From 57b6ddbace135e4701f3d3e309282ed8459d58ff Mon Sep 17 00:00:00 2001
From: Stian Thorgersen <stianst@gmail.com>
Date: Fri, 4 Mar 2016 14:22:48 +0100
Subject: [PATCH] KEYCLOAK-2592 Set secure on OAuth_Token_Request_State cookie

---
 core/src/main/java/org/keycloak/AbstractOAuthClient.java  | 8 ++++++++
 .../services/resources/AbstractSecuredLocalService.java   | 2 ++
 2 files changed, 10 insertions(+)
 mode change 100755 => 100644 core/src/main/java/org/keycloak/AbstractOAuthClient.java

diff --git a/core/src/main/java/org/keycloak/AbstractOAuthClient.java b/core/src/main/java/org/keycloak/AbstractOAuthClient.java
old mode 100755
new mode 100644
index bf75b5700f..5eeb399d08
--- a/core/src/main/java/org/keycloak/AbstractOAuthClient.java
+++ b/core/src/main/java/org/keycloak/AbstractOAuthClient.java
@@ -110,6 +110,14 @@ public class AbstractOAuthClient {
         this.publicClient = publicClient;
     }
 
+    public boolean isSecure() {
+        return isSecure;
+    }
+
+    public void setSecure(boolean secure) {
+        isSecure = secure;
+    }
+
     public RelativeUrlsUsed getRelativeUrlsUsed() {
         return relativeUrlsUsed;
     }
diff --git a/services/src/main/java/org/keycloak/services/resources/AbstractSecuredLocalService.java b/services/src/main/java/org/keycloak/services/resources/AbstractSecuredLocalService.java
index 87bba2e3bb..547424cfc4 100755
--- a/services/src/main/java/org/keycloak/services/resources/AbstractSecuredLocalService.java
+++ b/services/src/main/java/org/keycloak/services/resources/AbstractSecuredLocalService.java
@@ -177,6 +177,8 @@ public abstract class AbstractSecuredLocalService {
 
         oauth.setClientId(client.getClientId());
 
+        oauth.setSecure(realm.getSslRequired().isRequired(clientConnection));
+
         UriBuilder uriBuilder = UriBuilder.fromUri(getBaseRedirectUri()).path("login-redirect");
 
         if (path != null) {