Cleanup. Support to use-hostname-for-local-requests added to Demo examples

core/src/main/java/org/keycloak/enums/RelativeUrlsUsed.java

@@ -21,14 +21,14 @@ public enum RelativeUrlsUsed {
      */
     NEVER;
 
-    public boolean useRelative(boolean browserReq) {
+    public boolean useRelative(boolean isBrowserReq) {
         switch (this) {
             case ALL_REQUESTS:
                 return true;
             case NEVER:
                 return false;
             case BROWSER_ONLY:
-                return browserReq;
+                return isBrowserReq;
             default:
                 return true;
         }

core/src/main/java/org/keycloak/util/UriUtils.java

@@ -18,22 +18,6 @@ public class UriUtils {
         return u.substring(0, u.indexOf('/', 8));
     }
 
-    /**
-     * Get origin based on current hostname
-     *
-     * @param scheme
-     * @param port
-     * @return Address like "http://myHost:8080"
-     */
-    public static String getLocalOrigin(String scheme, Integer port) {
-        String hostname = getHostName();
-        StringBuilder sb = new StringBuilder(scheme + "://" + hostname);
-        if (port != null && port != -1) {
-            sb.append(":").append(port);
-        }
-        return sb.toString();
-    }
-
     public static String getHostName() {
         try {
             return InetAddress.getLocalHost().getHostName();

examples/demo-template/admin-access-app/src/main/java/org/keycloak/example/AdminClient.java

@@ -15,6 +15,7 @@ import org.keycloak.representations.AccessTokenResponse;
 import org.keycloak.representations.idm.RoleRepresentation;
 import org.keycloak.util.JsonSerialization;
 import org.keycloak.util.KeycloakUriBuilder;
+import org.keycloak.util.UriUtils;
 
 import javax.servlet.http.HttpServletRequest;
 import java.io.ByteArrayOutputStream;
@@ -158,8 +159,12 @@ public class AdminClient {
     }
 
     public static String getBaseUrl(HttpServletRequest request) {
-        String url = request.getRequestURL().toString();
+        String useHostname = request.getServletContext().getInitParameter("useHostname");
-        return url.substring(0, url.indexOf('/', 8));
+        if (useHostname != null && "true".equalsIgnoreCase(useHostname)) {
+            return "http://" + UriUtils.getHostName() + ":8080";
+        } else {
+            return UriUtils.getOrigin(request.getRequestURL().toString());
+        }
     }
 
 }

examples/demo-template/admin-access-app/src/main/webapp/WEB-INF/web.xml

@@ -6,4 +6,9 @@
 
     <module-name>admin-access</module-name>
 
+    <context-param>
+        <param-name>useHostname</param-name>
+        <param-value>false</param-value>
+    </context-param>
+
 </web-app>

examples/demo-template/customer-app/src/main/java/org/keycloak/example/AdminClient.java

@@ -5,6 +5,7 @@ import org.apache.http.HttpResponse;
 import org.apache.http.client.HttpClient;
 import org.apache.http.client.methods.HttpGet;
 import org.keycloak.KeycloakSecurityContext;
+import org.keycloak.adapters.AdapterUtils;
 import org.keycloak.adapters.HttpClientBuilder;
 import org.keycloak.representations.idm.RoleRepresentation;
 import org.keycloak.util.JsonSerialization;
@@ -42,7 +43,7 @@ public class AdminClient {
         HttpClient client = new HttpClientBuilder()
                 .disableTrustManager().build();
         try {
-            HttpGet get = new HttpGet(CustomerDatabaseClient.getBaseUrl(req, session) + "/auth/admin/realms/demo/roles");
+            HttpGet get = new HttpGet(AdapterUtils.getBaseUrl(req.getRequestURL().toString(), session) + "/auth/admin/realms/demo/roles");
             get.addHeader("Authorization", "Bearer " + session.getTokenString());
             try {
                 HttpResponse response = client.execute(get);

examples/demo-template/customer-app/src/main/java/org/keycloak/example/CustomerDatabaseClient.java

