constants
This commit is contained in:
Bill Burke
parent
39b61728d6
commit
62cc002396
10 changed files with 27 additions and 23 deletions
|
|
@ -1,9 +0,0 @@
|
|||
package org.keycloak.adapters;
|
||||
|
||||
/**
|
||||
* @author <a href="mailto:bill@burkecentral.com">Bill Burke</a>
|
||||
* @version $Revision: 1 $
|
||||
*/
|
||||
public interface AdapterAdminResourceConstants {
|
||||
public static final String LOGOUT = "k_logout";
|
||||
}
|
||||
12
core/src/main/java/org/keycloak/adapters/AdapterConstants.java
Executable file
12
core/src/main/java/org/keycloak/adapters/AdapterConstants.java
Executable file
|
|
@ -0,0 +1,12 @@
|
|||
package org.keycloak.adapters;
|
||||
|
||||
/**
|
||||
* @author <a href="mailto:bill@burkecentral.com">Bill Burke</a>
|
||||
* @version $Revision: 1 $
|
||||
*/
|
||||
public interface AdapterConstants {
|
||||
|
||||
// URL endpoints
|
||||
public static final String K_LOGOUT = "k_logout";
|
||||
public static final String K_QUERY_BEARER_TOKEN = "k_query_bearer_token";
|
||||
}
|
||||
|
|
@ -174,7 +174,7 @@
|
|||
<listitem>
|
||||
<para>
|
||||
If<literal>true</literal>, an authenticated browser client (via a Javascript HTTP invocation)
|
||||
can obtain the signed access token via the URL<literal>root/K_QUERY_BEARER_TOKEN</literal>.
|
||||
can obtain the signed access token via the URL<literal>root/k_query_bearer_token</literal>.
|
||||
This is<emphasis>OPTIONAL</emphasis>. The default value is<emphasis>false</emphasis>.
|
||||
</para>
|
||||
</listitem>
|
||||
|
|
|
|||
|
|
@ -6,7 +6,7 @@
|
|||
<script type="text/javascript">
|
||||
console.log('here!!!!!');
|
||||
var xhr1 = new XMLHttpRequest();
|
||||
xhr1.open('GET', '/customer-portal/K_QUERY_BEARER_TOKEN');
|
||||
xhr1.open('GET', '/customer-portal/k_query_bearer_token');
|
||||
xhr1.onreadystatechange = function () {
|
||||
console.log('got here');
|
||||
if (this.status == 200 && this.readyState == 4) {
|
||||
|
|
|
|||
|
|
@ -6,7 +6,7 @@
|
|||
<script type="text/javascript">
|
||||
console.log('here!!!!!');
|
||||
var xhr1 = new XMLHttpRequest();
|
||||
xhr1.open('GET', '/customer-portal/K_QUERY_BEARER_TOKEN');
|
||||
xhr1.open('GET', '/customer-portal/k_query_bearer_token');
|
||||
xhr1.onreadystatechange = function () {
|
||||
console.log('got here');
|
||||
if (this.status == 200 && this.readyState == 4) {
|
||||
|
|
|
|||
|
|
@ -8,6 +8,7 @@ import org.apache.catalina.connector.Response;
|
|||
import org.apache.catalina.valves.ValveBase;
|
||||
import org.jboss.logging.Logger;
|
||||
import org.keycloak.SkeletonKeySession;
|
||||
import org.keycloak.adapters.AdapterConstants;
|
||||
import org.keycloak.representations.adapters.config.AdapterConfig;
|
||||
import org.keycloak.representations.SkeletonKeyToken;
|
||||
|
||||
|
|
@ -22,7 +23,7 @@ import java.util.Set;
|
|||
* Actions include:
|
||||
* <p/>
|
||||
* CORS Origin Check and Response headers
|
||||
* K_QUERY_BEARER_TOKEN: Get bearer token from server for Javascripts CORS requests
|
||||
* k_query_bearer_token: Get bearer token from server for Javascripts CORS requests
|
||||
*
|
||||
* @author <a href="mailto:bill@burkecentral.com">Bill Burke</a>
|
||||
* @version $Revision: 1 $
|
||||
|
|
@ -46,7 +47,7 @@ public class AuthenticatedActionsValve extends ValveBase {
|
|||
SkeletonKeySession session = getSkeletonKeySession(request);
|
||||
if (corsRequest(request, response, session)) return;
|
||||
String requestUri = request.getRequestURI();
|
||||
if (requestUri.endsWith("K_QUERY_BEARER_TOKEN")) {
|
||||
if (requestUri.endsWith(AdapterConstants.K_QUERY_BEARER_TOKEN)) {
|
||||
queryBearerToken(request, response, session);
|
||||
return;
|
||||
}
|
||||
|
|
|
|||
|
|
@ -13,7 +13,7 @@ import org.apache.catalina.core.StandardContext;
|
|||
import org.apache.catalina.deploy.LoginConfig;
|
||||
import org.apache.catalina.realm.GenericPrincipal;
|
||||
import org.jboss.logging.Logger;
|
||||
import org.keycloak.adapters.AdapterAdminResourceConstants;
|
||||
import org.keycloak.adapters.AdapterConstants;
|
||||
import org.keycloak.adapters.ResourceMetadata;
|
||||
import org.keycloak.SkeletonKeyPrincipal;
|
||||
import org.keycloak.SkeletonKeySession;
|
||||
|
|
@ -83,7 +83,7 @@ public class OAuthAuthenticatorValve extends FormAuthenticator implements Lifecy
|
|||
return;
|
||||
}
