a31d3f35
commit 07a31d3f35
parent 26f6da10dd 07dbb7d7b7
2 changed files with 6 additions and 0 deletions
--- a/integration/adapter-core/src/main/java/org/keycloak/adapters/RequestAuthenticator.java
+++ b/integration/adapter-core/src/main/java/org/keycloak/adapters/RequestAuthenticator.java
@ -32,6 +32,10 @@ public abstract class RequestAuthenticator {

    public AuthOutcome authenticate() {
        log.info("--> authenticate()");
+        if (!facade.getRequest().isSecure() && deployment.isSslRequired()) {
+            log.warn("SSL is required to authenticate");
+            return AuthOutcome.FAILED;
+        }
        BearerTokenRequestAuthenticator bearer = createBearerTokenAuthenticator();
        log.info("try bearer");
        AuthOutcome outcome = bearer.authenticate(facade);
@ -65,6 +69,7 @@ public abstract class RequestAuthenticator {
            return AuthOutcome.NOT_ATTEMPTED;

        }
+
        completeAuthentication(oauth);

        // redirect to strip out access code and state query parameters
--- a/testsuite/integration/src/test/resources/adapter-test/customer-db-keycloak.json
+++ b/testsuite/integration/src/test/resources/adapter-test/customer-db-keycloak.json
@ -2,6 +2,7 @@
  "realm" : "demo",
  "resource" : "customer-db",
  "realm-public-key" : "MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCrVrCuTtArbgaZzL1hvh0xtL5mc7o0NqPVnYXkLvgcwiC3BjLGw1tGEGoJaXDuSaRllobm53JBhjx33UNv+5z/UMG4kytBWxheNVKnL6GgqlNabMaFfPLPCF8kAgKnsi79NMo+n6KnSY8YeUmec/p2vjO2NjsSAVcWEQMVhJ31LwIDAQAB",
+  "ssl-not-required" : true,
  "bearer-only" : true,
  "enable-cors" : true