Merge pull request #1053 from mposolda/master

KEYCLOAK-1094 Rename k_idp_hint to kc_idp_hint
This commit is contained in:
Marek Posolda 2015-03-16 20:50:09 +01:00
commit 7c72781cb1
8 changed files with 46 additions and 13 deletions

View file

@ -31,5 +31,5 @@ public interface AdapterConstants {
public static final String KEYCLOAK_ADAPTER_STATE_COOKIE = "KEYCLOAK_ADAPTER_STATE";
// Request parameter used to specify the identifier of the identity provider that should be used to authenticate an user
String K_IDP_HINT = "k_idp_hint";
String KC_IDP_HINT = "kc_idp_hint";
}

View file

@ -1008,9 +1008,9 @@ Authorization: Bearer {keycloak_access_token}]]></programlisting>
Keycloak supports a specific HTTP query parameter that you can use as a hint to tell the server which identity provider should be used to authenticate the user.
</para>
<para>
For that, you can append the <literal>k_idp_hint</literal> as a query parameter to your application url, as follows:
For that, you can append the <literal>kc_idp_hint</literal> as a query parameter to your application url, as follows:
</para>
<programlisting language="JAVA"><![CDATA[GET /myapplication.com?k_idp_hint=facebook HTTP/1.1
<programlisting language="JAVA"><![CDATA[GET /myapplication.com?kc_idp_hint=facebook HTTP/1.1
Host: localhost:8080]]></programlisting>
<para>
In this case, is expected that your realm has an identity provider with an alias <literal>facebook</literal>.

33
examples/broker/pom.xml Normal file
View file

@ -0,0 +1,33 @@
<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/maven-v4_0_0.xsd">
<parent>
<artifactId>keycloak-parent</artifactId>
<groupId>org.keycloak</groupId>
<version>1.2.0.Beta1-SNAPSHOT</version>
<relativePath>../../pom.xml</relativePath>
</parent>
<name>Broker Examples</name>
<description/>
<modelVersion>4.0.0</modelVersion>
<artifactId>examples-broker-pom</artifactId>
<packaging>pom</packaging>
<build>
<plugins>
<plugin>
<groupId>org.apache.maven.plugins</groupId>
<artifactId>maven-deploy-plugin</artifactId>
<configuration>
<skip>true</skip>
</configuration>
</plugin>
</plugins>
</build>
<modules>
<module>facebook-authentication</module>
<module>google-authentication</module>
<module>saml-broker-authentication</module>
<module>twitter-authentication</module>
</modules>
</project>

View file

@ -4,6 +4,7 @@ import org.jboss.logging.Logger;
import org.keycloak.OAuth2Constants;
import org.keycloak.RSATokenVerifier;
import org.keycloak.VerificationException;
import org.keycloak.constants.AdapterConstants;
import org.keycloak.enums.TokenStore;
import org.keycloak.jose.jws.JWSInput;
import org.keycloak.representations.AccessToken;
@ -16,7 +17,6 @@ import java.io.IOException;
import java.util.UUID;
import java.util.concurrent.atomic.AtomicLong;
import static org.keycloak.constants.AdapterConstants.K_IDP_HINT;
/**
* @author <a href="mailto:bill@burkecentral.com">Bill Burke</a>
@ -132,8 +132,8 @@ public class OAuthRequestAuthenticator {
String loginHint = getQueryParamValue("login_hint");
url = UriUtils.stripQueryParam(url,"login_hint");
String idpHint = getQueryParamValue(K_IDP_HINT);
url = UriUtils.stripQueryParam(url, K_IDP_HINT);
String idpHint = getQueryParamValue(AdapterConstants.KC_IDP_HINT);
url = UriUtils.stripQueryParam(url, AdapterConstants.KC_IDP_HINT);
KeycloakUriBuilder redirectUriBuilder = deployment.getAuthUrl().clone()
.queryParam(OAuth2Constants.RESPONSE_TYPE, OAuth2Constants.CODE)
@ -145,7 +145,7 @@ public class OAuthRequestAuthenticator {
redirectUriBuilder.queryParam("login_hint",loginHint);
}
if (idpHint != null && idpHint.length() > 0) {
redirectUriBuilder.queryParam(K_IDP_HINT,idpHint);
redirectUriBuilder.queryParam(AdapterConstants.KC_IDP_HINT,idpHint);
}
return redirectUriBuilder.build().toString();

View file

@ -161,7 +161,7 @@
}
if (options && options.idpHint) {
url += '&k_idp_hint=' + options.idpHint;
url += '&kc_idp_hint=' + options.idpHint;
}
return url;

View file

@ -54,7 +54,6 @@ public class OIDCLoginProtocol implements LoginProtocol {
public static final String CLIENT_ID_PARAM = "client_id";
public static final String PROMPT_PARAM = "prompt";
public static final String LOGIN_HINT_PARAM = "login_hint";
public static final String K_IDP_HINT = "k_idp_hint";
private static final Logger log = Logger.getLogger(OIDCLoginProtocol.class);

View file

@ -5,6 +5,7 @@ import org.jboss.resteasy.specimpl.MultivaluedMapImpl;
import org.jboss.resteasy.spi.HttpRequest;
import org.keycloak.ClientConnection;
import org.keycloak.OAuth2Constants;
import org.keycloak.constants.AdapterConstants;
import org.keycloak.events.Details;
import org.keycloak.events.Errors;
import org.keycloak.events.EventBuilder;
@ -132,7 +133,7 @@ public class AuthorizationEndpoint {
scope = params.getFirst(OIDCLoginProtocol.SCOPE_PARAM);
loginHint = params.getFirst(OIDCLoginProtocol.LOGIN_HINT_PARAM);
prompt = params.getFirst(OIDCLoginProtocol.REDIRECT_URI_PARAM);
idpHint = params.getFirst(OIDCLoginProtocol.K_IDP_HINT);
idpHint = params.getFirst(AdapterConstants.KC_IDP_HINT);
checkSsl();
checkRealm();
@ -227,7 +228,7 @@ public class AuthorizationEndpoint {
if (scope != null) clientSession.setNote(OIDCLoginProtocol.SCOPE_PARAM, scope);
if (loginHint != null) clientSession.setNote(OIDCLoginProtocol.LOGIN_HINT_PARAM, loginHint);
if (prompt != null) clientSession.setNote(OIDCLoginProtocol.PROMPT_PARAM, prompt);
if (idpHint != null) clientSession.setNote(OIDCLoginProtocol.K_IDP_HINT, idpHint);
if (idpHint != null) clientSession.setNote(AdapterConstants.KC_IDP_HINT, idpHint);
}
private Response buildAuthorizationCodeAuthorizationResponse() {

View file

@ -54,7 +54,7 @@ public class IdentityProviderHintTest {
@Test
public void testSuccessfulRedirect() {
this.driver.navigate().to("http://localhost:8081/test-app?k_idp_hint=kc-oidc-idp");
this.driver.navigate().to("http://localhost:8081/test-app?kc_idp_hint=kc-oidc-idp");
assertTrue(this.driver.getCurrentUrl().startsWith("http://localhost:8082/auth/"));
@ -72,7 +72,7 @@ public class IdentityProviderHintTest {
@Test
public void testInvalidIdentityProviderHint() {
this.driver.navigate().to("http://localhost:8081/test-app?k_idp_hint=invalid-idp-id");
this.driver.navigate().to("http://localhost:8081/test-app?kc_idp_hint=invalid-idp-id");
assertTrue(this.driver.getCurrentUrl().startsWith("http://localhost:8081/auth/realms/realm-with-broker/protocol/openid-connect/auth"));