libre.sh/keycloak-scim
3
0
Fork 0
Code Issues 15 Pull requests Releases Packages Activity Actions

Cleanup. Support to use-hostname-for-local-requests added to Demo examples

Browse source
This commit is contained in:
mposolda 2014-09-30 17:37:17 +02:00
parent 18fe808ce0
commit 80a9a8984a
14 changed files with 97 additions and 53 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

4
core/src/main/java/org/keycloak/enums/RelativeUrlsUsed.java
View file

@ -21,14 +21,14 @@ public enum RelativeUrlsUsed {
*/
NEVER;
public boolean useRelative(boolean browserReq) {
public boolean useRelative(boolean isBrowserReq) {
switch (this) {
case ALL_REQUESTS:
return true;
case NEVER:
return false;
case BROWSER_ONLY:
return browserReq;
return isBrowserReq;
default:
return true;
}

16
core/src/main/java/org/keycloak/util/UriUtils.java
View file

@ -18,22 +18,6 @@ public class UriUtils {
return u.substring(0, u.indexOf('/', 8));
}
/**
* Get origin based on current hostname
*
* @param scheme
* @param port
* @return Address like "http://myHost:8080"
*/
public static String getLocalOrigin(String scheme, Integer port) {
String hostname = getHostName();
StringBuilder sb = new StringBuilder(scheme + "://" + hostname);
if (port != null && port != -1) {
sb.append(":").append(port);
}
return sb.toString();
}
public static String getHostName() {
try {
return InetAddress.getLocalHost().getHostName();

9
examples/demo-template/admin-access-app/src/main/java/org/keycloak/example/AdminClient.java
View file

@ -15,6 +15,7 @@ import org.keycloak.representations.AccessTokenResponse;
import org.keycloak.representations.idm.RoleRepresentation;
import org.keycloak.util.JsonSerialization;
import org.keycloak.util.KeycloakUriBuilder;
import org.keycloak.util.UriUtils;
import javax.servlet.http.HttpServletRequest;
import java.io.ByteArrayOutputStream;
@ -158,8 +159,12 @@ public class AdminClient {
}
public static String getBaseUrl(HttpServletRequest request) {
String url = request.getRequestURL().toString();
return url.substring(0, url.indexOf('/', 8));
String useHostname = request.getServletContext().getInitParameter("useHostname");
if (useHostname != null && "true".equalsIgnoreCase(useHostname)) {
return "http://" + UriUtils.getHostName() + ":8080";
} else {
return UriUtils.getOrigin(request.getRequestURL().toString());
}
}
}

5
examples/demo-template/admin-access-app/src/main/webapp/WEB-INF/web.xml
View file

@ -6,4 +6,9 @@
<module-name>admin-access</module-name>
<context-param>
<param-name>useHostname</param-name>
<param-value>false</param-value>
</context-param>
</web-app>

3
examples/demo-template/customer-app/src/main/java/org/keycloak/example/AdminClient.java
View file

@ -5,6 +5,7 @@ import org.apache.http.HttpResponse;
import org.apache.http.client.HttpClient;
import org.apache.http.client.methods.HttpGet;
import org.keycloak.KeycloakSecurityContext;
import org.keycloak.adapters.AdapterUtils;
import org.keycloak.adapters.HttpClientBuilder;
import org.keycloak.representations.idm.RoleRepresentation;
import org.keycloak.util.JsonSerialization;
@ -42,7 +43,7 @@ public class AdminClient {
HttpClient client = new HttpClientBuilder()
.disableTrustManager().build();
try {
HttpGet get = new HttpGet(CustomerDatabaseClient.getBaseUrl(req, session) + "/auth/admin/realms/demo/roles");
HttpGet get = new HttpGet(AdapterUtils.getBaseUrl(req.getRequestURL().toString(), session) + "/auth/admin/realms/demo/roles");
get.addHeader("Authorization", "Bearer " + session.getTokenString());
try {
HttpResponse response = client.execute(get);

29
examples/demo-template/customer-app/src/main/java/org/keycloak/example/CustomerDatabaseClient.java
View file

