KEYCLOAK-5352 Basic Auth fails if password contains a ':'
This commit is contained in:
parent
9ff22f596d
commit
19eed51582
2 changed files with 0 additions and 7 deletions
|
@ -71,11 +71,9 @@ public class BasicAuthRequestAuthenticator extends BearerTokenRequestAuthenticat
|
|||
AccessTokenResponse atr=null;
|
||||
try {
|
||||
String userpw=new String(Base64.decode(tokenString));
|
||||
log.debug("Username and password string for basic auth is: " + userpw);
|
||||
int seperatorIndex = userpw.indexOf(":");
|
||||
String user = userpw.substring(0, seperatorIndex);
|
||||
String pw = userpw.substring(seperatorIndex + 1);
|
||||
log.debug("Username for token is: " + user + ", password is: " + pw);
|
||||
atr = getToken(user, pw);
|
||||
tokenString = atr.getToken();
|
||||
} catch (Exception e) {
|
||||
|
|
|
@ -11,8 +11,6 @@ import org.keycloak.models.RealmModel;
|
|||
import org.keycloak.models.UserCredentialModel;
|
||||
import org.keycloak.models.UserModel;
|
||||
|
||||
import org.jboss.logging.Logger;
|
||||
|
||||
import javax.ws.rs.core.HttpHeaders;
|
||||
import javax.ws.rs.core.Response;
|
||||
import java.io.IOException;
|
||||
|
@ -22,7 +20,6 @@ public class HttpBasicAuthenticator implements Authenticator {
|
|||
|
||||
private static final String BASIC = "Basic";
|
||||
private static final String BASIC_PREFIX = BASIC + " ";
|
||||
private Logger log = Logger.getLogger(HttpBasicAuthenticator.class);
|
||||
|
||||
@Override
|
||||
public void authenticate(final AuthenticationFlowContext context) {
|
||||
|
@ -98,12 +95,10 @@ public class HttpBasicAuthenticator implements Authenticator {
|
|||
|
||||
try {
|
||||
String val = new String(Base64.decode(credentials));
|
||||
log.debug("Username and password string is: " + val);
|
||||
int seperatorIndex = val.indexOf(":");
|
||||
if(seperatorIndex == -1) return new String[]{val};
|
||||
String user = val.substring(0, seperatorIndex);
|
||||
String pw = val.substring(seperatorIndex + 1);
|
||||
log.debug("Resolved username is: " + user + ", password is: " + pw);
|
||||
return new String[]{user,pw};
|
||||
} catch (final IOException e) {
|
||||
throw new RuntimeException("Failed to parse credentials.", e);
|
||||
|
|
Loading…
Reference in a new issue