libre.sh/keycloak-scim
2
0
Fork 0
Code Issues 14 Pull requests Releases Packages Activity Actions 6

KEYCLOAK-2592 Set secure on OAuth_Token_Request_State cookie

Browse source
This commit is contained in:
Stian Thorgersen 2016-03-04 14:22:48 +01:00 committed by Bill Burke
parent 0519f0fed5
commit 4e0e4df630
2 changed files with 10 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

8
core/src/main/java/org/keycloak/AbstractOAuthClient.java Executable file → Normal file
View file

@ -110,6 +110,14 @@ public class AbstractOAuthClient {
this.publicClient = publicClient; this.publicClient = publicClient;
} }
public boolean isSecure() {
return isSecure;
}
public void setSecure(boolean secure) {
isSecure = secure;
}
public RelativeUrlsUsed getRelativeUrlsUsed() { public RelativeUrlsUsed getRelativeUrlsUsed() {
return relativeUrlsUsed; return relativeUrlsUsed;
} }

2
services/src/main/java/org/keycloak/services/resources/AbstractSecuredLocalService.java
View file

@ -177,6 +177,8 @@ public abstract class AbstractSecuredLocalService {
oauth.setClientId(client.getClientId()); oauth.setClientId(client.getClientId());
oauth.setSecure(realm.getSslRequired().isRequired(clientConnection));
UriBuilder uriBuilder = UriBuilder.fromUri(getBaseRedirectUri()).path("login-redirect"); UriBuilder uriBuilder = UriBuilder.fromUri(getBaseRedirectUri()).path("login-redirect");
if (path != null) { if (path != null) {