libre.sh/keycloak-scim
3
0
Fork 0
Code Issues 15 Pull requests Releases Packages Activity Actions

KEYCLOAK-220 Fix login to realm with space in id, KEYCLOAK-199 Add account management to admin realm

Browse source
This commit is contained in:
Stian Thorgersen 2013-12-07 11:35:32 +00:00
parent 43da684a91
commit 0dad786b35
7 changed files with 19 additions and 13 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
admin-ui/src/main/resources/META-INF/resources/admin/partials/menu.html
View file

@ -11,7 +11,7 @@
<a href="#" class="dropdown-toggle" data-toggle="dropdown">
<span class="icon-user">Icon: user</span>{{auth.user.displayName}}<i class="caret"></i></a>
<ul class="dropdown-menu">
<li><a href="#">Manage Account</a></li>
<li><a href="/auth-server/rest/realms/Keycloak Administration/account">Manage Account</a></li>
<li class="separator"><a href="/auth-server/rest/saas/logout">Sign Out</a></li>
</ul>
</li>

2
core/src/main/java/org/keycloak/jaxrs/JaxrsOAuthClient.java
View file

@ -46,7 +46,7 @@ public class JaxrsOAuthClient extends AbstractOAuthClient {
public String getStateCookiePath(UriInfo uriInfo) {
if (stateCookiePath != null) return stateCookiePath;
return uriInfo.getBaseUri().getPath();
return uriInfo.getBaseUri().getRawPath();
}
public String getBearerToken(UriInfo uriInfo, HttpHeaders headers) throws BadRequestException, InternalServerErrorException {

6
services/src/main/java/org/keycloak/services/managers/ApplianceBootstrap.java
View file

@ -62,6 +62,12 @@ public class ApplianceBootstrap {
adminUser.addRequiredAction(UserModel.RequiredAction.UPDATE_PASSWORD);
adminConsole.grantRole(adminUser, adminRole);
manager.enableAccountManagement(realm);
ApplicationModel accountApp = realm.getApplicationNameMap().get(Constants.ACCOUNT_APPLICATION);
for (String r : accountApp.getDefaultRoles()) {
accountApp.grantRole(adminUser, accountApp.getRole(r));
}
}
}

12
services/src/main/java/org/keycloak/services/managers/AuthenticationManager.java
View file

@ -55,20 +55,20 @@ public class AuthenticationManager {
public NewCookie createLoginCookie(RealmModel realm, UserModel user, UriInfo uriInfo) {
String cookieName = KEYCLOAK_IDENTITY_COOKIE;
URI uri = RealmsResource.realmBaseUrl(uriInfo).build(realm.getId());
String cookiePath = uri.getPath();
String cookiePath = uri.getRawPath();
return createLoginCookie(realm, user, null, cookieName, cookiePath);
}
public NewCookie createSaasIdentityCookie(RealmModel realm, UserModel user, UriInfo uriInfo) {
String cookieName = SaasService.SAAS_IDENTITY_COOKIE;
URI uri = SaasService.saasCookiePath(uriInfo).build();
String cookiePath = uri.getPath();
String cookiePath = uri.getRawPath();
return createLoginCookie(realm, user, null, cookieName, cookiePath);
}
public NewCookie createAccountIdentityCookie(RealmModel realm, UserModel user, UserModel client, URI uri) {
String cookieName = AccountService.ACCOUNT_IDENTITY_COOKIE;
String cookiePath = uri.getPath();
String cookiePath = uri.getRawPath();
return createLoginCookie(realm, user, client, cookieName, cookiePath);
}
@ -101,19 +101,19 @@ public class AuthenticationManager {
public void expireIdentityCookie(RealmModel realm, UriInfo uriInfo) {
URI uri = RealmsResource.realmBaseUrl(uriInfo).build(realm.getId());
logger.debug("Expiring identity cookie");
String path = uri.getPath();
String path = uri.getRawPath();
String cookieName = KEYCLOAK_IDENTITY_COOKIE;
expireCookie(cookieName, path);
}
public void expireSaasIdentityCookie(UriInfo uriInfo) {
URI uri = SaasService.saasCookiePath(uriInfo).build();
String cookiePath = uri.getPath();
String cookiePath = uri.getRawPath();
expireCookie(SaasService.SAAS_IDENTITY_COOKIE, cookiePath);
}
public void expireAccountIdentityCookie(URI uri) {
String cookiePath = uri.getPath();
String cookiePath = uri.getRawPath();
expireCookie(AccountService.ACCOUNT_IDENTITY_COOKIE, cookiePath);
}

4
services/src/main/java/org/keycloak/services/managers/RealmManager.java
View file

@ -137,7 +137,7 @@ public class RealmManager {
}
}
private void enableAccountManagement(RealmModel realm) {
public void enableAccountManagement(RealmModel realm) {
ApplicationModel application = realm.getApplicationNameMap().get(Constants.ACCOUNT_APPLICATION);
if (application == null) {
application = realm.addApplication(Constants.ACCOUNT_APPLICATION);
@ -156,7 +156,7 @@ public class RealmManager {
application.setEnabled(true);
}
private void disableAccountManagement(RealmModel realm) {
public void disableAccountManagement(RealmModel realm) {
ApplicationModel application = realm.getApplicationNameMap().get(Constants.ACCOUNT_APPLICATION);
if (application != null) {
application.setEnabled(false); // TODO Should we delete the application instead?

4
services/src/main/java/org/keycloak/services/resources/AccountService.java
View file

@ -336,7 +336,7 @@ public class AccountService {
NewCookie cookie = authManager.createAccountIdentityCookie(realm, accessCode.getUser(), client, Urls.accountBase(uriInfo.getBaseUri()).build(realm.getId()));
return Response.status(302).cookie(cookie).location(redirectUri).build();
} finally {
authManager.expireCookie(AbstractOAuthClient.OAUTH_TOKEN_REQUEST_STATE, uriInfo.getAbsolutePath().getPath());
authManager.expireCookie(AbstractOAuthClient.OAUTH_TOKEN_REQUEST_STATE, uriInfo.getAbsolutePath().getRawPath());
}
}
@ -364,7 +364,7 @@ public class AccountService {
path = (path != null ? path : "") + "?referrer=" + referrer;
}
oauth.setStateCookiePath(accountUri.getPath());
oauth.setStateCookiePath(accountUri.getRawPath());
return oauth.redirect(uriInfo, accountUri.toString(), path);
}

2
services/src/main/java/org/keycloak/services/resources/SaasService.java
View file

@ -215,7 +215,7 @@ public class SaasService {
oauth.setClientId(Constants.ADMIN_CONSOLE_APPLICATION);
URI redirectUri = uriInfo.getBaseUriBuilder().path(SaasService.class).path(SaasService.class, "loginRedirect").build();
logger.debug("redirectUri: {0}", redirectUri.toString());
oauth.setStateCookiePath(redirectUri.getPath());
oauth.setStateCookiePath(redirectUri.getRawPath());
return oauth.redirect(uriInfo, redirectUri.toString(), path);
}