change code query params to session_code
This commit is contained in:
parent
04c2ad9430
commit
5ea4ef9e55
7 changed files with 27 additions and 24 deletions
|
@ -489,7 +489,7 @@ public class AuthenticationProcessor {
|
|||
public URI getActionUrl(String code) {
|
||||
return LoginActionsService.loginActionsBaseUrl(getUriInfo())
|
||||
.path(AuthenticationProcessor.this.flowPath)
|
||||
.queryParam(OAuth2Constants.CODE, code)
|
||||
.queryParam(LoginActionsService.SESSION_CODE, code)
|
||||
.queryParam(Constants.EXECUTION, getExecution().getId())
|
||||
.queryParam(Constants.CLIENT_ID, getAuthenticationSession().getClient().getClientId())
|
||||
.queryParam(Constants.TAB_ID, getAuthenticationSession().getTabId())
|
||||
|
|
|
@ -266,7 +266,7 @@ public class FormAuthenticationFlow implements AuthenticationFlow {
|
|||
public URI getActionUrl(String executionId, String code) {
|
||||
ClientModel client = processor.getAuthenticationSession().getClient();
|
||||
return LoginActionsService.registrationFormProcessor(processor.getUriInfo())
|
||||
.queryParam(OAuth2Constants.CODE, code)
|
||||
.queryParam(LoginActionsService.SESSION_CODE, code)
|
||||
.queryParam(Constants.EXECUTION, executionId)
|
||||
.queryParam(Constants.CLIENT_ID, client.getClientId())
|
||||
.queryParam(Constants.TAB_ID, processor.getAuthenticationSession().getTabId())
|
||||
|
|
|
@ -136,7 +136,7 @@ public class RequiredActionContextResult implements RequiredActionContext {
|
|||
public URI getActionUrl(String code) {
|
||||
ClientModel client = authenticationSession.getClient();
|
||||
return LoginActionsService.requiredActionProcessor(getUriInfo())
|
||||
.queryParam(OAuth2Constants.CODE, code)
|
||||
.queryParam(LoginActionsService.SESSION_CODE, code)
|
||||
.queryParam(Constants.EXECUTION, getExecution())
|
||||
.queryParam(Constants.CLIENT_ID, client.getClientId())
|
||||
.queryParam(Constants.TAB_ID, authenticationSession.getTabId())
|
||||
|
|
|
@ -39,6 +39,7 @@ import org.keycloak.models.*;
|
|||
import org.keycloak.models.utils.FormMessage;
|
||||
import org.keycloak.services.Urls;
|
||||
import org.keycloak.services.messages.Messages;
|
||||
import org.keycloak.services.resources.LoginActionsService;
|
||||
import org.keycloak.sessions.AuthenticationSessionModel;
|
||||
import org.keycloak.theme.BrowserSecurityHeaderSetup;
|
||||
import org.keycloak.theme.FreeMarkerException;
|
||||
|
@ -329,7 +330,7 @@ public class FreeMarkerLoginFormsProvider implements LoginFormsProvider {
|
|||
protected void createCommonAttributes(Theme theme, Locale locale, Properties messagesBundle, UriBuilder baseUriBuilder, LoginFormsPages page) {
|
||||
URI baseUri = baseUriBuilder.build();
|
||||
if (accessCode != null) {
|
||||
baseUriBuilder.queryParam(OAuth2Constants.CODE, accessCode);
|
||||
baseUriBuilder.queryParam(LoginActionsService.SESSION_CODE, accessCode);
|
||||
}
|
||||
URI baseUriWithCodeAndClientId = baseUriBuilder.build();
|
||||
|
||||
|
|
|
@ -79,7 +79,7 @@ public class Urls {
|
|||
.path(IdentityBrokerService.class, "performLogin");
|
||||
|
||||
if (accessCode != null) {
|
||||
uriBuilder.replaceQueryParam(OAuth2Constants.CODE, accessCode);
|
||||
