Merge pull request #1053 from mposolda/master
KEYCLOAK-1094 Rename k_idp_hint to kc_idp_hint
This commit is contained in:
commit
7c72781cb1
8 changed files with 46 additions and 13 deletions
|
@ -31,5 +31,5 @@ public interface AdapterConstants {
|
|||
public static final String KEYCLOAK_ADAPTER_STATE_COOKIE = "KEYCLOAK_ADAPTER_STATE";
|
||||
|
||||
// Request parameter used to specify the identifier of the identity provider that should be used to authenticate an user
|
||||
String K_IDP_HINT = "k_idp_hint";
|
||||
String KC_IDP_HINT = "kc_idp_hint";
|
||||
}
|
||||
|
|
|
@ -1008,9 +1008,9 @@ Authorization: Bearer {keycloak_access_token}]]></programlisting>
|
|||
Keycloak supports a specific HTTP query parameter that you can use as a hint to tell the server which identity provider should be used to authenticate the user.
|
||||
</para>
|
||||
<para>
|
||||
For that, you can append the <literal>k_idp_hint</literal> as a query parameter to your application url, as follows:
|
||||
For that, you can append the <literal>kc_idp_hint</literal> as a query parameter to your application url, as follows:
|
||||
</para>
|
||||
<programlisting language="JAVA"><![CDATA[GET /myapplication.com?k_idp_hint=facebook HTTP/1.1
|
||||
<programlisting language="JAVA"><![CDATA[GET /myapplication.com?kc_idp_hint=facebook HTTP/1.1
|
||||
Host: localhost:8080]]></programlisting>
|
||||
<para>
|
||||
In this case, is expected that your realm has an identity provider with an alias <literal>facebook</literal>.
|
||||
|
|
33
examples/broker/pom.xml
Normal file
33
examples/broker/pom.xml
Normal file
|
@ -0,0 +1,33 @@
|
|||
<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
|
||||
xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/maven-v4_0_0.xsd">
|
||||
<parent>
|
||||
<artifactId>keycloak-parent</artifactId>
|
||||
<groupId>org.keycloak</groupId>
|
||||
<version>1.2.0.Beta1-SNAPSHOT</version>
|
||||
<relativePath>../../pom.xml</relativePath>
|
||||
</parent>
|
||||
<name>Broker Examples</name>
|
||||
<description/>
|
||||
<modelVersion>4.0.0</modelVersion>
|
||||
|
||||
<artifactId>examples-broker-pom</artifactId>
|
||||
<packaging>pom</packaging>
|
||||
|
||||
<build>
|
||||
<plugins>
|
||||
<plugin>
|
||||
<groupId>org.apache.maven.plugins</groupId>
|
||||
<artifactId>maven-deploy-plugin</artifactId>
|
||||
<configuration>
|
||||
<skip>true</skip>
|
||||
</configuration>
|
||||
</plugin>
|
||||
</plugins>
|
||||
</build>
|
||||
<modules>
|
||||
<module>facebook-authentication</module>
|
||||
<module>google-authentication</module>
|
||||
<module>saml-broker-authentication</module>
|
||||
<module>twitter-authentication</module>
|
||||
</modules>
|
||||
</project>
|
|
@ -4,6 +4,7 @@ import org.jboss.logging.Logger;
|
|||
import org.keycloak.OAuth2Constants;
|
||||
import org.keycloak.RSATokenVerifier;
|
||||
import org.keycloak.VerificationException;
|
||||
import org.keycloak.constants.AdapterConstants;
|
||||
import org.keycloak.enums.TokenStore;
|
||||
import org.keycloak.jose.jws.JWSInput;
|
||||
import org.keycloak.representations.AccessToken;
|
||||
|
@ -16,7 +17,6 @@ import java.io.IOException;
|
|||
import java.util.UUID;
|
||||
import java.util.concurrent.atomic.AtomicLong;
|
||||
|
||||
import static org.keycloak.constants.AdapterConstants.K_IDP_HINT;
|
||||
|
||||
/**
|
||||
* @author <a href="mailto:bill@burkecentral.com">Bill Burke</a>
|
||||
|
@ -132,8 +132,8 @@ public class OAuthRequestAuthenticator {
|
|||
String loginHint = getQueryParamValue("login_hint");
|
||||
url = UriUtils.stripQueryParam(url,"login_hint");
|
||||
|
||||
String idpHint = getQueryParamValue(K_IDP_HINT);
|
||||
url = UriUtils.stripQueryParam(url, K_IDP_HINT);
|
||||
String idpHint = getQueryParamValue(AdapterConstants.KC_IDP_HINT);
