Merge pull request #4047 from stianst/KEYCLOAK-4287
KEYCLOAK-4287 Remove deprecated session iframe endpoint
This commit is contained in:
commit
14b109da18
2 changed files with 4 additions and 115 deletions
|
@ -1,49 +0,0 @@
|
|||
<!--
|
||||
~ Copyright 2016 Red Hat, Inc. and/or its affiliates
|
||||
~ and other contributors as indicated by the @author tags.
|
||||
~
|
||||
~ Licensed under the Apache License, Version 2.0 (the "License");
|
||||
~ you may not use this file except in compliance with the License.
|
||||
~ You may obtain a copy of the License at
|
||||
~
|
||||
~ http://www.apache.org/licenses/LICENSE-2.0
|
||||
~
|
||||
~ Unless required by applicable law or agreed to in writing, software
|
||||
~ distributed under the License is distributed on an "AS IS" BASIS,
|
||||
~ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
~ See the License for the specific language governing permissions and
|
||||
~ limitations under the License.
|
||||
-->
|
||||
|
||||
<script>
|
||||
function getCookie(cname)
|
||||
{
|
||||
var name = cname + "=";
|
||||
var ca = document.cookie.split(';');
|
||||
for(var i=0; i<ca.length; i++)
|
||||
{
|
||||
var c = ca[i].trim();
|
||||
if (c.indexOf(name)==0) return c.substring(name.length,c.length);
|
||||
}
|
||||
return null;
|
||||
}
|
||||
function receiveMessage(event)
|
||||
{
|
||||
if (event.origin !== "ORIGIN") {
|
||||
console.log(event.origin + " does not match built origin");
|
||||
return;
|
||||
|
||||
}
|
||||
var data = JSON.parse(event.data);
|
||||
data.loggedIn = false;
|
||||
var cookie = getCookie('KEYCLOAK_SESSION');
|
||||
if (cookie) {
|
||||
data.loggedIn = true;
|
||||
data.session = cookie;
|
||||
}
|
||||
|
||||
event.source.postMessage(JSON.stringify(data),
|
||||
event.origin);
|
||||
}
|
||||
window.addEventListener("message", receiveMessage, false);
|
||||
</script>
|
|
@ -17,24 +17,22 @@
|
|||
|
||||
package org.keycloak.protocol.oidc.endpoints;
|
||||
|
||||
import org.keycloak.Config;
|
||||
import org.keycloak.common.util.StreamUtil;
|
||||
import org.keycloak.common.util.UriUtils;
|
||||
import org.keycloak.models.ClientModel;
|
||||
import org.keycloak.models.KeycloakSession;
|
||||
import org.keycloak.models.RealmModel;
|
||||
import org.keycloak.protocol.oidc.utils.RedirectUtils;
|
||||
import org.keycloak.protocol.oidc.utils.WebOriginsUtils;
|
||||
import org.keycloak.services.util.CacheControlUtil;
|
||||
import org.keycloak.services.util.P3PHelper;
|
||||
import org.keycloak.utils.MediaType;
|
||||
|
||||
import javax.ws.rs.*;
|
||||
import javax.ws.rs.core.CacheControl;
|
||||
import javax.ws.rs.GET;
|
||||
import javax.ws.rs.Path;
|
||||
import javax.ws.rs.Produces;
|
||||
import javax.ws.rs.QueryParam;
|
||||
import javax.ws.rs.core.Context;
|
||||
import javax.ws.rs.core.Response;
|
||||
import javax.ws.rs.core.UriInfo;
|
||||
import java.io.IOException;
|
||||
import java.io.InputStream;
|
||||
import java.util.Set;
|
||||
|
||||
|
@ -59,10 +57,6 @@ public class LoginStatusIframeEndpoint {
|
|||
@Produces(MediaType.TEXT_HTML_UTF_8)
|
||||
public Response getLoginStatusIframe(@QueryParam("client_id") String client_id,
|
||||
@QueryParam("origin") String origin) {
|
||||
if (client_id != null && origin != null) {
|
||||
return getLoginStatusIframeDeprecated(client_id, origin);
|
||||
}
|
||||
|
||||
InputStream resource = getClass().getClassLoader().getResourceAsStream("login-status-iframe.html");
|
||||
if (resource != null) {
|
||||
P3PHelper.addP3PHeader(session);
|
||||
|
@ -90,60 +84,4 @@ public class LoginStatusIframeEndpoint {
|
|||
return Response.status(Response.Status.FORBIDDEN).build();
|
||||
}
|
||||
|
||||
// Support for old keycloak.js
|
||||
private Response getLoginStatusIframeDeprecated(@QueryParam("client_id") String client_id,
|
||||
@QueryParam("origin") String origin) {
|
||||
if (!UriUtils.isOrigin(origin)) {
|
||||
throw new WebApplicationException(Response.Status.BAD_REQUEST);
|
||||
}
|
||||
|
||||
ClientModel client = realm.getClientByClientId(client_id);
|
||||
if (client == null) {
|
||||
throw new WebApplicationException(Response.Status.BAD_REQUEST);
|
||||
}
|
||||
|
||||
InputStream is = getClass().getClassLoader().getResourceAsStream("login-status-iframe-deprecated.html");
|
||||
if (is == null) throw new org.jboss.resteasy.spi.NotFoundException("Could not find login-status-iframe-deprecated.html ");
|
||||
|
||||
boolean valid = false;
|
||||
for (String o : client.getWebOrigins()) {
|
||||
if (o.equals("*") || o.equals(origin)) {
|
||||
valid = true;
|
||||
break;
|
||||
}
|
||||
}
|
||||
|
||||
for (String r : RedirectUtils.resolveValidRedirects(uriInfo, client.getRootUrl(), client.getRedirectUris())) {
|
||||
int i = r.indexOf('/', 8);
|
||||
if (i != -1) {
|
||||
r = r.substring(0, i);
|
||||
}
|
||||
|
||||
if (r.equals(origin)) {
|
||||
valid = true;
|
||||
break;
|
||||
}
|
||||
}
|
||||
|
||||
if (!valid) {
|
||||
throw new WebApplicationException(Response.Status.BAD_REQUEST);
|
||||
}
|
||||
|
||||
try {
|
||||
String file = StreamUtil.readString(is);
|
||||
file = file.replace("ORIGIN", origin);
|
||||
|
||||
P3PHelper.addP3PHeader(session);
|
||||
|
||||
CacheControl cacheControl = new CacheControl();
|
||||
cacheControl.setNoTransform(false);
|
||||
cacheControl.setMaxAge(Config.scope("theme").getInt("staticMaxAge", -1));
|
||||
|
||||
return Response.ok(file).cacheControl(cacheControl).build();
|
||||
} catch (IOException e) {
|
||||
throw new WebApplicationException(e, Response.Status.BAD_REQUEST);
|
||||
}
|
||||
}
|
||||
|
||||
|
||||
}
|
||||
|
|
Loading…
Reference in a new issue