libre.sh/keycloak-scim
3
0
Fork 0
Code Issues 15 Pull requests Releases 1 Packages Activity Actions

Merge pull request #758 from stianst/master

Browse source 
KEYCLOAK-746 Allow linking to account from external provider
This commit is contained in:
Stian Thorgersen 2014-10-13 13:19:36 +02:00
commit 6855b2f0e4
1 changed files with 6 additions and 3 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

9
services/src/main/java/org/keycloak/services/resources/AccountService.java
View file

@ -70,6 +70,7 @@ import org.keycloak.util.UriUtils;
import javax.ws.rs.Consumes; import javax.ws.rs.Consumes;
import javax.ws.rs.GET; import javax.ws.rs.GET;
import javax.ws.rs.HttpMethod;
import javax.ws.rs.OPTIONS; import javax.ws.rs.OPTIONS;
import javax.ws.rs.POST; import javax.ws.rs.POST;
import javax.ws.rs.Path; import javax.ws.rs.Path;
@ -181,9 +182,11 @@ public class AccountService {
throw new ForbiddenException(); throw new ForbiddenException();
} }
String referrer = headers.getRequestHeaders().getFirst("Referer"); if (!request.getHttpMethod().equals("GET")) {
if (referrer != null && !requestOrigin.equals(UriUtils.getOrigin(referrer))) { String referrer = headers.getRequestHeaders().getFirst("Referer");
throw new ForbiddenException(); if (referrer != null && !requestOrigin.equals(UriUtils.getOrigin(referrer))) {
throw new ForbiddenException();
}
} }
} }