uriBuilder.replaceQueryParam(LoginActionsService.SESSION_CODE, accessCode);
|
||||
}
|
||||
if (clientId != null) {
|
||||
uriBuilder.replaceQueryParam(Constants.CLIENT_ID, clientId);
|
||||
|
@ -112,7 +112,7 @@ public class Urls {
|
|||
public static URI identityProviderAfterFirstBrokerLogin(URI baseUri, String realmName, String accessCode, String clientId, String tabId) {
|
||||
return realmBase(baseUri).path(RealmsResource.class, "getBrokerService")
|
||||
.path(IdentityBrokerService.class, "afterFirstBrokerLogin")
|
||||
.replaceQueryParam(OAuth2Constants.CODE, accessCode)
|
||||
.replaceQueryParam(LoginActionsService.SESSION_CODE, accessCode)
|
||||
.replaceQueryParam(Constants.CLIENT_ID, clientId)
|
||||
.replaceQueryParam(Constants.TAB_ID, tabId)
|
||||
.build(realmName);
|
||||
|
@ -121,7 +121,7 @@ public class Urls {
|
|||
public static URI identityProviderAfterPostBrokerLogin(URI baseUri, String realmName, String accessCode, String clientId, String tabId) {
|
||||
return realmBase(baseUri).path(RealmsResource.class, "getBrokerService")
|
||||
.path(IdentityBrokerService.class, "afterPostBrokerLoginFlow")
|
||||
.replaceQueryParam(OAuth2Constants.CODE, accessCode)
|
||||
.replaceQueryParam(LoginActionsService.SESSION_CODE, accessCode)
|
||||
.replaceQueryParam(Constants.CLIENT_ID, clientId)
|
||||
.replaceQueryParam(Constants.TAB_ID, tabId)
|
||||
.build(realmName);
|
||||
|
|
|
@ -341,7 +341,7 @@ public class IdentityBrokerService implements IdentityProvider.AuthenticationCal
|
|||
@POST
|
||||
@Path("/{provider_id}/login")
|
||||
public Response performPostLogin(@PathParam("provider_id") String providerId,
|
||||
@QueryParam("code") String code,
|
||||
@QueryParam(LoginActionsService.SESSION_CODE) String code,
|
||||
@QueryParam("client_id") String clientId,
|
||||
@QueryParam(Constants.TAB_ID) String tabId) {
|
||||
return performLogin(providerId, code, clientId, tabId);
|
||||
|
@ -351,7 +351,7 @@ public class IdentityBrokerService implements IdentityProvider.AuthenticationCal
|
|||
@NoCache
|
||||
@Path("/{provider_id}/login")
|
||||
public Response performLogin(@PathParam("provider_id") String providerId,
|
||||
@QueryParam("code") String code,
|
||||
@QueryParam(LoginActionsService.SESSION_CODE) String code,
|
||||
@QueryParam("client_id") String clientId,
|
||||
@QueryParam(Constants.TAB_ID) String tabId) {
|
||||
this.event.detail(Details.IDENTITY_PROVIDER, providerId);
|
||||
|
@ -594,7 +594,7 @@ public class IdentityBrokerService implements IdentityProvider.AuthenticationCal
|
|||
@GET
|
||||
@NoCache
|
||||
@Path("/after-first-broker-login")
|
||||
public Response afterFirstBrokerLogin(@QueryParam("code") String code,
|
||||
public Response afterFirstBrokerLogin(@QueryParam(LoginActionsService.SESSION_CODE) String code,
|
||||
@QueryParam("client_id") String clientId,
|
||||
@QueryParam(Constants.TAB_ID) String tabId) {
|
||||
ParsedCodeContext parsedCode = parseSessionCode(code, clientId, tabId);
|
||||
|
@ -725,7 +725,7 @@ public class IdentityBrokerService implements IdentityProvider.AuthenticationCal
|
|||
@GET
|
||||
@NoCache
|
||||
@Path("/after-post-broker-login")
|
||||
