Merge pull request #676 from stianst/master
Fixes to admin console random logout
This commit is contained in:
commit
839069ca15
8 changed files with 7 additions and 350 deletions
|
@ -17,8 +17,6 @@
|
||||||
<script src="lib/angular/angular-route.js"></script>
|
<script src="lib/angular/angular-route.js"></script>
|
||||||
<script src="lib/angular/ui-bootstrap-tpls-0.11.0.js"></script>
|
<script src="lib/angular/ui-bootstrap-tpls-0.11.0.js"></script>
|
||||||
|
|
||||||
<script src="lib/jquery/jquery.idletimer.js" type="text/javascript"></script>
|
|
||||||
<script src="lib/jquery/jquery.idletimeout.js" type="text/javascript"></script>
|
|
||||||
<script src="lib/angular/select2.js" type="text/javascript"></script>
|
<script src="lib/angular/select2.js" type="text/javascript"></script>
|
||||||
<script src="lib/fileupload/angular-file-upload.min.js"></script>
|
<script src="lib/fileupload/angular-file-upload.min.js"></script>
|
||||||
<script src="lib/filesaver/FileSaver.js"></script>
|
<script src="lib/filesaver/FileSaver.js"></script>
|
||||||
|
@ -75,28 +73,5 @@
|
||||||
</div>
|
</div>
|
||||||
</div>
|
</div>
|
||||||
|
|
||||||
<script type="text/javascript">
|
|
||||||
$.idleTimeout('#idletimeout', '#idletimeout a', {
|
|
||||||
idleAfter: 300,
|
|
||||||
pollingInterval: 60,
|
|
||||||
// keepAliveURL: authUrl + '/admin/keepalive', would need to change this path
|
|
||||||
serverResponseEquals: '',
|
|
||||||
failedRequests: 1,
|
|
||||||
onTimeout: function(){
|
|
||||||
$(this).slideUp();
|
|
||||||
logout();
|
|
||||||
},
|
|
||||||
onIdle: function(){
|
|
||||||
$(this).slideDown(); // show the warning bar
|
|
||||||
},
|
|
||||||
onCountdown: function( counter ){
|
|
||||||
$(this).find("span").html( counter ); // update the counter
|
|
||||||
},
|
|
||||||
onResume: function(){
|
|
||||||
$(this).slideUp(); // hide the warning bar
|
|
||||||
}
|
|
||||||
});
|
|
||||||
</script>
|
|
||||||
|
|
||||||
</body>
|
</body>
|
||||||
</html>
|
</html>
|
||||||
|
|
|
@ -4,17 +4,9 @@ var consoleBaseUrl = window.location.href;
|
||||||
consoleBaseUrl = consoleBaseUrl.substring(0, consoleBaseUrl.indexOf("/console"));
|
consoleBaseUrl = consoleBaseUrl.substring(0, consoleBaseUrl.indexOf("/console"));
|
||||||
consoleBaseUrl = consoleBaseUrl + "/console";
|
consoleBaseUrl = consoleBaseUrl + "/console";
|
||||||
var configUrl = consoleBaseUrl + "/config";
|
var configUrl = consoleBaseUrl + "/config";
|
||||||
var logoutUrl = consoleBaseUrl + "/logout";
|
|
||||||
var auth = {};
|
var auth = {};
|
||||||
var logout = function(){
|
var authUrl = window.location.href.substring(0, window.location.href.indexOf('/admin/'));
|
||||||
console.log('*** LOGOUT');
|
|
||||||
window.location = logoutUrl;
|
|
||||||
};
|
|
||||||
|
|
||||||
|
|
||||||
var authUrl = window.location.href;
|
|
||||||
authUrl = authUrl.substring(0, authUrl.indexOf('/admin/'));
|
|
||||||
|
|
||||||
|
|
||||||
var module = angular.module('keycloak', [ 'keycloak.services', 'keycloak.loaders', 'ui.bootstrap', 'ui.select2', 'angularFileUpload' ]);
|
var module = angular.module('keycloak', [ 'keycloak.services', 'keycloak.loaders', 'ui.bootstrap', 'ui.select2', 'angularFileUpload' ]);
