From 528e3127e69def031fa6499eacb09443c88a0291 Mon Sep 17 00:00:00 2001
From: Stian Thorgersen <stianst@gmail.com>
Date: Mon, 8 Feb 2016 20:25:46 +0100
Subject: [PATCH] KEYCLOAK-2434 BasicAuthRequestAuthenticator ignores
 HttpClientBuilder configuration

---
 .../BasicAuthRequestAuthenticator.java        | 60 +++++++++----------
 .../adapters/KeycloakDeploymentBuilder.java   |  2 +-
 2 files changed, 29 insertions(+), 33 deletions(-)

diff --git a/adapters/oidc/adapter-core/src/main/java/org/keycloak/adapters/BasicAuthRequestAuthenticator.java b/adapters/oidc/adapter-core/src/main/java/org/keycloak/adapters/BasicAuthRequestAuthenticator.java
index 1d32f6e8b7..81d4688f63 100755
--- a/adapters/oidc/adapter-core/src/main/java/org/keycloak/adapters/BasicAuthRequestAuthenticator.java
+++ b/adapters/oidc/adapter-core/src/main/java/org/keycloak/adapters/BasicAuthRequestAuthenticator.java
@@ -85,42 +85,38 @@ public class BasicAuthRequestAuthenticator extends BearerTokenRequestAuthenticat
     
     private AccessTokenResponse getToken(String username, String password) throws Exception {
     	AccessTokenResponse tokenResponse=null;
-    	HttpClient client = new HttpClientBuilder().disableTrustManager().build();
+    	HttpClient client = deployment.getClient();
 
-    	try {
-    	    HttpPost post = new HttpPost(
-    	            KeycloakUriBuilder.fromUri(deployment.getAuthServerBaseUrl())
-    	            .path(ServiceUrlConstants.TOKEN_PATH).build(deployment.getRealm()));
-    	    java.util.List <NameValuePair> formparams = new java.util.ArrayList <NameValuePair>();
-    	    formparams.add(new BasicNameValuePair(OAuth2Constants.GRANT_TYPE, OAuth2Constants.PASSWORD));
-    	    formparams.add(new BasicNameValuePair("username", username));
-    	    formparams.add(new BasicNameValuePair("password", password));
+        HttpPost post = new HttpPost(
+                KeycloakUriBuilder.fromUri(deployment.getAuthServerBaseUrl())
+                .path(ServiceUrlConstants.TOKEN_PATH).build(deployment.getRealm()));
+        java.util.List <NameValuePair> formparams = new java.util.ArrayList <NameValuePair>();
+        formparams.add(new BasicNameValuePair(OAuth2Constants.GRANT_TYPE, OAuth2Constants.PASSWORD));
+        formparams.add(new BasicNameValuePair("username", username));
+        formparams.add(new BasicNameValuePair("password", password));
 
-			ClientCredentialsProviderUtils.setClientCredentials(deployment, post, formparams);
+        ClientCredentialsProviderUtils.setClientCredentials(deployment, post, formparams);
 
-    	    UrlEncodedFormEntity form = new UrlEncodedFormEntity(formparams, "UTF-8");
-    	    post.setEntity(form);
+        UrlEncodedFormEntity form = new UrlEncodedFormEntity(formparams, "UTF-8");
+        post.setEntity(form);
 
-    	    HttpResponse response = client.execute(post);
-    	    int status = response.getStatusLine().getStatusCode();
-    	    HttpEntity entity = response.getEntity();
-    	    if (status != 200) {
-    	        throw new java.io.IOException("Bad status: " + status);
-    	    }
-    	    if (entity == null) {
-    	        throw new java.io.IOException("No Entity");
-    	    }
-    	    java.io.InputStream is = entity.getContent();
-    	    try {
-    	        tokenResponse = JsonSerialization.readValue(is, AccessTokenResponse.class);
-    	    } finally {
-    	        try {
-    	            is.close();
-    	        } catch (java.io.IOException ignored) { }
-    	    }
-    	} finally {
-    	    client.getConnectionManager().shutdown();
-    	}
+        HttpResponse response = client.execute(post);
+        int status = response.getStatusLine().getStatusCode();
+        HttpEntity entity = response.getEntity();
+        if (status != 200) {
+            throw new java.io.IOException("Bad status: " + status);
+        }
+        if (entity == null) {
+            throw new java.io.IOException("No Entity");
+        }
+        java.io.InputStream is = entity.getContent();
+        try {
+            tokenResponse = JsonSerialization.readValue(is, AccessTokenResponse.class);
+        } finally {
+            try {
+                is.close();
+            } catch (java.io.IOException ignored) { }
+        }
     	
     	return (tokenResponse);
     }
diff --git a/adapters/oidc/adapter-core/src/main/java/org/keycloak/adapters/KeycloakDeploymentBuilder.java b/adapters/oidc/adapter-core/src/main/java/org/keycloak/adapters/KeycloakDeploymentBuilder.java
index 1ff38c7f0f..ab77491157 100755
--- a/adapters/oidc/adapter-core/src/main/java/org/keycloak/adapters/KeycloakDeploymentBuilder.java
+++ b/adapters/oidc/adapter-core/src/main/java/org/keycloak/adapters/KeycloakDeploymentBuilder.java
@@ -98,7 +98,7 @@ public class KeycloakDeploymentBuilder {
         if (realmKeyPem == null && adapterConfig.isBearerOnly() && adapterConfig.getAuthServerUrl() == null) {
             throw new IllegalArgumentException("For bearer auth, you must set the realm-public-key or auth-server-url");
         }
-        if (realmKeyPem == null || !deployment.isBearerOnly() || deployment.isRegisterNodeAtStartup() || deployment.getRegisterNodePeriod() != -1) {
+        if (realmKeyPem == null || !deployment.isBearerOnly() || deployment.isEnableBasicAuth() || deployment.isRegisterNodeAtStartup() || deployment.getRegisterNodePeriod() != -1) {
             deployment.setClient(new HttpClientBuilder().build(adapterConfig));
         }
         if (adapterConfig.getAuthServerUrl() == null && (!deployment.isBearerOnly() || realmKeyPem == null)) {