|
||||
url = UriUtils.stripQueryParam(url, AdapterConstants.KC_IDP_HINT);
|
||||
|
||||
KeycloakUriBuilder redirectUriBuilder = deployment.getAuthUrl().clone()
|
||||
.queryParam(OAuth2Constants.RESPONSE_TYPE, OAuth2Constants.CODE)
|
||||
|
@ -145,7 +145,7 @@ public class OAuthRequestAuthenticator {
|
|||
redirectUriBuilder.queryParam("login_hint",loginHint);
|
||||
}
|
||||
if (idpHint != null && idpHint.length() > 0) {
|
||||
redirectUriBuilder.queryParam(K_IDP_HINT,idpHint);
|
||||
redirectUriBuilder.queryParam(AdapterConstants.KC_IDP_HINT,idpHint);
|
||||
}
|
||||
|
||||
return redirectUriBuilder.build().toString();
|
||||
|
|
|
@ -161,7 +161,7 @@
|
|||
}
|
||||
|
||||
if (options && options.idpHint) {
|
||||
url += '&k_idp_hint=' + options.idpHint;
|
||||
url += '&kc_idp_hint=' + options.idpHint;
|
||||
}
|
||||
|
||||
return url;
|
||||
|
|
|
@ -54,7 +54,6 @@ public class OIDCLoginProtocol implements LoginProtocol {
|
|||
public static final String CLIENT_ID_PARAM = "client_id";
|
||||
public static final String PROMPT_PARAM = "prompt";
|
||||
public static final String LOGIN_HINT_PARAM = "login_hint";
|
||||
public static final String K_IDP_HINT = "k_idp_hint";
|
||||
|
||||
private static final Logger log = Logger.getLogger(OIDCLoginProtocol.class);
|
||||
|
||||
|
|
|
@ -5,6 +5,7 @@ import org.jboss.resteasy.specimpl.MultivaluedMapImpl;
|
|||
import org.jboss.resteasy.spi.HttpRequest;
|
||||
import org.keycloak.ClientConnection;
|
||||
import org.keycloak.OAuth2Constants;
|
||||
import org.keycloak.constants.AdapterConstants;
|
||||
import org.keycloak.events.Details;
|
||||
import org.keycloak.events.Errors;
|
||||
import org.keycloak.events.EventBuilder;
|
||||
|
@ -132,7 +133,7 @@ public class AuthorizationEndpoint {
|
|||
scope = params.getFirst(OIDCLoginProtocol.SCOPE_PARAM);
|
||||
loginHint = params.getFirst(OIDCLoginProtocol.LOGIN_HINT_PARAM);
|
||||
prompt = params.getFirst(OIDCLoginProtocol.REDIRECT_URI_PARAM);
|
||||
idpHint = params.getFirst(OIDCLoginProtocol.K_IDP_HINT);
|
||||
idpHint = params.getFirst(AdapterConstants.KC_IDP_HINT);
|
||||
|
||||
checkSsl();
|
||||
checkRealm();
|
||||
|
@ -227,7 +228,7 @@ public class AuthorizationEndpoint {
|
|||
if (scope != null) clientSession.setNote(OIDCLoginProtocol.SCOPE_PARAM, scope);
|
||||
if (loginHint != null) clientSession.setNote(OIDCLoginProtocol.LOGIN_HINT_PARAM, loginHint);
|
||||
if (prompt != null) clientSession.setNote(OIDCLoginProtocol.PROMPT_PARAM, prompt);
|
||||
if (idpHint != null) clientSession.setNote(OIDCLoginProtocol.K_IDP_HINT, idpHint);
|
||||
if (idpHint != null) clientSession.setNote(AdapterConstants.KC_IDP_HINT, idpHint);
|
||||
}
|
||||
|
||||
private Response buildAuthorizationCodeAuthorizationResponse() {
|
||||
|
|
|
@ -54,7 +54,7 @@ public class IdentityProviderHintTest {
|
|||
|
||||
@Test
|
||||
public void testSuccessfulRedirect() {
|
||||
this.driver.navigate().to("http://localhost:8081/test-app?k_idp_hint=kc-oidc-idp");
|
||||
this.driver.navigate().to("http://localhost:8081/test-app?kc_idp_hint=kc-oidc-idp");
|
||||
|
||||
assertTrue(this.driver.getCurrentUrl().startsWith("http://localhost:8082/auth/"));
|
||||
|
||||
|
@ -72,7 +72,7 @@ public class IdentityProviderHintTest {
|
|||
|
||||
@Test
|
||||
public void testInvalidIdentityProviderHint() {
|
||||
this.driver.navigate().to("http://localhost:8081/test-app?k_idp_hint=invalid-idp-id");
|
||||
this.driver.navigate().to("http://localhost:8081/test-app?kc_idp_hint=invalid-idp-id");
|
||||
|
||||
assertTrue(this.driver.getCurrentUrl().startsWith("http://localhost:8081/auth/realms/realm-with-broker/protocol/openid-connect/auth"));
|
||||
|
||||
|
|
Loading…
Reference in a new issue