Merge pull request #1153 from stianst/master

KEYCLOAK-1061 Add back to application link to error page
This commit is contained in:
Stian Thorgersen 2015-04-16 14:41:10 +02:00
commit 6e5820ea11
8 changed files with 19 additions and 22 deletions

View file

@ -18,7 +18,8 @@ public class UriUtils {
public static String getOrigin(String uri) { public static String getOrigin(String uri) {
String u = uri.toString(); String u = uri.toString();
return u.substring(0, u.indexOf('/', 8)); int e = u.indexOf('/', 8);
return e != -1 ? u.substring(0, u.indexOf('/', 8)) : u;
} }
public static boolean isOrigin(String url) { public static boolean isOrigin(String url) {

View file

@ -178,12 +178,11 @@
<span tooltip-placement="right" tooltip="Valid URI pattern a browser can redirect to after a successful login or logout. Simple wildcards are allowed i.e. 'http://example.com/*'. Relative path can be specified too i.e. /my/relative/path/*. Relative paths will generate a redirect URI using the request's host and port. For SAML, you must set valid URI patterns if you are relying on the consumer service URL embedded with the login request." class="fa fa-info-circle"></span> <span tooltip-placement="right" tooltip="Valid URI pattern a browser can redirect to after a successful login or logout. Simple wildcards are allowed i.e. 'http://example.com/*'. Relative path can be specified too i.e. /my/relative/path/*. Relative paths will generate a redirect URI using the request's host and port. For SAML, you must set valid URI patterns if you are relying on the consumer service URL embedded with the login request." class="fa fa-info-circle"></span>
</div> </div>
<div class="form-group" data-ng-show="!client.bearerOnly && !create"> <div class="form-group" data-ng-show="!client.bearerOnly && !create">
<label class="col-sm-2 control-label" for="baseUrl">Default Redirect URL</label> <label class="col-sm-2 control-label" for="baseUrl">Base URL</label>
<div class="col-sm-6"> <div class="col-sm-6">
<input class="form-control" type="text" name="baseUrl" id="baseUrl" <input class="form-control" type="text" name="baseUrl" id="baseUrl" data-ng-model="client.baseUrl">
data-ng-model="client.baseUrl">
</div> </div>
<span tooltip-placement="right" tooltip="Default URL to use when the auth server needs to redirect back to the client. This URL will also be used when the auth server needs to link to the client for any reason." class="fa fa-info-circle"></span> <span tooltip-placement="right" tooltip="Default URL to use when the auth server needs to redirect or link back to the client." class="fa fa-info-circle"></span>
</div> </div>
<div class="form-group" data-ng-hide="create || protocol == 'saml'"> <div class="form-group" data-ng-hide="create || protocol == 'saml'">
<label class="col-sm-2 control-label" for="adminUrl">Admin URL</label> <label class="col-sm-2 control-label" for="adminUrl">Admin URL</label>

View file

@ -7,6 +7,9 @@
<#elseif section = "form"> <#elseif section = "form">
<div id="kc-error-message"> <div id="kc-error-message">
<p class="instruction">${message.summary}</p> <p class="instruction">${message.summary}</p>
<#if client?? && client.baseUrl?has_content>
<p><a href="${client.baseUrl}">${msg("backToApplication")}</a></p>
</#if>
</div> </div>
</#if> </#if>
</@layout.registrationLayout> </@layout.registrationLayout>

View file

@ -157,8 +157,7 @@ couldNotSendAuthenticationRequestMessage=Could not send authentication request t
unexpectedErrorHandlingRequestMessage=Unexpected error when handling authentication request to identity provider [{0}]. unexpectedErrorHandlingRequestMessage=Unexpected error when handling authentication request to identity provider [{0}].
invalidAccessCodeMessage=Invalid access code. invalidAccessCodeMessage=Invalid access code.
sessionNotActiveMessage=Session not active. sessionNotActiveMessage=Session not active.
unknownCodeMessage=Unknown code, please login again through your application. invalidCodeMessage=An error occurred, please login again through your application.
invalidCodeMessage=Invalid code, please login again through your application.
identityProviderUnexpectedErrorMessage=Unexpected error when authenticating with identity provider identityProviderUnexpectedErrorMessage=Unexpected error when authenticating with identity provider
identityProviderNotFoundMessage=Could not find an identity provider with the identifier [{0}]. identityProviderNotFoundMessage=Could not find an identity provider with the identifier [{0}].
realmSupportsNoCredentialsMessage=Realm [{0}] does not support any credential type. realmSupportsNoCredentialsMessage=Realm [{0}] does not support any credential type.