@@ -5,6 +5,7 @@ import org.apache.http.HttpResponse;
 import org.apache.http.client.HttpClient;
 import org.apache.http.client.methods.HttpGet;
 import org.keycloak.KeycloakSecurityContext;
+import org.keycloak.adapters.AdapterUtils;
 import org.keycloak.adapters.HttpClientBuilder;
 import org.keycloak.adapters.KeycloakDeployment;
 import org.keycloak.adapters.RefreshableKeycloakSecurityContext;
@@ -14,6 +15,8 @@ import org.keycloak.util.JsonSerialization;
 import org.keycloak.util.UriUtils;
 
 import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpSession;
+
 import java.io.IOException;
 import java.io.InputStream;
 import java.util.ArrayList;
@@ -52,7 +55,7 @@ public class CustomerDatabaseClient {
         HttpClient client = new HttpClientBuilder()
                 .disableTrustManager().build();
         try {
-            HttpGet get = new HttpGet(getBaseUrl(req, session) + "/database/customers");
+            HttpGet get = new HttpGet(AdapterUtils.getBaseUrl(req.getRequestURL().toString(), session) + "/database/customers");
             get.addHeader("Authorization", "Bearer " + session.getTokenString());
             try {
                 HttpResponse response = client.execute(get);
@@ -74,23 +77,11 @@ public class CustomerDatabaseClient {
         }
     }
 
-    public static String getBaseUrl(HttpServletRequest request, KeycloakSecurityContext session) {
+    public static String increaseAndGetCounter(HttpServletRequest req) {
-        if (session instanceof RefreshableKeycloakSecurityContext) {
+        HttpSession session = req.getSession();
-            KeycloakDeployment deployment = ((RefreshableKeycloakSecurityContext)session).getDeployment();
+        Integer counter = (Integer)session.getAttribute("counter");
-            switch (deployment.getRelativeUrls()) {
+        counter = (counter == null) ? 1 : counter + 1;
-                case ALL_REQUESTS:
+        session.setAttribute("counter", counter);
-                    // Resolve baseURI from the request
+        return String.valueOf(counter);
-                    return UriUtils.getOrigin(request.getRequestURL().toString());
-                case BROWSER_ONLY:
-                    // Resolve baseURI from the codeURL (This is already non-relative and based on our hostname)
-                    return UriUtils.getOrigin(deployment.getCodeUrl());
-                case NEVER:
-                    return "";
-                default:
-                    return "";
-            }
-        } else {
-            return UriUtils.getOrigin(request.getRequestURL().toString());
-        }
     }
 }

examples/demo-template/customer-app/src/main/webapp/customers/session.jsp

@@ -0,0 +1,17 @@
+<%@ page language="java" contentType="text/html; charset=ISO-8859-1"
+         pageEncoding="ISO-8859-1" %>
+<%@ page import="org.keycloak.ServiceUrlConstants" %>
+<%@ page import="org.keycloak.example.CustomerDatabaseClient" %>
+<%@ page import="org.keycloak.representations.IDToken" %>
+<%@ page import="org.keycloak.util.UriUtils" %>
+<html>
+  <head>
+    <title>Customer Session Page</title>
+  </head>
+  <body bgcolor="#E3F6CE">
+    <p>Your hostname: <%= UriUtils.getHostName() %></p>
+    <p>Your session ID: <%= request.getSession().getId() %></p>
+    <p>You visited this page <b><%= CustomerDatabaseClient.increaseAndGetCounter(request) %></b> times.</p>
+    <br><br>
+  </body>
+</html>

examples/demo-template/customer-app/src/main/webapp/index.html

@@ -11,5 +11,8 @@
 
 <p><a href="admin/admin.jsp">Customer Admin Interface</a></p>
 
+<p><a href="customers/session.jsp">Customer Session</a></p>
+
+
 </body>
 </html>

examples/demo-template/product-app/src/main/java/org/keycloak/example/oauth/ProductDatabaseClient.java

@@ -5,6 +5,7 @@ import org.apache.http.HttpResponse;
 import org.apache.http.client.HttpClient;
 import org.apache.http.client.methods.HttpGet;
 import org.keycloak.KeycloakSecurityContext;
+import org.keycloak.adapters.AdapterUtils;
 import org.keycloak.adapters.HttpClientBuilder;
 import org.keycloak.util.JsonSerialization;
 
@@ -39,7 +40,7 @@ public class ProductDatabaseClient
         HttpClient client = new HttpClientBuilder()
                 .disableTrustManager().build();
         try {
-            HttpGet get = new HttpGet(getBaseUrl(req) + "/database/products");
+            HttpGet get = new HttpGet(AdapterUtils.getBaseUrl(req.getRequestURL().toString(), session) + "/database/products");
             get.addHeader("Authorization", "Bearer " + session.getTokenString());
             try {
                 HttpResponse response = client.execute(get);
@@ -61,9 +62,4 @@ public class ProductDatabaseClient
         }
     }
 
