libre.sh/keycloak-scim
3
0
Fork 0
Code Issues 15 Pull requests Releases 1 Packages Activity Actions

KEYCLOAK-13962 SAML2 Identity Provider - During login phase, SamlAuthenticationPreprocessors are not taken into account to produce an appropriate destination url

Browse source
This commit is contained in:
Lorent Lempereur 2020-07-25 00:10:43 +02:00 committed by GitHub
parent 7b112e5f7b
commit 0d5b5abb4d
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
1 changed files with 10 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

10
services/src/main/java/org/keycloak/broker/saml/SAMLIdentityProvider.java
View file

@ -127,6 +127,10 @@ public class SAMLIdentityProvider extends AbstractIdentityProvider<SAMLIdentityP
authnRequest = it.next().beforeSendingLoginRequest(authnRequest, request.getAuthenticationSession());
}
if (authnRequest.getDestination() != null) {
destinationUrl = authnRequest.getDestination().toString();
}
if (postBinding) {
return binding.postBinding(authnRequestBuilder.toDocument()).request(destinationUrl);
} else {
@ -168,6 +172,9 @@ public class SAMLIdentityProvider extends AbstractIdentityProvider<SAMLIdentityP
JaxrsSAML2BindingBuilder binding = buildLogoutBinding(session, userSession, realm);
try {
LogoutRequestType logoutRequest = buildLogoutRequest(userSession, uriInfo, realm, singleLogoutServiceUrl);
if (logoutRequest.getDestination() != null) {
singleLogoutServiceUrl = logoutRequest.getDestination().toString();
}
int status = SimpleHttp.doPost(singleLogoutServiceUrl, session)
.param(GeneralConstants.SAML_REQUEST_KEY, binding.postBinding(SAML2Request.convert(logoutRequest)).encoded())
.param(GeneralConstants.RELAY_STATE, userSession.getId()).asStatus();
@ -192,6 +199,9 @@ public class SAMLIdentityProvider extends AbstractIdentityProvider<SAMLIdentityP
} else {
try {
LogoutRequestType logoutRequest = buildLogoutRequest(userSession, uriInfo, realm, singleLogoutServiceUrl);
if (logoutRequest.getDestination() != null) {
singleLogoutServiceUrl = logoutRequest.getDestination().toString();
}
JaxrsSAML2BindingBuilder binding = buildLogoutBinding(session, userSession, realm);
if (getConfig().isPostBindingLogout()) {
return binding.postBinding(SAML2Request.convert(logoutRequest)).request(singleLogoutServiceUrl);