View file

@ -36,6 +36,7 @@ import org.keycloak.representations.idm.ScopeMappingRepresentation;
import org.keycloak.representations.idm.SocialLinkRepresentation; import org.keycloak.representations.idm.SocialLinkRepresentation;
import org.keycloak.representations.idm.UserFederationProviderRepresentation; import org.keycloak.representations.idm.UserFederationProviderRepresentation;
import org.keycloak.representations.idm.UserRepresentation; import org.keycloak.representations.idm.UserRepresentation;
import org.keycloak.util.UriUtils;
import java.io.IOException; import java.io.IOException;
import java.net.URI; import java.net.URI;
@ -526,7 +527,7 @@ public class RepresentationToModel {
client.setManagementUrl(resourceRep.getAdminUrl()); client.setManagementUrl(resourceRep.getAdminUrl());
if (resourceRep.isSurrogateAuthRequired() != null) if (resourceRep.isSurrogateAuthRequired() != null)
client.setSurrogateAuthRequired(resourceRep.isSurrogateAuthRequired()); client.setSurrogateAuthRequired(resourceRep.isSurrogateAuthRequired());
client.setBaseUrl(resourceRep.getBaseUrl()); if (resourceRep.getBaseUrl() != null) client.setBaseUrl(resourceRep.getBaseUrl());
if (resourceRep.isBearerOnly() != null) client.setBearerOnly(resourceRep.isBearerOnly()); if (resourceRep.isBearerOnly() != null) client.setBearerOnly(resourceRep.isBearerOnly());
if (resourceRep.isConsentRequired() != null) client.setConsentRequired(resourceRep.isConsentRequired()); if (resourceRep.isConsentRequired() != null) client.setConsentRequired(resourceRep.isConsentRequired());
if (resourceRep.isPublicClient() != null) client.setPublicClient(resourceRep.isPublicClient()); if (resourceRep.isPublicClient() != null) client.setPublicClient(resourceRep.isPublicClient());
@ -576,12 +577,8 @@ public class RepresentationToModel {
Set<String> origins = new HashSet<String>(); Set<String> origins = new HashSet<String>();
for (String redirectUri : resourceRep.getRedirectUris()) { for (String redirectUri : resourceRep.getRedirectUris()) {
logger.debugv("add redirect-uri to origin: {0}", redirectUri); logger.debugv("add redirect-uri to origin: {0}", redirectUri);
if (redirectUri.startsWith("http:")) { if (redirectUri.startsWith("http")) {
URI uri = URI.create(redirectUri); String origin = UriUtils.getOrigin(redirectUri);
String origin = uri.getScheme() + "://" + uri.getHost();
if (uri.getPort() != -1) {
origin += ":" + uri.getPort();
}
logger.debugv("adding default client origin: {0}" , origin); logger.debugv("adding default client origin: {0}" , origin);
origins.add(origin); origins.add(origin);
} }

View file

@ -134,8 +134,6 @@ public class Messages {
public static final String SESSION_NOT_ACTIVE = "sessionNotActiveMessage"; public static final String SESSION_NOT_ACTIVE = "sessionNotActiveMessage";
public static final String UNKNOWN_CODE = "unknownCodeMessage";
public static final String INVALID_CODE = "invalidCodeMessage"; public static final String INVALID_CODE = "invalidCodeMessage";
public static final String IDENTITY_PROVIDER_UNEXPECTED_ERROR = "identityProviderUnexpectedErrorMessage"; public static final String IDENTITY_PROVIDER_UNEXPECTED_ERROR = "identityProviderUnexpectedErrorMessage";

