libre.sh/keycloak-scim
4
0
Fork 0
Code Issues 15 Pull requests Releases 1 Activity Actions

Merge pull request #1410 from dbarentine/master

Browse source 
Spec compliance, bug fixes
This commit is contained in:
Bill Burke 2015-07-01 15:27:47 -04:00
commit 212f5b4082
6 changed files with 17 additions and 3 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

3
broker/saml/src/main/java/org/keycloak/broker/saml/SAMLEndpoint.java
View file

@ -286,7 +286,8 @@ public class SAMLEndpoint {
identity.setUsername(subjectNameID.getValue()); identity.setUsername(subjectNameID.getValue());
if (subjectNameID.getFormat().toString().equals(JBossSAMLURIConstants.NAMEID_FORMAT_EMAIL.get())) { //SAML Spec 2.2.2 Format is optional
if (subjectNameID.getFormat() != null && subjectNameID.getFormat().toString().equals(JBossSAMLURIConstants.NAMEID_FORMAT_EMAIL.get())) {
identity.setEmail(subjectNameID.getValue()); identity.setEmail(subjectNameID.getValue());
} }

1
distribution/feature-packs/server-feature-pack/src/main/resources/modules/system/layers/base/org/keycloak/keycloak-services/main/module.xml
View file

@ -49,6 +49,7 @@
<module name="org.keycloak.keycloak-model-sessions-jpa" services="import"/> <module name="org.keycloak.keycloak-model-sessions-jpa" services="import"/>
<module name="org.keycloak.keycloak-model-sessions-mem" services="import"/> <module name="org.keycloak.keycloak-model-sessions-mem" services="import"/>
<module name="org.keycloak.keycloak-model-sessions-mongo" services="import"/> <module name="org.keycloak.keycloak-model-sessions-mongo" services="import"/>
<module name="org.keycloak.keycloak-saml-core" services="import"/>
<module name="org.keycloak.keycloak-saml-protocol" services="import"/> <module name="org.keycloak.keycloak-saml-protocol" services="import"/>
<module name="org.keycloak.keycloak-services" export="true" services="import"/> <module name="org.keycloak.keycloak-services" export="true" services="import"/>
<module name="org.keycloak.keycloak-social-core" services="import"/> <module name="org.keycloak.keycloak-social-core" services="import"/>

1
distribution/server-overlay/eap6/eap6-server-modules/src/main/resources/modules/org/keycloak/keycloak-services/main/module.xml
View file

@ -50,6 +50,7 @@
<module name="org.keycloak.keycloak-model-sessions-mem" services="import"/> <module name="org.keycloak.keycloak-model-sessions-mem" services="import"/>
<module name="org.keycloak.keycloak-model-sessions-mongo" services="import"/> <module name="org.keycloak.keycloak-model-sessions-mongo" services="import"/>
<module name="org.keycloak.keycloak-saml-core" services="import"/>
<module name="org.keycloak.keycloak-saml-protocol" services="import"/> <module name="org.keycloak.keycloak-saml-protocol" services="import"/>
<module name="org.keycloak.keycloak-services" export="true" services="import"/> <module name="org.keycloak.keycloak-services" export="true" services="import"/>
<module name="org.keycloak.keycloak-social-core" services="import"/> <module name="org.keycloak.keycloak-social-core" services="import"/>

4
saml/saml-core/src/main/java/org/keycloak/saml/common/constants/WSTrustConstants.java
View file

@ -224,6 +224,8 @@ public interface WSTrustConstants {
String REFERENCE = "Reference"; String REFERENCE = "Reference";
String PREFIX = "wsse";
String PREFIX_11 = "wsse11"; String PREFIX_11 = "wsse11";
// http://www.ws-i.org/Profiles/KerberosTokenProfile-1.0.html#Kerberos_Security_Token_URI // http://www.ws-i.org/Profiles/KerberosTokenProfile-1.0.html#Kerberos_Security_Token_URI
@ -238,5 +240,7 @@ public interface WSTrustConstants {
String URI = "URI"; String URI = "URI";
String VALUE_TYPE = "ValueType"; String VALUE_TYPE = "ValueType";
String ENCODING_TYPE = "EncodingType";
} }
} }

7
saml/saml-protocol/src/main/java/org/keycloak/protocol/saml/SamlProtocol.java
View file

@ -391,10 +391,15 @@ public class SamlProtocol implements LoginProtocol {
UserSessionModel userSession, ClientSessionModel clientSession) { UserSessionModel userSession, ClientSessionModel clientSession) {
AssertionType assertion = response.getAssertions().get(0).getAssertion(); AssertionType assertion = response.getAssertions().get(0).getAssertion();
AttributeStatementType attributeStatement = new AttributeStatementType(); AttributeStatementType attributeStatement = new AttributeStatementType();
assertion.addStatement(attributeStatement);
for (ProtocolMapperProcessor<SAMLAttributeStatementMapper> processor : attributeStatementMappers) { for (ProtocolMapperProcessor<SAMLAttributeStatementMapper> processor : attributeStatementMappers) {
processor.mapper.transformAttributeStatement(attributeStatement, processor.model, session, userSession, clientSession); processor.mapper.transformAttributeStatement(attributeStatement, processor.model, session, userSession, clientSession);
} }
//SAML Spec 2.7.3 AttributeStatement must contain one or more Attribute or EncryptedAttribute
if(attributeStatement.getAttributes().size() > 0) {
assertion.addStatement(attributeStatement);
}
} }
public ResponseType transformLoginResponse(List<ProtocolMapperProcessor<SAMLLoginResponseMapper>> mappers, public ResponseType transformLoginResponse(List<ProtocolMapperProcessor<SAMLLoginResponseMapper>> mappers,

4
services/src/main/java/org/keycloak/protocol/oidc/mappers/OIDCAttributeMapperHelper.java
View file

@ -87,11 +87,13 @@ public class OIDCAttributeMapperHelper {
jsonObject.put(split[i], attributeValue); jsonObject.put(split[i], attributeValue);
} else { } else {
Map<String, Object> nested = (Map<String, Object>)jsonObject.get(split[i]); Map<String, Object> nested = (Map<String, Object>)jsonObject.get(split[i]);
if (nested == null) { if (nested == null) {
nested = new HashMap<String, Object>(); nested = new HashMap<String, Object>();
jsonObject.put(split[i], nested); jsonObject.put(split[i], nested);
jsonObject = nested;
} }
jsonObject = nested;
} }
} }
} }