From 3bd193acd70e7f5751eb925099e010c4bcf0a04d Mon Sep 17 00:00:00 2001
From: Pedro Igor <pigor.craveiro@gmail.com>
Date: Thu, 12 Dec 2019 18:53:55 -0300
Subject: [PATCH] [KEYCLOAK-12412] - Policy enforcer should consider charset
 when comparing the content-type of the request

---
 .../authorization/util/RequestPlaceHolderResolver.java |  2 ++
 .../ClaimInformationPointProviderTest.java             | 10 ++++++++++
 2 files changed, 12 insertions(+)

diff --git a/adapters/oidc/adapter-core/src/main/java/org/keycloak/adapters/authorization/util/RequestPlaceHolderResolver.java b/adapters/oidc/adapter-core/src/main/java/org/keycloak/adapters/authorization/util/RequestPlaceHolderResolver.java
index cdd362d032..607e28b188 100644
--- a/adapters/oidc/adapter-core/src/main/java/org/keycloak/adapters/authorization/util/RequestPlaceHolderResolver.java
+++ b/adapters/oidc/adapter-core/src/main/java/org/keycloak/adapters/authorization/util/RequestPlaceHolderResolver.java
@@ -102,6 +102,8 @@ public class RequestPlaceHolderResolver implements PlaceHolderResolver {
 
             if (contentType == null) {
                 contentType = "";
+            } else if (contentType.indexOf(';') != -1){
+                contentType = contentType.substring(0, contentType.indexOf(';')).trim();
             }
 
             InputStream body = request.getInputStream(true);
diff --git a/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/admin/client/authorization/ClaimInformationPointProviderTest.java b/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/admin/client/authorization/ClaimInformationPointProviderTest.java
index 50d2a03690..8efb6af340 100644
--- a/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/admin/client/authorization/ClaimInformationPointProviderTest.java
+++ b/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/admin/client/authorization/ClaimInformationPointProviderTest.java
@@ -248,6 +248,16 @@ public class ClaimInformationPointProviderTest extends AbstractKeycloakTest {
         assertEquals(2, claims.get("individualRoles").size());
         assertEquals("{\"roleSpec\":2342,\"roleId\":4234}", claims.get("individualRoles").get(0));
         assertEquals("{\"roleSpec\":4223,\"roleId\":523}", claims.get("individualRoles").get(1));
+
+        headers.put("Content-Type", Arrays.asList("application/json; charset=utf-8"));
+
+        httpFacade = createHttpFacade(headers, new ByteArrayInputStream(treeNode.toString().getBytes()));
+        claims = getClaimInformationProviderForPath("/claims-from-body-json-object", "claims").resolve(httpFacade);
+
+        assertEquals(1, claims.size());
+        assertEquals(2, claims.get("individualRoles").size());
+        assertEquals("{\"roleSpec\":2342,\"roleId\":4234}", claims.get("individualRoles").get(0));
+        assertEquals("{\"roleSpec\":4223,\"roleId\":523}", claims.get("individualRoles").get(1));
     }
 
     @Test