View file

@ -195,7 +195,7 @@ public class LoginActionsService {
clientCode = ClientSessionCode.parse(code, session, realm); clientCode = ClientSessionCode.parse(code, session, realm);
if (clientCode == null) { if (clientCode == null) {
event.error(Errors.INVALID_CODE); event.error(Errors.INVALID_CODE);
response = ErrorPage.error(session, Messages.UNKNOWN_CODE); response = ErrorPage.error(session, Messages.INVALID_CODE);
return false; return false;
} }
session.getContext().setClient(clientCode.getClientSession().getClient()); session.getContext().setClient(clientCode.getClientSession().getClient());
@ -288,7 +288,7 @@ public class LoginActionsService {
ClientSessionCode clientCode = ClientSessionCode.parse(code, session, realm); ClientSessionCode clientCode = ClientSessionCode.parse(code, session, realm);
if (clientCode == null) { if (clientCode == null) {
event.error(Errors.INVALID_CODE); event.error(Errors.INVALID_CODE);
return ErrorPage.error(session, Messages.UNKNOWN_CODE); return ErrorPage.error(session, Messages.INVALID_CODE);
} }
ClientSessionModel clientSession = clientCode.getClientSession(); ClientSessionModel clientSession = clientCode.getClientSession();
@ -428,7 +428,7 @@ public class LoginActionsService {
ClientSessionCode clientCode = ClientSessionCode.parse(code, session, realm); ClientSessionCode clientCode = ClientSessionCode.parse(code, session, realm);
if (clientCode == null) { if (clientCode == null) {
event.error(Errors.INVALID_CODE); event.error(Errors.INVALID_CODE);
return ErrorPage.error(session, Messages.UNKNOWN_CODE); return ErrorPage.error(session, Messages.INVALID_CODE);
} }
if (!clientCode.isValid(ClientSessionModel.Action.AUTHENTICATE)) { if (!clientCode.isValid(ClientSessionModel.Action.AUTHENTICATE)) {
event.error(Errors.INVALID_CODE); event.error(Errors.INVALID_CODE);
@ -865,7 +865,7 @@ public class LoginActionsService {
ClientSessionCode accessCode = ClientSessionCode.parse(code, session, realm); ClientSessionCode accessCode = ClientSessionCode.parse(code, session, realm);
if (accessCode == null) { if (accessCode == null) {
event.error(Errors.INVALID_CODE); event.error(Errors.INVALID_CODE);
return ErrorPage.error(session, Messages.UNKNOWN_CODE); return ErrorPage.error(session, Messages.INVALID_CODE);
} }
ClientSessionModel clientSession = accessCode.getClientSession(); ClientSessionModel clientSession = accessCode.getClientSession();

View file

@ -155,7 +155,7 @@ public class ResetPasswordTest {
events.expect(EventType.RESET_PASSWORD_ERROR).client((String) null).user((String) null).error("invalid_code").clearDetails().assertEvent(); events.expect(EventType.RESET_PASSWORD_ERROR).client((String) null).user((String) null).error("invalid_code").clearDetails().assertEvent();
assertTrue(errorPage.isCurrent()); assertTrue(errorPage.isCurrent());
assertEquals("Unknown code, please login again through your application.", errorPage.getError()); assertEquals("An error occurred, please login again through your application.", errorPage.getError());
} }
@Test @Test
@ -354,7 +354,7 @@ public class ResetPasswordTest {
errorPage.assertCurrent(); errorPage.assertCurrent();
assertEquals("Invalid code, please login again through your application.", errorPage.getError()); assertEquals("An error occurred, please login again through your application.", errorPage.getError());
events.expectRequiredAction(EventType.RESET_PASSWORD).error("invalid_code").client((String) null).user((String) null).session((String) null).clearDetails().assertEvent(); events.expectRequiredAction(EventType.RESET_PASSWORD).error("invalid_code").client((String) null).user((String) null).session((String) null).clearDetails().assertEvent();
} finally { } finally {