libre.sh/keycloak-scim
4
0
Fork 0
Code Issues 15 Pull requests Releases 1 Activity Actions

KEYCLOAK-8318 Workaround Elytron's double encoding of the query parameters

Browse source 
Co-Authored-By: mhajas <mhajas@redhat.com>
This commit is contained in:
Hynek Mlnarik 2019-07-18 23:48:59 +02:00 committed by Stian Thorgersen
parent 282569df23
commit 67f8622d13
4 changed files with 24 additions and 7 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

11
adapters/oidc/wildfly-elytron/src/main/java/org/keycloak/adapters/elytron/ElytronHttpFacade.java
View file

@ -19,7 +19,6 @@
package org.keycloak.adapters.elytron;
import io.undertow.server.handlers.CookieImpl;
import org.bouncycastle.asn1.cmp.Challenge;
import org.keycloak.KeycloakSecurityContext;
import org.keycloak.adapters.AdapterDeploymentContext;
import org.keycloak.adapters.AdapterTokenStore;
@ -31,10 +30,8 @@ import org.keycloak.adapters.spi.AuthenticationError;
import org.keycloak.adapters.spi.LogoutError;
import org.keycloak.enums.TokenStore;
import org.wildfly.security.auth.server.SecurityIdentity;
import org.wildfly.security.http.HttpAuthenticationException;
import org.wildfly.security.http.HttpScope;
import org.wildfly.security.http.HttpServerCookie;
import org.wildfly.security.http.HttpServerMechanismsResponder;
import org.wildfly.security.http.HttpServerRequest;
import org.wildfly.security.http.HttpServerResponse;
import org.wildfly.security.http.Scope;
@ -201,9 +198,13 @@ class ElytronHttpFacade implements OIDCHttpFacade {
if (query != null) {
String[] parameters = query.split("&");
for (String parameter : parameters) {
String[] keyValue = parameter.split("=");
String[] keyValue = parameter.split("=", 2);
if (keyValue[0].equals(param)) {
return keyValue[1];
try {
return URLDecoder.decode(keyValue[1], "UTF-8");
} catch (IOException e) {
throw new RuntimeException("Failed to decode request URI", e);
}
}
}
}

8
adapters/saml/wildfly-elytron/src/main/java/org/keycloak/adapters/saml/elytron/ElytronHttpFacade.java
View file

@ -186,9 +186,13 @@ class ElytronHttpFacade implements HttpFacade {
if (query != null) {
String[] parameters = query.split("&");
for (String parameter : parameters) {
String[] keyValue = parameter.split("=");
String[] keyValue = parameter.split("=", 2);
if (keyValue[0].equals(param)) {
return keyValue[1];
try {
return URLDecoder.decode(keyValue[1], "UTF-8");
} catch (IOException e) {
throw new RuntimeException("Failed to decode request URI", e);
}
}
}
}

4
testsuite/integration-arquillian/tests/base/src/main/java/org/keycloak/testsuite/auth/page/login/LoginForm.java
View file

@ -145,6 +145,10 @@ public class LoginForm extends Form {
return accountFields.getUsernameLabel();
}
public String getUsername() {
return accountFields.getUsername();
}
public String getPasswordLabel() {
return passwordFields.getPasswordLabel();
}

8
testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/adapter/servlet/DemoServletsAdapterTest.java
View file

@ -1409,4 +1409,12 @@ public class DemoServletsAdapterTest extends AbstractServletsAdapterTest {
.clearDetails()
.assertEvent();
}
@Test
public void testLoginHintFromClientRequest() {
driver.navigate().to(customerPortal + "?login_hint=blah%3d");
waitForPageToLoad();
assertCurrentUrlStartsWithLoginUrlOf(testRealmPage);
assertThat(testRealmLoginPage.form().getUsername(), is("blah="));
}
}