Merge pull request #3468 from sebastienblanc/KEYCLOAK-3514
KEYCLOAK-3514 : fix servlet logout on bearer-only client
This commit is contained in:
commit
5b54375490
4 changed files with 35 additions and 5 deletions
|
@ -92,7 +92,7 @@ public abstract class AbstractUndertowKeycloakAuthMech implements Authentication
|
|||
UndertowHttpFacade facade = createFacade(exchange);
|
||||
KeycloakDeployment deployment = deploymentContext.resolveDeployment(facade);
|
||||
KeycloakSecurityContext ksc = exchange.getAttachment(OIDCUndertowHttpFacade.KEYCLOAK_SECURITY_CONTEXT_KEY);
|
||||
if (ksc != null && ksc instanceof RefreshableKeycloakSecurityContext) {
|
||||
if (!deployment.isBearerOnly() && ksc != null && ksc instanceof RefreshableKeycloakSecurityContext) {
|
||||
((RefreshableKeycloakSecurityContext) ksc).logout(deployment);
|
||||
}
|
||||
AdapterTokenStore tokenStore = getTokenStore(exchange, facade, deployment, securityContext);
|
||||
|
|
|
@ -40,7 +40,13 @@ public class CustomerDatabaseServlet extends HttpServlet {
|
|||
pw.println("Bill Burke");
|
||||
pw.print("</body></html>");
|
||||
pw.flush();
|
||||
}
|
||||
|
||||
|
||||
@Override
|
||||
protected void doDelete(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException {
|
||||
req.logout();
|
||||
PrintWriter pw = resp.getWriter();
|
||||
pw.println("servlet logout from database ok");
|
||||
pw.flush();
|
||||
}
|
||||
}
|
||||
|
|
|
@ -43,16 +43,38 @@ public class CustomerServlet extends HttpServlet {
|
|||
@Override
|
||||
protected void doGet(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException {
|
||||
PrintWriter pw = resp.getWriter();
|
||||
KeycloakSecurityContext context = (KeycloakSecurityContext) req.getAttribute(KeycloakSecurityContext.class.getName());
|
||||
if (req.getRequestURI().endsWith("logout")) {
|
||||
resp.setStatus(200);
|
||||
pw.println("servlet logout ok");
|
||||
|
||||
//Clear principal form database-service by calling logout
|
||||
StringBuilder result = new StringBuilder();
|
||||
String urlBase;
|
||||
|
||||
if (System.getProperty("app.server.ssl.required", "false").equals("true")) {
|
||||
urlBase = System.getProperty("app.server.ssl.base.url", "https://localhost:8643");
|
||||
} else {
|
||||
urlBase = System.getProperty("app.server.base.url", "http://localhost:8280");
|
||||
}
|
||||
|
||||
URL url = new URL(urlBase + "/customer-db/");
|
||||
HttpURLConnection conn = (HttpURLConnection) url.openConnection();
|
||||
conn.setRequestMethod("DELETE");
|
||||
conn.setRequestProperty(HttpHeaders.AUTHORIZATION, "Bearer " + context.getTokenString());
|
||||
BufferedReader rd = new BufferedReader(new InputStreamReader(conn.getInputStream()));
|
||||
String line;
|
||||
while ((line = rd.readLine()) != null) {
|
||||
result.append(line);
|
||||
}
|
||||
rd.close();
|
||||
pw.println(result.toString());
|
||||
// Call logout before pw.flush
|
||||
req.logout();
|
||||
pw.flush();
|
||||
return;
|
||||
}
|
||||
KeycloakSecurityContext context = (KeycloakSecurityContext) req.getAttribute(KeycloakSecurityContext.class.getName());
|
||||
|
||||
|
||||
//try {
|
||||
StringBuilder result = new StringBuilder();
|
||||
|
|
|
@ -387,7 +387,9 @@ public abstract class AbstractDemoServletsAdapterTest extends AbstractServletsAd
|
|||
// test logout
|
||||
|
||||
driver.navigate().to(customerPortal + "/logout");
|
||||
assertTrue(driver.getPageSource().contains("servlet logout ok"));
|
||||
pageSource = driver.getPageSource();
|
||||
assertTrue(pageSource.contains("servlet logout ok"));
|
||||
assertTrue(pageSource.contains("servlet logout from database ok"));
|
||||
|
||||
customerPortal.navigateTo();
|
||||
assertCurrentUrlStartsWithLoginUrlOf(testRealmPage);
|
||||
|
|
Loading…
Reference in a new issue