libre.sh/keycloak-scim
3
0
Fork 0
Code Issues 15 Pull requests Releases Packages Activity Actions

Return 404 when trying to retrieve non-existing external IDP token

Browse source
This commit is contained in:
Benjamin Weimer 2023-01-10 14:09:33 +01:00 committed by Pedro Igor
parent 83147a67a0
commit 69c114288d
1 changed files with 9 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

9
services/src/main/java/org/keycloak/services/resources/IdentityBrokerService.java
View file

@ -474,6 +474,10 @@ public class IdentityBrokerService implements IdentityProvider.AuthenticationCal
return corsResponse(badRequest("User [" + authResult.getUser().getId() + "] is not associated with identity provider [" + providerId + "]."), clientModel);
}
if (identity.getToken() == null) {
return corsResponse(notFound("No token stored for user [" + authResult.getUser().getId() + "] with associated identity provider [" + providerId + "]."), clientModel);
}
this.event.success();
return corsResponse(identityProvider.retrieveToken(session, identity), clientModel);
@ -1224,6 +1228,11 @@ public class IdentityBrokerService implements IdentityProvider.AuthenticationCal
return ErrorResponse.error(message, Response.Status.FORBIDDEN);
}
private Response notFound(String message) {
fireErrorEvent(message);
return ErrorResponse.error(message, Response.Status.NOT_FOUND);
}
public static IdentityProvider getIdentityProvider(KeycloakSession session, RealmModel realm, String alias) {
IdentityProviderModel identityProviderModel = realm.getIdentityProviderByAlias(alias);