no backchannel if state
This commit is contained in:
Bill Burke
parent
4cc249bcd4
commit
082ebe8043
6 changed files with 19 additions and 2 deletions
|
|
@ -215,6 +215,9 @@ public class SAMLEndpoint {
|
|||
if (request.getSessionIndex() == null || request.getSessionIndex().isEmpty()) {
|
||||
List<UserSessionModel> userSessions = session.sessions().getUserSessionByBrokerUserId(realm, brokerUserId);
|
||||
for (UserSessionModel userSession : userSessions) {
|
||||
if (userSession.getState() == UserSessionModel.State.LOGGING_OUT || userSession.getState() == UserSessionModel.State.LOGGED_OUT) {
|
||||
continue;
|
||||
}
|
||||
try {
|
||||
AuthenticationManager.backchannelLogout(session, realm, userSession, uriInfo, clientConnection, headers, false);
|
||||
} catch (Exception e) {
|
||||
|
|
@ -227,6 +230,9 @@ public class SAMLEndpoint {
|
|||
String brokerSessionId = brokerUserId + "." + sessionIndex;
|
||||
UserSessionModel userSession = session.sessions().getUserSessionByBrokerSessionId(realm, brokerSessionId);
|
||||
if (userSession != null) {
|
||||
if (userSession.getState() == UserSessionModel.State.LOGGING_OUT || userSession.getState() == UserSessionModel.State.LOGGED_OUT) {
|
||||
continue;
|
||||
}
|
||||
try {
|
||||
AuthenticationManager.backchannelLogout(session, realm, userSession, uriInfo, clientConnection, headers, false);
|
||||
} catch (Exception e) {
|
||||
|
|
|
|||
|
|
@ -104,6 +104,7 @@ public class UserSessionAdapter implements UserSessionModel {
|
|||
attr.setUserSession(entity);
|
||||
em.persist(attr);
|
||||
entity.getNotes().add(attr);
|
||||
em.flush();
|
||||
}
|
||||
|
||||
@Override
|
||||
|
|
@ -116,6 +117,7 @@ public class UserSessionAdapter implements UserSessionModel {
|
|||
em.remove(attr);
|
||||
}
|
||||
}
|
||||
em.flush();
|
||||
}
|
||||
|
||||
@Override
|
||||
|
|
|
|||
|
|
@ -123,7 +123,10 @@ public class LogoutEndpoint {
|
|||
if (redirect != null) userSession.setNote(OIDCLoginProtocol.LOGOUT_REDIRECT_URI, redirect);
|
||||
if (state != null) userSession.setNote(OIDCLoginProtocol.LOGOUT_STATE_PARAM, state);
|
||||
userSession.setNote(AuthenticationManager.KEYCLOAK_LOGOUT_PROTOCOL, OIDCLoginProtocol.LOGIN_PROTOCOL);
|
||||
return AuthenticationManager.browserLogout(session, realm, authResult.getSession(), uriInfo, clientConnection, headers);
|
||||
logger.debug("Initiating OIDC browser logout");
|
||||
Response response = AuthenticationManager.browserLogout(session, realm, authResult.getSession(), uriInfo, clientConnection, headers);
|
||||
logger.debug("finishing OIDC browser logout");
|
||||
return response;
|
||||
} else if (userSession != null) { // non browser logout
|
||||
event.event(EventType.LOGOUT);
|
||||
authManager.backchannelLogout(session, realm, userSession, uriInfo, clientConnection, headers, true);
|
||||
|
|
|
|||
|
|
@ -391,6 +391,7 @@ public abstract class AbstractIdentityProviderTest {
|
|||
|
||||
// Logout from account management
|
||||
String pageSource = driver.getPageSource();
|
||||
System.out.println("*** logout from account management");
|
||||
accountFederatedIdentityPage.logout();
|
||||
assertTrue(driver.getTitle().equals("Log in to realm-with-broker"));
|
||||
assertTrue(this.driver.getCurrentUrl().startsWith("http://localhost:8081/auth/realms/realm-with-broker/protocol/openid-connect/auth"));
|
||||
|
|
|
|||
|
|
@ -97,4 +97,9 @@ public class SAMLKeyCloakServerBrokerWithSignatureTest extends AbstractIdentityP
|
|||
public void testTokenStorageAndRetrievalByApplication() {
|
||||
super.testTokenStorageAndRetrievalByApplication();
|
||||
}
|
||||
|
||||
@Test
|
||||
public void testAccountManagementLinkIdentity() {
|
||||
super.testAccountManagementLinkIdentity();
|
||||
}
|
||||
}
|
||||
|
|
|
|||
|
|
@ -121,7 +121,7 @@
|
|||
"validateSignature": true,
|
||||
"postBindingResponse": true,
|
||||
"postBindingAuthnRequest": true,
|
||||
"backchannelSupported": false
|
||||
"backchannelSupported": true
|
||||
}
|
||||
},
|
||||
{
|
||||
|
|
|
|||
Loading…
Reference in a new issue