[KEYCLOAK-3086] - NPE when accessing Account with invalid clientId set as ?referrer, and additional referrer_uri set
This commit is contained in:
parent
52a4509ada
commit
675faee593
2 changed files with 17 additions and 2 deletions
|
@ -42,8 +42,9 @@ public class RedirectUtils {
|
||||||
}
|
}
|
||||||
|
|
||||||
public static String verifyRedirectUri(UriInfo uriInfo, String redirectUri, RealmModel realm, ClientModel client) {
|
public static String verifyRedirectUri(UriInfo uriInfo, String redirectUri, RealmModel realm, ClientModel client) {
|
||||||
Set<String> validRedirects = client.getRedirectUris();
|
if (client != null)
|
||||||
return verifyRedirectUri(uriInfo, client.getRootUrl(), redirectUri, realm, validRedirects);
|
return verifyRedirectUri(uriInfo, client.getRootUrl(), redirectUri, realm, client.getRedirectUris());
|
||||||
|
return null;
|
||||||
}
|
}
|
||||||
|
|
||||||
public static Set<String> resolveValidRedirects(UriInfo uriInfo, String rootUrl, Set<String> validRedirects) {
|
public static Set<String> resolveValidRedirects(UriInfo uriInfo, String rootUrl, Set<String> validRedirects) {
|
||||||
|
|
|
@ -813,4 +813,18 @@ public class AccountTest extends TestRealmKeycloakTest {
|
||||||
|
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@Test
|
||||||
|
public void testInvalidReferrer() {
|
||||||
|
driver.navigate().to(profilePage.getPath() + "?referrer=test-app");
|
||||||
|
loginPage.login("test-user@localhost", "password");
|
||||||
|
Assert.assertTrue(profilePage.isCurrent());
|
||||||
|
profilePage.backToApplication();
|
||||||
|
|
||||||
|
Assert.assertTrue(appPage.isCurrent());
|
||||||
|
|
||||||
|
driver.navigate().to(profilePage.getPath() + "?referrer=test-invalid&referrer_uri=http://localhost:8180/auth/realms/master/app/auth?test");
|
||||||
|
Assert.assertTrue(profilePage.isCurrent());
|
||||||
|
|
||||||
|
events.clear();
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
|
Loading…
Reference in a new issue