|
||||
String requestURI = request.getDecodedRequestURI();
|
||||
if (requestURI.endsWith(AdapterAdminResourceConstants.LOGOUT)) {
|
||||
if (requestURI.endsWith(AdapterConstants.K_LOGOUT)) {
|
||||
JWSInput input = verifyAdminRequest(request, response);
|
||||
if (input == null) {
|
||||
return; // we failed to verify the request
|
||||
|
|
|
|||
|
|
@ -5,6 +5,7 @@ import io.undertow.server.HttpServerExchange;
|
|||
import io.undertow.util.Headers;
|
||||
import org.jboss.logging.Logger;
|
||||
import org.keycloak.SkeletonKeySession;
|
||||
import org.keycloak.adapters.AdapterConstants;
|
||||
import org.keycloak.representations.adapters.config.AdapterConfig;
|
||||
import org.keycloak.representations.SkeletonKeyToken;
|
||||
|
||||
|
|
@ -18,7 +19,7 @@ import java.util.Set;
|
|||
* Actions include:
|
||||
*
|
||||
* CORS Origin Check and Response headers
|
||||
* K_QUERY_BEARER_TOKEN: Get bearer token from server for Javascripts CORS requests
|
||||
* k_query_bearer_token: Get bearer token from server for Javascripts CORS requests
|
||||
*
|
||||
* @author <a href="mailto:bill@burkecentral.com">Bill Burke</a>
|
||||
* @version $Revision: 1 $
|
||||
|
|
@ -39,7 +40,7 @@ public class AuthenticatedActionsHandler implements HttpHandler {
|
|||
SkeletonKeySession session = getSkeletonKeySession(exchange);
|
||||
if (corsRequest(exchange, session)) return;
|
||||
String requestUri = exchange.getRequestURI();
|
||||
if (requestUri.endsWith("K_QUERY_BEARER_TOKEN")) {
|
||||
if (requestUri.endsWith(AdapterConstants.K_QUERY_BEARER_TOKEN)) {
|
||||
queryBearerToken(exchange, session);
|
||||
return;
|
||||
}
|
||||
|
|
|
|||
|
|
@ -6,7 +6,7 @@ import io.undertow.server.HttpServerExchange;
|
|||
import io.undertow.server.session.SessionManager;
|
||||
import io.undertow.servlet.handlers.ServletRequestContext;
|
||||
import org.jboss.logging.Logger;
|
||||
import org.keycloak.adapters.AdapterAdminResourceConstants;
|
||||
import org.keycloak.adapters.AdapterConstants;
|
||||
import org.keycloak.adapters.config.RealmConfiguration;
|
||||
import org.keycloak.jose.jws.JWSInput;
|
||||
import org.keycloak.jose.jws.crypto.RSAProvider;
|
||||
|
|
@ -82,7 +82,7 @@ public class ServletAdminActionsHandler implements HttpHandler {
|
|||
HttpServletResponse response = (HttpServletResponse) servletRequestContext.getServletResponse();
|
||||
SessionManager manager = servletRequestContext.getDeployment().getSessionManager();
|
||||
String requestUri = exchange.getRequestURI();
|
||||
if (requestUri.endsWith(AdapterAdminResourceConstants.LOGOUT)) {
|
||||
if (requestUri.endsWith(AdapterConstants.K_LOGOUT)) {
|
||||
JWSInput token = verifyAdminRequest(request, response);
|
||||
if (token == null) return;
|
||||
userSessionManagement.remoteLogout(token, manager, response);
|
||||
|
|
|
|||
|
|
@ -4,13 +4,12 @@ import org.jboss.resteasy.client.jaxrs.ResteasyClient;
|
|||
import org.jboss.resteasy.client.jaxrs.ResteasyClientBuilder;
|
||||
import org.jboss.resteasy.logging.Logger;
|
||||
import org.keycloak.TokenIdGenerator;
|
||||
import org.keycloak.adapters.AdapterAdminResourceConstants;
|
||||
import org.keycloak.adapters.AdapterConstants;
|
||||
import org.keycloak.models.ApplicationModel;
|
||||
import org.keycloak.models.RealmModel;
|
||||
import org.keycloak.representations.adapters.action.LogoutAction;
|
||||
|
||||
import javax.ws.rs.client.Entity;
|
||||
import javax.ws.rs.core.Form;
|
||||
import javax.ws.rs.core.Response;
|
||||
import java.util.List;
|
||||
|
||||
|
|
@ -43,7 +42,7 @@ public class ResourceAdminManager {
|
|||
LogoutAction adminAction = new LogoutAction(TokenIdGenerator.generateId(), System.currentTimeMillis() / 1000 + 30, resource.getName(), user);
|
||||
String token = new TokenManager().encodeToken(realm, adminAction);
|
||||
logger.debug("logout user: {0} resource: {1} url: {2}", user, resource.getName(), managementUrl);
|
||||
Response response = client.target(managementUrl).path(AdapterAdminResourceConstants.LOGOUT).request().post(Entity.text(token));
|
||||
Response response = client.target(managementUrl).path(AdapterConstants.K_LOGOUT).request().post(Entity.text(token));
|
||||
boolean success = response.getStatus() == 204;
|
||||
response.close();
|
||||
return success;
|
||||
|
|
|
|||
Loading…
Reference in a new issue