@ -5,6 +5,7 @@ import org.apache.http.HttpResponse;
import org.apache.http.client.HttpClient;
import org.apache.http.client.methods.HttpGet;
import org.keycloak.KeycloakSecurityContext;
import org.keycloak.adapters.AdapterUtils;
import org.keycloak.adapters.HttpClientBuilder;
import org.keycloak.adapters.KeycloakDeployment;
import org.keycloak.adapters.RefreshableKeycloakSecurityContext;
@ -14,6 +15,8 @@ import org.keycloak.util.JsonSerialization;
import org.keycloak.util.UriUtils;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpSession;
import java.io.IOException;
import java.io.InputStream;
import java.util.ArrayList;
@ -52,7 +55,7 @@ public class CustomerDatabaseClient {
HttpClient client = new HttpClientBuilder()
.disableTrustManager().build();
try {
HttpGet get = new HttpGet(getBaseUrl(req, session) + "/database/customers");
HttpGet get = new HttpGet(AdapterUtils.getBaseUrl(req.getRequestURL().toString(), session) + "/database/customers");
get.addHeader("Authorization", "Bearer " + session.getTokenString());
try {
HttpResponse response = client.execute(get);
@ -74,23 +77,11 @@ public class CustomerDatabaseClient {
}
}
public static String getBaseUrl(HttpServletRequest request, KeycloakSecurityContext session) {
if (session instanceof RefreshableKeycloakSecurityContext) {
KeycloakDeployment deployment = ((RefreshableKeycloakSecurityContext)session).getDeployment();
switch (deployment.getRelativeUrls()) {
case ALL_REQUESTS:
// Resolve baseURI from the request
return UriUtils.getOrigin(request.getRequestURL().toString());
case BROWSER_ONLY:
// Resolve baseURI from the codeURL (This is already non-relative and based on our hostname)
return UriUtils.getOrigin(deployment.getCodeUrl());
case NEVER:
return "";
default:
return "";
}
} else {
return UriUtils.getOrigin(request.getRequestURL().toString());
}
public static String increaseAndGetCounter(HttpServletRequest req) {
HttpSession session = req.getSession();
Integer counter = (Integer)session.getAttribute("counter");
counter = (counter == null) ? 1 : counter + 1;
session.setAttribute("counter", counter);
return String.valueOf(counter);
}
}

17
examples/demo-template/customer-app/src/main/webapp/customers/session.jsp Normal file
View file

@ -0,0 +1,17 @@
<%@ page language="java" contentType="text/html; charset=ISO-8859-1"
pageEncoding="ISO-8859-1" %>
<%@ page import="org.keycloak.ServiceUrlConstants" %>
<%@ page import="org.keycloak.example.CustomerDatabaseClient" %>
<%@ page import="org.keycloak.representations.IDToken" %>
<%@ page import="org.keycloak.util.UriUtils" %>
<html>
<head>
<title>Customer Session Page</title>
</head>
<body bgcolor="#E3F6CE">
<p>Your hostname: <%= UriUtils.getHostName() %></p>
<p>Your session ID: <%= request.getSession().getId() %></p>
<p>You visited this page <b><%= CustomerDatabaseClient.increaseAndGetCounter(request) %></b> times.</p>
<br><br>
</body>
</html>

3
examples/demo-template/customer-app/src/main/webapp/index.html
View file

@ -11,5 +11,8 @@
<p><a href="admin/admin.jsp">Customer Admin Interface</a></p>
<p><a href="customers/session.jsp">Customer Session</a></p>
</body>
</html>

8
examples/demo-template/product-app/src/main/java/org/keycloak/example/oauth/ProductDatabaseClient.java
View file

@ -5,6 +5,7 @@ import org.apache.http.HttpResponse;
import org.apache.http.client.HttpClient;
import org.apache.http.client.methods.HttpGet;
import org.keycloak.KeycloakSecurityContext;
import org.keycloak.adapters.AdapterUtils;
import org.keycloak.adapters.HttpClientBuilder;
import org.keycloak.util.JsonSerialization;
@ -39,7 +40,7 @@ public class ProductDatabaseClient
HttpClient client = new HttpClientBuilder()
.disableTrustManager().build();
try {
HttpGet get = new HttpGet(getBaseUrl(req) + "/database/products");
HttpGet get = new HttpGet(AdapterUtils.getBaseUrl(req.getRequestURL().toString(), session) + "/database/products");
get.addHeader("Authorization", "Bearer " + session.getTokenString());
try {
HttpResponse response = client.execute(get);
@ -61,9 +62,4 @@ public class ProductDatabaseClient
}
}
public static String getBaseUrl(HttpServletRequest request) {
String url = request.getRequestURL().toString();
return url.substring(0, url.indexOf('/', 8));
}
}