public Response afterPostBrokerLoginFlow(@QueryParam("code") String code,
|
||||
public Response afterPostBrokerLoginFlow(@QueryParam(LoginActionsService.SESSION_CODE) String code,
|
||||
@QueryParam("client_id") String clientId,
|
||||
@QueryParam(Constants.TAB_ID) String tabId) {
|
||||
ParsedCodeContext parsedCode = parseSessionCode(code, clientId, tabId);
|
||||
|
|
|
@ -115,6 +115,8 @@ public class LoginActionsService {
|
|||
|
||||
public static final String FORWARDED_ERROR_MESSAGE_NOTE = "forwardedErrorMessage";
|
||||
|
||||
public static final String SESSION_CODE = "session_code";
|
||||
|
||||
private RealmModel realm;
|
||||
|
||||
@Context
|
||||
|
@ -235,7 +237,7 @@ public class LoginActionsService {
|
|||
*/
|
||||
@Path(AUTHENTICATE_PATH)
|
||||
@GET
|
||||
public Response authenticate(@QueryParam("code") String code,
|
||||
public Response authenticate(@QueryParam(SESSION_CODE) String code,
|
||||
@QueryParam("execution") String execution,
|
||||
@QueryParam("client_id") String clientId,
|
||||
@QueryParam(Constants.TAB_ID) String tabId) {
|
||||
|
@ -305,7 +307,7 @@ public class LoginActionsService {
|
|||
*/
|
||||
@Path(AUTHENTICATE_PATH)
|
||||
@POST
|
||||
public Response authenticateForm(@QueryParam("code") String code,
|
||||
public Response authenticateForm(@QueryParam(SESSION_CODE) String code,
|
||||
@QueryParam("execution") String execution,
|
||||
@QueryParam("client_id") String clientId,
|
||||
@QueryParam(Constants.TAB_ID) String tabId) {
|
||||
|
@ -314,7 +316,7 @@ public class LoginActionsService {
|
|||
|
||||
@Path(RESET_CREDENTIALS_PATH)
|
||||
@POST
|
||||
public Response resetCredentialsPOST(@QueryParam("code") String code,
|
||||
public Response resetCredentialsPOST(@QueryParam(SESSION_CODE) String code,
|
||||
@QueryParam("execution") String execution,
|
||||
@QueryParam("client_id") String clientId,
|
||||
@QueryParam(Constants.TAB_ID) String tabId,
|
||||
|
@ -338,7 +340,7 @@ public class LoginActionsService {
|
|||
*/
|
||||
@Path(RESET_CREDENTIALS_PATH)
|
||||
@GET
|
||||
public Response resetCredentialsGET(@QueryParam("code") String code,
|
||||
public Response resetCredentialsGET(@QueryParam(SESSION_CODE) String code,
|
||||
@QueryParam("execution") String execution,
|
||||
@QueryParam("client_id") String clientId,
|
||||
@QueryParam(Constants.TAB_ID) String tabId) {
|
||||
|
@ -617,7 +619,7 @@ public class LoginActionsService {
|
|||
*/
|
||||
@Path(REGISTRATION_PATH)
|
||||
@GET
|
||||
public Response registerPage(@QueryParam("code") String code,
|
||||
public Response registerPage(@QueryParam(SESSION_CODE) String code,
|
||||
@QueryParam("execution") String execution,
|
||||
@QueryParam("client_id") String clientId,
|
||||
@QueryParam(Constants.TAB_ID) String tabId) {
|
||||
|
@ -633,7 +635,7 @@ public class LoginActionsService {
|
|||
*/
|
||||
@Path(REGISTRATION_PATH)
|
||||
@POST
|
||||
public Response processRegister(@QueryParam("code") String code,
|
||||
public Response processRegister(@QueryParam(SESSION_CODE) String code,
|
||||
@QueryParam("execution") String execution,
|
||||
@QueryParam("client_id") String clientId,
|
||||
@QueryParam(Constants.TAB_ID) String tabId) {
|
||||
|
