diff --git a/model/infinispan/src/main/java/org/keycloak/models/sessions/infinispan/RootAuthenticationSessionAdapter.java b/model/infinispan/src/main/java/org/keycloak/models/sessions/infinispan/RootAuthenticationSessionAdapter.java index d571b29e44..9f314688ad 100644 --- a/model/infinispan/src/main/java/org/keycloak/models/sessions/infinispan/RootAuthenticationSessionAdapter.java +++ b/model/infinispan/src/main/java/org/keycloak/models/sessions/infinispan/RootAuthenticationSessionAdapter.java @@ -99,6 +99,7 @@ public class RootAuthenticationSessionAdapter implements RootAuthenticationSessi AuthenticationSessionModel authSession = getAuthenticationSessions().get(tabId); if (authSession != null && client.equals(authSession.getClient())) { + session.getContext().setAuthenticationSession(authSession); return authSession; } else { return null; @@ -118,7 +119,9 @@ public class RootAuthenticationSessionAdapter implements RootAuthenticationSessi update(); - return new AuthenticationSessionAdapter(session, this, tabId, authSessionEntity); + AuthenticationSessionAdapter authSession = new AuthenticationSessionAdapter(session, this, tabId, authSessionEntity); + session.getContext().setAuthenticationSession(authSession); + return authSession; } @Override diff --git a/server-spi/src/main/java/org/keycloak/models/KeycloakContext.java b/server-spi/src/main/java/org/keycloak/models/KeycloakContext.java index 44071490bd..86f6a4f68a 100755 --- a/server-spi/src/main/java/org/keycloak/models/KeycloakContext.java +++ b/server-spi/src/main/java/org/keycloak/models/KeycloakContext.java @@ -18,9 +18,9 @@ package org.keycloak.models; import org.keycloak.common.ClientConnection; +import org.keycloak.sessions.AuthenticationSessionModel; import javax.ws.rs.core.HttpHeaders; -import javax.ws.rs.core.UriInfo; import java.net.URI; import java.util.Locale; @@ -52,5 +52,13 @@ public interface KeycloakContext { void setConnection(ClientConnection connection); Locale resolveLocale(UserModel user); - + + /** + * Get current AuthenticationSessionModel, can be null out of the AuthenticationSession context. + * + * @return current AuthenticationSessionModel or null + */ + AuthenticationSessionModel getAuthenticationSession(); + + void setAuthenticationSession(AuthenticationSessionModel authenticationSession); } diff --git a/services/src/main/java/org/keycloak/events/log/JBossLoggingEventListenerProvider.java b/services/src/main/java/org/keycloak/events/log/JBossLoggingEventListenerProvider.java index 918f51a700..19bfde9101 100755 --- a/services/src/main/java/org/keycloak/events/log/JBossLoggingEventListenerProvider.java +++ b/services/src/main/java/org/keycloak/events/log/JBossLoggingEventListenerProvider.java @@ -23,6 +23,7 @@ import org.keycloak.events.EventListenerProvider; import org.keycloak.events.admin.AdminEvent; import org.keycloak.models.KeycloakContext; import org.keycloak.models.KeycloakSession; +import org.keycloak.sessions.AuthenticationSessionModel; import javax.ws.rs.core.Cookie; import javax.ws.rs.core.HttpHeaders; @@ -84,6 +85,14 @@ public class JBossLoggingEventListenerProvider implements EventListenerProvider } } + AuthenticationSessionModel authSession = session.getContext().getAuthenticationSession(); + if(authSession!=null) { + sb.append(", authSessionParentId="); + sb.append(authSession.getParentSession().getId()); + sb.append(", authSessionTabId="); + sb.append(authSession.getTabId()); + } + if(logger.isTraceEnabled()) { setKeycloakContext(sb); } diff --git a/services/src/main/java/org/keycloak/services/DefaultKeycloakContext.java b/services/src/main/java/org/keycloak/services/DefaultKeycloakContext.java index 47fb5c6f63..4600e63fcb 100755 --- a/services/src/main/java/org/keycloak/services/DefaultKeycloakContext.java +++ b/services/src/main/java/org/keycloak/services/DefaultKeycloakContext.java @@ -27,6 +27,7 @@ import org.keycloak.models.KeycloakUriInfo; import org.keycloak.models.RealmModel; import org.keycloak.models.UserModel; import org.keycloak.services.resources.KeycloakApplication; +import org.keycloak.sessions.AuthenticationSessionModel; import javax.ws.rs.core.HttpHeaders; import javax.ws.rs.core.UriInfo; @@ -47,6 +48,8 @@ public class DefaultKeycloakContext implements KeycloakContext { private KeycloakSession session; private KeycloakUriInfo uriInfo; + + private AuthenticationSessionModel authenticationSession; public DefaultKeycloakContext(KeycloakSession session) { this.session = session; @@ -119,4 +122,14 @@ public class DefaultKeycloakContext implements KeycloakContext { public Locale resolveLocale(UserModel user) { return session.getProvider(LocaleSelectorProvider.class).resolveLocale(realm, user); } + + @Override + public AuthenticationSessionModel getAuthenticationSession() { + return authenticationSession; + } + + @Override + public void setAuthenticationSession(AuthenticationSessionModel authenticationSession) { + this.authenticationSession = authenticationSession; + } } diff --git a/services/src/main/java/org/keycloak/services/managers/AuthenticationManager.java b/services/src/main/java/org/keycloak/services/managers/AuthenticationManager.java index d600778ecb..feadf5783b 100755 --- a/services/src/main/java/org/keycloak/services/managers/AuthenticationManager.java +++ b/services/src/main/java/org/keycloak/services/managers/AuthenticationManager.java @@ -299,12 +299,12 @@ public class AuthenticationManager { // See if we have logoutAuthSession inside current rootSession. Create new if not Optional found = rootLogoutSession.getAuthenticationSessions().values().stream().filter((AuthenticationSessionModel authSession) -> { - return client.equals(authSession.getClient()) && Objects.equals(AuthenticationSessionModel.Action.LOGGING_OUT.name(), authSession.getAction()); }).findFirst(); AuthenticationSessionModel logoutAuthSession = found.isPresent() ? found.get() : rootLogoutSession.createAuthenticationSession(client); + session.getContext().setAuthenticationSession(logoutAuthSession); logoutAuthSession.setAction(AuthenticationSessionModel.Action.LOGGING_OUT.name()); return logoutAuthSession;