[KEYCLOAK-12612][KEYCLOAK-12944] Fix validation of SAML destination URLs
- no longer compare them to the server absolutePath; instead use the base URI to build the validation URL
This commit is contained in:
parent
f45f882f0c
commit
3fa8a5aa88
1 changed files with 4 additions and 0 deletions
|
@ -70,6 +70,10 @@ public class AccountLoader {
|
|||
throw new NotAuthorizedException("Bearer token required");
|
||||
}
|
||||
|
||||
if (authResult.getUser().getServiceAccountClientLink() != null) {
|
||||
throw new NotAuthorizedException("Service accounts are not allowed to access this service");
|
||||
}
|
||||
|
||||
Auth auth = new Auth(session.getContext().getRealm(), authResult.getToken(), authResult.getUser(), client, authResult.getSession(), false);
|
||||
AccountRestService accountRestService = new AccountRestService(session, auth, client, event);
|
||||
ResteasyProviderFactory.getInstance().injectProperties(accountRestService);
|
||||
|
|
Loading…
Reference in a new issue