KEYCLOAK-10003 Fix handling of request parameters for SMTP Connection Test
We now transfer the SMTP connection configuration via HTTP POST request body parameters instead of URL parameters. The improves handling of SMTP connection configuration values with special characters. As a side effect sensitive information like SMTP credentials are now longer exposed via URL parameters. Previously the SMTP connection test send the connection parameters as encoded URL parameters in combination with parameters in the request body. However the server side endpoint did only look at the URL parameters. Certain values, e.g. passwords with + or ; could lead to broken URL parameters.
This commit is contained in:
parent
f1ddd5016f
commit
303861f7e8
3 changed files with 12 additions and 9 deletions
|
@ -213,11 +213,11 @@ public interface RealmResource {
|
||||||
@FormParam("bindDn") String bindDn, @FormParam("bindCredential") String bindCredential,
|
@FormParam("bindDn") String bindDn, @FormParam("bindCredential") String bindCredential,
|
||||||
@FormParam("useTruststoreSpi") String useTruststoreSpi, @FormParam("connectionTimeout") String connectionTimeout);
|
@FormParam("useTruststoreSpi") String useTruststoreSpi, @FormParam("connectionTimeout") String connectionTimeout);
|
||||||
|
|
||||||
@Path("testSMTPConnection/{config}")
|
@Path("testSMTPConnection")
|
||||||
@POST
|
@POST
|
||||||
@NoCache
|
@NoCache
|
||||||
@Consumes(MediaType.APPLICATION_JSON)
|
@Consumes(MediaType.APPLICATION_JSON)
|
||||||
Response testSMTPConnection(final @PathParam("config") String config) throws Exception;
|
Response testSMTPConnection(@FormParam("config") String config);
|
||||||
|
|
||||||
@Path("clear-realm-cache")
|
@Path("clear-realm-cache")
|
||||||
@POST
|
@POST
|
||||||
|
|
|
@ -947,10 +947,10 @@ public class RealmAdminResource {
|
||||||
* @return
|
* @return
|
||||||
* @throws Exception
|
* @throws Exception
|
||||||
*/
|
*/
|
||||||
@Path("testSMTPConnection/{config}")
|
@Path("testSMTPConnection")
|
||||||
@POST
|
@POST
|
||||||
@NoCache
|
@NoCache
|
||||||
public Response testSMTPConnection(final @PathParam("config") String config) throws Exception {
|
public Response testSMTPConnection(final @FormParam("config") String config) throws Exception {
|
||||||
Map<String, String> settings = readValue(config, new TypeReference<Map<String, String>>() {
|
Map<String, String> settings = readValue(config, new TypeReference<Map<String, String>>() {
|
||||||
});
|
});
|
||||||
|
|
||||||
|
|
|
@ -440,13 +440,16 @@ module.factory('RealmLDAPConnectionTester', function($resource, $httpParamSerial
|
||||||
});
|
});
|
||||||
});
|
});
|
||||||
|
|
||||||
module.factory('RealmSMTPConnectionTester', function($resource) {
|
module.factory('RealmSMTPConnectionTester', function($resource, $httpParamSerializer) {
|
||||||
return $resource(authUrl + '/admin/realms/:realm/testSMTPConnection/:config', {
|
return $resource(authUrl + '/admin/realms/:realm/testSMTPConnection', {
|
||||||
realm : '@realm',
|
realm : '@realm'
|
||||||
config : '@config'
|
|
||||||
}, {
|
}, {
|
||||||
send: {
|
send: {
|
||||||
method: 'POST'
|
method: 'POST',
|
||||||
|
headers : { 'Content-Type': 'application/x-www-form-urlencoded; charset=UTF-8' },
|
||||||
|
transformRequest: function (data) {
|
||||||
|
return $httpParamSerializer(data)
|
||||||
|
}
|
||||||
}
|
}
|
||||||
});
|
});
|
||||||
});
|
});
|
||||||
|
|
Loading…
Reference in a new issue