@ -663,7 +665,7 @@ public class LoginActionsService {
|
|||
|
||||
@Path(FIRST_BROKER_LOGIN_PATH)
|
||||
@GET
|
||||
public Response firstBrokerLoginGet(@QueryParam("code") String code,
|
||||
public Response firstBrokerLoginGet(@QueryParam(SESSION_CODE) String code,
|
||||
@QueryParam("execution") String execution,
|
||||
@QueryParam("client_id") String clientId,
|
||||
@QueryParam(Constants.TAB_ID) String tabId) {
|
||||
|
@ -672,7 +674,7 @@ public class LoginActionsService {
|
|||
|
||||
@Path(FIRST_BROKER_LOGIN_PATH)
|
||||
@POST
|
||||
public Response firstBrokerLoginPost(@QueryParam("code") String code,
|
||||
public Response firstBrokerLoginPost(@QueryParam(SESSION_CODE) String code,
|
||||
@QueryParam("execution") String execution,
|
||||
@QueryParam("client_id") String clientId,
|
||||
@QueryParam(Constants.TAB_ID) String tabId) {
|
||||
|
@ -681,7 +683,7 @@ public class LoginActionsService {
|
|||
|
||||
@Path(POST_BROKER_LOGIN_PATH)
|
||||
@GET
|
||||
public Response postBrokerLoginGet(@QueryParam("code") String code,
|
||||
public Response postBrokerLoginGet(@QueryParam(SESSION_CODE) String code,
|
||||
@QueryParam("execution") String execution,
|
||||
@QueryParam("client_id") String clientId,
|
||||
@QueryParam(Constants.TAB_ID) String tabId) {
|
||||
|
@ -690,7 +692,7 @@ public class LoginActionsService {
|
|||
|
||||
@Path(POST_BROKER_LOGIN_PATH)
|
||||
@POST
|
||||
public Response postBrokerLoginPost(@QueryParam("code") String code,
|
||||
public Response postBrokerLoginPost(@QueryParam(SESSION_CODE) String code,
|
||||
@QueryParam("execution") String execution,
|
||||
@QueryParam("client_id") String clientId,
|
||||
@QueryParam(Constants.TAB_ID) String tabId) {
|
||||
|
@ -783,7 +785,7 @@ public class LoginActionsService {
|
|||
@Consumes(MediaType.APPLICATION_FORM_URLENCODED)
|
||||
public Response processConsent(final MultivaluedMap<String, String> formData) {
|
||||
event.event(EventType.LOGIN);
|
||||
String code = formData.getFirst("code");
|
||||
String code = formData.getFirst(SESSION_CODE);
|
||||
String clientId = uriInfo.getQueryParameters().getFirst(Constants.CLIENT_ID);
|
||||
String tabId = uriInfo.getQueryParameters().getFirst(Constants.TAB_ID);
|
||||
SessionCodeChecks checks = checksForCode(code, null, clientId, tabId, REQUIRED_ACTION);
|
||||
|
@ -874,7 +876,7 @@ public class LoginActionsService {
|
|||
|
||||
@Path(REQUIRED_ACTION)
|
||||
@POST
|
||||
public Response requiredActionPOST(@QueryParam("code") final String code,
|
||||
public Response requiredActionPOST(@QueryParam(SESSION_CODE) final String code,
|
||||
@QueryParam("execution") String action,
|
||||
@QueryParam("client_id") String clientId,
|
||||
@QueryParam(Constants.TAB_ID) String tabId) {
|
||||
|
@ -883,7 +885,7 @@ public class LoginActionsService {
|
|||
|
||||
@Path(REQUIRED_ACTION)
|
||||
@GET
|
||||
public Response requiredActionGET(@QueryParam("code") final String code,
|
||||
public Response requiredActionGET(@QueryParam(SESSION_CODE) final String code,
|
||||
@QueryParam("execution") String action,
|
||||
@QueryParam("client_id") String clientId,
|
||||
@QueryParam(Constants.TAB_ID) String tabId) {
|
||||
|
|
Loading…
Reference in a new issue