|
||||||
var resourceRequests = 0;
|
var resourceRequests = 0;
|
||||||
|
@ -803,14 +795,13 @@ module.config(function($httpProvider) {
|
||||||
|
|
||||||
});
|
});
|
||||||
|
|
||||||
module.factory('errorInterceptor', function($q, $window, $rootScope, $location,Notifications) {
|
module.factory('errorInterceptor', function($q, $window, $rootScope, $location, Notifications, Auth) {
|
||||||
return function(promise) {
|
return function(promise) {
|
||||||
return promise.then(function(response) {
|
return promise.then(function(response) {
|
||||||
return response;
|
return response;
|
||||||
}, function(response) {
|
}, function(response) {
|
||||||
if (response.status == 401) {
|
if (response.status == 401) {
|
||||||
console.log('session timeout?');
|
Auth.authz.logout();
|
||||||
logout();
|
|
||||||
} else if (response.status == 403) {
|
} else if (response.status == 403) {
|
||||||
Notifications.error("Forbidden");
|
Notifications.error("Forbidden");
|
||||||
} else if (response.status == 404) {
|
} else if (response.status == 404) {
|
||||||
|
|
|
@ -4,8 +4,6 @@ module.controller('GlobalCtrl', function($scope, $http, Auth, WhoAmI, Current, $
|
||||||
};
|
};
|
||||||
|
|
||||||
$scope.authUrl = authUrl;
|
$scope.authUrl = authUrl;
|
||||||
$scope.logout = logout;
|
|
||||||
|
|
||||||
$scope.auth = Auth;
|
$scope.auth = Auth;
|
||||||
|
|
||||||
WhoAmI.get(function (data) {
|
WhoAmI.get(function (data) {
|
||||||
|
|
|
@ -20,7 +20,7 @@
|
||||||
</a>
|
</a>
|
||||||
<ul class="dropdown-menu">
|
<ul class="dropdown-menu">
|
||||||
<li><a href="{{authUrl}}/realms/{{auth.user.realm}}/account?referrer=security-admin-console">Manage Account</a></li>
|
<li><a href="{{authUrl}}/realms/{{auth.user.realm}}/account?referrer=security-admin-console">Manage Account</a></li>
|
||||||
<li class="separator"><a href="" ng-click="logout()">Sign Out</a></li>
|
<li class="separator"><a href="" ng-click="auth.authz.logout()">Sign Out</a></li>
|
||||||
</ul>
|
</ul>
|
||||||
</li>
|
</li>
|
||||||
</ul>
|
</ul>
|
||||||
|
|
|
@ -1,185 +0,0 @@
|
||||||
/*
|
|
||||||
* jQuery Idle Timeout 1.1
|
|
||||||
* Copyright (c) 2011 Eric Hynds
|
|
||||||
*
|
|
||||||
* http://www.erichynds.com/jquery/a-new-and-improved-jquery-idle-timeout-plugin/
|
|
||||||
*
|
|
||||||
* Depends:
|
|
||||||
* - jQuery 1.4.2+
|
|
||||||
* - jQuery Idle Timer (by Paul Irish, http://paulirish.com/2009/jquery-idletimer-plugin/)
|
|
||||||
*
|
|
||||||
* Dual licensed under the MIT and GPL licenses:
|
|
||||||
* http://www.opensource.org/licenses/mit-license.php
|
|
||||||
* http://www.gnu.org/licenses/gpl.html
|
|
||||||
*
|
|
||||||
*/
|
|
||||||
|
|
||||||
(function($, win){
|
|
||||||
|
|
||||||
var idleTimeout = {
|
|
||||||
init: function( element, resume, options ){
|
|
||||||
var self = this, elem;
|
|
||||||
|
|
||||||
this.warning = elem = $(element);
|
|
||||||
this.resume = $(resume);
|
|
||||||
this.options = options;
|
|
||||||
this.countdownOpen = false;
|
|
||||||
this.failedRequests = options.failedRequests;
|
|
||||||
this._startTimer();
|
|
||||||
|
|
||||||
// expose obj to data cache so peeps can call internal methods
|
|
||||||