-    public static String getBaseUrl(HttpServletRequest request) {
-        String url = request.getRequestURL().toString();
-        return url.substring(0, url.indexOf('/', 8));
-    }
-
 }

examples/demo-template/product-app/src/main/webapp/WEB-INF/keycloak.json

@@ -6,5 +6,6 @@
   "ssl-required" : "external",
   "credentials" : {
       "secret": "password"
-   }
+  },
+  "use-hostname-for-local-requests": false
 }

examples/demo-template/third-party-cdi/src/main/java/org/keycloak/example/oauth/DatabaseClient.java

@@ -7,6 +7,7 @@ import org.apache.http.client.methods.HttpGet;
 import org.jboss.logging.Logger;
 import org.keycloak.servlet.ServletOAuthClient;
 import org.keycloak.util.JsonSerialization;
+import org.keycloak.util.UriUtils;
 
 import javax.enterprise.context.ApplicationScoped;
 import javax.faces.application.FacesMessage;
@@ -102,9 +103,18 @@ public class DatabaseClient {
     }
 
     public String getBaseUrl() {
-        String url = request.getRequestURL().toString();
+        switch (oauthClient.getRelativeUrlsUsed()) {
-        return url.substring(0, url.indexOf('/', 8));
+            case ALL_REQUESTS:
+                // Resolve baseURI from the request
+                return UriUtils.getOrigin(request.getRequestURL().toString());
+            case BROWSER_ONLY:
+                // Resolve baseURI from the codeURL (This is already non-relative and based on our hostname)
+                return UriUtils.getOrigin(oauthClient.getCodeUrl());
+            case NEVER:
+                return "";
+            default:
+                return "";
+        }
     }
 
-
 }

examples/demo-template/third-party-cdi/src/main/webapp/WEB-INF/keycloak.json

@@ -5,5 +5,6 @@
   "ssl-required" : "external",
    "credentials" : {
        "secret": "password"
-   }
+   },
+   "use-hostname-for-local-requests": false
 }

integration/adapter-core/src/main/java/org/keycloak/adapters/AdapterUtils.java

@@ -0,0 +1,30 @@
+package org.keycloak.adapters;
+
+import org.keycloak.KeycloakSecurityContext;
+import org.keycloak.util.UriUtils;
+
+/**
+ * @author <a href="mailto:mposolda@redhat.com">Marek Posolda</a>
+ */
+public class AdapterUtils {
+
+    public static String getBaseUrl(String browserRequestURL, KeycloakSecurityContext session) {
+        if (session instanceof RefreshableKeycloakSecurityContext) {
+            KeycloakDeployment deployment = ((RefreshableKeycloakSecurityContext)session).getDeployment();
+            switch (deployment.getRelativeUrls()) {
+                case ALL_REQUESTS:
+                    // Resolve baseURI from the request
+                    return UriUtils.getOrigin(browserRequestURL);
+                case BROWSER_ONLY:
+                    // Resolve baseURI from the codeURL (This is already non-relative and based on our hostname)
+                    return UriUtils.getOrigin(deployment.getCodeUrl());
+                case NEVER:
+                    return "";
+                default:
+                    return "";
+            }
+        } else {
+            return UriUtils.getOrigin(browserRequestURL);
+        }
+    }
+}

integration/servlet-oauth-client/src/main/java/org/keycloak/servlet/ServletOAuthClient.java

@@ -8,6 +8,7 @@ import org.keycloak.jose.jws.JWSInput;
 import org.keycloak.representations.AccessTokenResponse;
 import org.keycloak.representations.IDToken;
 import org.keycloak.util.KeycloakUriBuilder;
+import org.keycloak.util.UriUtils;
 
 import javax.servlet.http.Cookie;
 import javax.servlet.http.HttpServletRequest;
@@ -161,8 +162,7 @@ public class ServletOAuthClient extends AbstractOAuthClient {
 
     private String getUrl(HttpServletRequest request, String url, boolean isBrowserRequest) {
         if (relativeUrlsUsed.useRelative(isBrowserRequest)) {
-            String baseUrl = request.getRequestURL().toString();
+            String baseUrl = UriUtils.getOrigin(request.getRequestURL().toString());
-            baseUrl = baseUrl.substring(0, baseUrl.indexOf('/', 8));
             return baseUrl + url;
         } else {
             return url;