From 8919015f74f1583fef31838150c4fc4737c2837a Mon Sep 17 00:00:00 2001
From: Stian Thorgersen <stianst@gmail.com>
Date: Wed, 19 Apr 2017 15:01:15 +0200
Subject: [PATCH] KEYCLOAK-4287 Remove deprecated session iframe endpoint

---
 .../login-status-iframe-deprecated.html       | 49 -------------
 .../endpoints/LoginStatusIframeEndpoint.java  | 70 ++-----------------
 2 files changed, 4 insertions(+), 115 deletions(-)
 delete mode 100755 adapters/oidc/js/src/main/resources/login-status-iframe-deprecated.html

diff --git a/adapters/oidc/js/src/main/resources/login-status-iframe-deprecated.html b/adapters/oidc/js/src/main/resources/login-status-iframe-deprecated.html
deleted file mode 100755
index 01515e3025..0000000000
--- a/adapters/oidc/js/src/main/resources/login-status-iframe-deprecated.html
+++ /dev/null
@@ -1,49 +0,0 @@
-<!--
-  ~ Copyright 2016 Red Hat, Inc. and/or its affiliates
-  ~ and other contributors as indicated by the @author tags.
-  ~
-  ~ Licensed under the Apache License, Version 2.0 (the "License");
-  ~ you may not use this file except in compliance with the License.
-  ~ You may obtain a copy of the License at
-  ~
-  ~ http://www.apache.org/licenses/LICENSE-2.0
-  ~
-  ~ Unless required by applicable law or agreed to in writing, software
-  ~ distributed under the License is distributed on an "AS IS" BASIS,
-  ~ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-  ~ See the License for the specific language governing permissions and
-  ~ limitations under the License.
-  -->
-
-<script>
-    function getCookie(cname)
-    {
-        var name = cname + "=";
-        var ca = document.cookie.split(';');
-        for(var i=0; i<ca.length; i++)
-        {
-            var c = ca[i].trim();
-            if (c.indexOf(name)==0) return c.substring(name.length,c.length);
-        }
-        return null;
-    }
-    function receiveMessage(event)
-    {
-        if (event.origin !== "ORIGIN") {
-            console.log(event.origin + " does not match built origin");
-            return;
-
-        }
-        var data = JSON.parse(event.data);
-        data.loggedIn = false;
-        var cookie = getCookie('KEYCLOAK_SESSION');
-        if (cookie) {
-            data.loggedIn = true;
-            data.session = cookie;
-        }
-
-        event.source.postMessage(JSON.stringify(data),
-            event.origin);
-    }
-    window.addEventListener("message", receiveMessage, false);
-</script>
\ No newline at end of file
diff --git a/services/src/main/java/org/keycloak/protocol/oidc/endpoints/LoginStatusIframeEndpoint.java b/services/src/main/java/org/keycloak/protocol/oidc/endpoints/LoginStatusIframeEndpoint.java
index d1fc565ee9..b4f8622d5d 100755
--- a/services/src/main/java/org/keycloak/protocol/oidc/endpoints/LoginStatusIframeEndpoint.java
+++ b/services/src/main/java/org/keycloak/protocol/oidc/endpoints/LoginStatusIframeEndpoint.java
@@ -17,24 +17,22 @@
 
 package org.keycloak.protocol.oidc.endpoints;
 
-import org.keycloak.Config;
-import org.keycloak.common.util.StreamUtil;
 import org.keycloak.common.util.UriUtils;
 import org.keycloak.models.ClientModel;
 import org.keycloak.models.KeycloakSession;
 import org.keycloak.models.RealmModel;
-import org.keycloak.protocol.oidc.utils.RedirectUtils;
 import org.keycloak.protocol.oidc.utils.WebOriginsUtils;
 import org.keycloak.services.util.CacheControlUtil;
 import org.keycloak.services.util.P3PHelper;
 import org.keycloak.utils.MediaType;
 
-import javax.ws.rs.*;
-import javax.ws.rs.core.CacheControl;
+import javax.ws.rs.GET;
+import javax.ws.rs.Path;
+import javax.ws.rs.Produces;
+import javax.ws.rs.QueryParam;
 import javax.ws.rs.core.Context;
 import javax.ws.rs.core.Response;
 import javax.ws.rs.core.UriInfo;
-import java.io.IOException;
 import java.io.InputStream;
 import java.util.Set;
 
@@ -59,10 +57,6 @@ public class LoginStatusIframeEndpoint {
     @Produces(MediaType.TEXT_HTML_UTF_8)
     public Response getLoginStatusIframe(@QueryParam("client_id") String client_id,
                                          @QueryParam("origin") String origin) {
-        if (client_id != null && origin != null) {
-            return getLoginStatusIframeDeprecated(client_id, origin);
-        }
-
         InputStream resource = getClass().getClassLoader().getResourceAsStream("login-status-iframe.html");
         if (resource != null) {
             P3PHelper.addP3PHeader(session);
@@ -90,60 +84,4 @@ public class LoginStatusIframeEndpoint {
         return Response.status(Response.Status.FORBIDDEN).build();
     }
 
-    // Support for old keycloak.js
-    private Response getLoginStatusIframeDeprecated(@QueryParam("client_id") String client_id,
-                                         @QueryParam("origin") String origin) {
-        if (!UriUtils.isOrigin(origin)) {
-            throw new WebApplicationException(Response.Status.BAD_REQUEST);
-        }
-
-        ClientModel client = realm.getClientByClientId(client_id);
-        if (client == null) {
-            throw new WebApplicationException(Response.Status.BAD_REQUEST);
-        }
-
-        InputStream is = getClass().getClassLoader().getResourceAsStream("login-status-iframe-deprecated.html");
-        if (is == null) throw new org.jboss.resteasy.spi.NotFoundException("Could not find login-status-iframe-deprecated.html ");
-
-        boolean valid = false;
-        for (String o : client.getWebOrigins()) {
-            if (o.equals("*") || o.equals(origin)) {
-                valid = true;
-                break;
-            }
-        }
-
-        for (String r : RedirectUtils.resolveValidRedirects(uriInfo, client.getRootUrl(), client.getRedirectUris())) {
-            int i = r.indexOf('/', 8);
-            if (i != -1) {
-                r = r.substring(0, i);
-            }
-
-            if (r.equals(origin)) {
-                valid = true;
-                break;
-            }
-        }
-
-        if (!valid) {
-            throw new WebApplicationException(Response.Status.BAD_REQUEST);
-        }
-
-        try {
-            String file = StreamUtil.readString(is);
-            file = file.replace("ORIGIN", origin);
-
-            P3PHelper.addP3PHeader(session);
-
-            CacheControl cacheControl = new CacheControl();
-            cacheControl.setNoTransform(false);
-            cacheControl.setMaxAge(Config.scope("theme").getInt("staticMaxAge", -1));
-
-            return Response.ok(file).cacheControl(cacheControl).build();
-        } catch (IOException e) {
-            throw new WebApplicationException(e, Response.Status.BAD_REQUEST);
-        }
-    }
-
-
 }