libre.sh/keycloak-scim
3
0
Fork 0
Code Issues 15 Pull requests Releases Packages Activity Actions

KEYCLOAK-9095 Fix NPE in AuthenticatedActionsHandler

Browse source
This commit is contained in:
mhajas 2019-04-29 13:03:07 +02:00 committed by Hynek Mlnařík
parent 859bfc06ad
commit 429863e83b
1 changed files with 3 additions and 4 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

7
adapters/oidc/adapter-core/src/main/java/org/keycloak/adapters/AuthenticatedActionsHandler.java
View file

@ -118,15 +118,14 @@ public class AuthenticatedActionsHandler {
if (securityContext != null && origin != null && !origin.equals(requestOrigin)) {
AccessToken token = securityContext.getToken();
Set<String> allowedOrigins = token.getAllowedOrigins();
if (log.isDebugEnabled()) {
for (String a : allowedOrigins) log.debug(" " + a);
}
log.debugf("Allowed origins in token: %s", allowedOrigins);
if (allowedOrigins == null || (!allowedOrigins.contains("*") && !allowedOrigins.contains(origin))) {
if (allowedOrigins == null) {
log.debugv("allowedOrigins was null in token");
} else {
log.debugv("allowedOrigins did not contain origin");
}
facade.getResponse().sendError(403);
facade.getResponse().end();