3
examples/demo-template/product-app/src/main/webapp/WEB-INF/keycloak.json
View file

@ -6,5 +6,6 @@
"ssl-required" : "external",
"credentials" : {
"secret": "password"
}
},
"use-hostname-for-local-requests": false
}

16
examples/demo-template/third-party-cdi/src/main/java/org/keycloak/example/oauth/DatabaseClient.java
View file

@ -7,6 +7,7 @@ import org.apache.http.client.methods.HttpGet;
import org.jboss.logging.Logger;
import org.keycloak.servlet.ServletOAuthClient;
import org.keycloak.util.JsonSerialization;
import org.keycloak.util.UriUtils;
import javax.enterprise.context.ApplicationScoped;
import javax.faces.application.FacesMessage;
@ -102,9 +103,18 @@ public class DatabaseClient {
}
public String getBaseUrl() {
String url = request.getRequestURL().toString();
return url.substring(0, url.indexOf('/', 8));
switch (oauthClient.getRelativeUrlsUsed()) {
case ALL_REQUESTS:
// Resolve baseURI from the request
return UriUtils.getOrigin(request.getRequestURL().toString());
case BROWSER_ONLY:
// Resolve baseURI from the codeURL (This is already non-relative and based on our hostname)
return UriUtils.getOrigin(oauthClient.getCodeUrl());
case NEVER:
return "";
default:
return "";
}
}
}

3
examples/demo-template/third-party-cdi/src/main/webapp/WEB-INF/keycloak.json
View file

@ -5,5 +5,6 @@
"ssl-required" : "external",
"credentials" : {
"secret": "password"
}
},
"use-hostname-for-local-requests": false
}

30
integration/adapter-core/src/main/java/org/keycloak/adapters/AdapterUtils.java Normal file
View file

@ -0,0 +1,30 @@
package org.keycloak.adapters;
import org.keycloak.KeycloakSecurityContext;
import org.keycloak.util.UriUtils;
/**
* @author <a href="mailto:mposolda@redhat.com">Marek Posolda</a>
*/
public class AdapterUtils {
public static String getBaseUrl(String browserRequestURL, KeycloakSecurityContext session) {
if (session instanceof RefreshableKeycloakSecurityContext) {
KeycloakDeployment deployment = ((RefreshableKeycloakSecurityContext)session).getDeployment();
switch (deployment.getRelativeUrls()) {
case ALL_REQUESTS:
// Resolve baseURI from the request
return UriUtils.getOrigin(browserRequestURL);
case BROWSER_ONLY:
// Resolve baseURI from the codeURL (This is already non-relative and based on our hostname)
return UriUtils.getOrigin(deployment.getCodeUrl());
case NEVER:
return "";
default:
return "";
}
} else {
return UriUtils.getOrigin(browserRequestURL);
}
}
}

4
integration/servlet-oauth-client/src/main/java/org/keycloak/servlet/ServletOAuthClient.java
View file

@ -8,6 +8,7 @@ import org.keycloak.jose.jws.JWSInput;
import org.keycloak.representations.AccessTokenResponse;
import org.keycloak.representations.IDToken;
import org.keycloak.util.KeycloakUriBuilder;
import org.keycloak.util.UriUtils;
import javax.servlet.http.Cookie;
import javax.servlet.http.HttpServletRequest;
@ -161,8 +162,7 @@ public class ServletOAuthClient extends AbstractOAuthClient {
private String getUrl(HttpServletRequest request, String url, boolean isBrowserRequest) {
if (relativeUrlsUsed.useRelative(isBrowserRequest)) {
String baseUrl = request.getRequestURL().toString();
baseUrl = baseUrl.substring(0, baseUrl.indexOf('/', 8));
String baseUrl = UriUtils.getOrigin(request.getRequestURL().toString());
return baseUrl + url;
} else {
return url;