$.data( elem[0], 'idletimout', this );
|
|
||||||
|
|
||||||
// start the idle timer
|
|
||||||
$.idleTimer(options.idleAfter * 1000);
|
|
||||||
|
|
||||||
// once the user becomes idle
|
|
||||||
$(document).bind("idle.idleTimer", function(){
|
|
||||||
|
|
||||||
// if the user is idle and a countdown isn't already running
|
|
||||||
if( $.data(document, 'idleTimer') === 'idle' && !self.countdownOpen ){
|
|
||||||
self._stopTimer();
|
|
||||||
self.countdownOpen = true;
|
|
||||||
self._idle();
|
|
||||||
}
|
|
||||||
});
|
|
||||||
|
|
||||||
// bind continue link
|
|
||||||
this.resume.bind("click", function(e){
|
|
||||||
e.preventDefault();
|
|
||||||
|
|
||||||
win.clearInterval(self.countdown); // stop the countdown
|
|
||||||
self.countdownOpen = false; // stop countdown
|
|
||||||
self._startTimer(); // start up the timer again
|
|
||||||
self._keepAlive( false ); // ping server
|
|
||||||
options.onResume.call( self.warning ); // call the resume callback
|
|
||||||
});
|
|
||||||
},
|
|
||||||
|
|
||||||
_idle: function(){
|
|
||||||
var self = this,
|
|
||||||
options = this.options,
|
|
||||||
warning = this.warning[0],
|
|
||||||
counter = options.warningLength;
|
|
||||||
|
|
||||||
// fire the onIdle function
|
|
||||||
options.onIdle.call(warning);
|
|
||||||
|
|
||||||
// set inital value in the countdown placeholder
|
|
||||||
options.onCountdown.call(warning, counter);
|
|
||||||
|
|
||||||
// create a timer that runs every second
|
|
||||||
this.countdown = win.setInterval(function(){
|
|
||||||
if(--counter === 0){
|
|
||||||
window.clearInterval(self.countdown);
|
|
||||||
options.onTimeout.call(warning);
|
|
||||||
} else {
|
|
||||||
options.onCountdown.call(warning, counter);
|
|
||||||
}
|
|
||||||
}, 1000);
|
|
||||||
},
|
|
||||||
|
|
||||||
_startTimer: function(){
|
|
||||||
var self = this;
|
|
||||||
|
|
||||||
if (this.options.pollingInterval > 0) {
|
|
||||||
this.timer = win.setTimeout(function () {
|
|
||||||
self._keepAlive();
|
|
||||||
}, this.options.pollingInterval * 1000);
|
|
||||||
}
|
|
||||||
},
|
|
||||||
|
|
||||||
_stopTimer: function(){
|
|
||||||
// reset the failed requests counter
|
|
||||||
this.failedRequests = this.options.failedRequests;
|
|
||||||
win.clearTimeout(this.timer);
|
|
||||||
},
|
|
||||||
|
|
||||||
_keepAlive: function( recurse ){
|
|
||||||
var self = this,
|
|
||||||
options = this.options;
|
|
||||||
|
|
||||||
if( typeof recurse === "undefined" ){
|
|
||||||
recurse = true;
|
|
||||||
}
|
|
||||||
|
|
||||||
// if too many requests failed, abort
|
|
||||||
if( !this.failedRequests ){
|
|
||||||
console.log('aborting...');
|
|
||||||
this._stopTimer();
|
|
||||||
options.onAbort.call( this.warning[0] );
|
|
||||||
return;
|
|
||||||
}
|
|
||||||
|
|
||||||
$.ajax({
|
|
||||||
timeout: options.AJAXTimeout,
|
|
||||||
url: options.keepAliveURL,
|
|
||||||
error: function(){
|
|
||||||
console.log('failure for keepalive');
|
|
||||||
self.failedRequests--;
|
|
||||||
},
|
|
||||||
success: function(response){
|
|
||||||
console.log('success for keepalive');
|
|
||||||
/* if($.trim(response) !== options.serverResponseEquals){
|
|
||||||
self.failedRequests--;
|
|
||||||
}*/
|
|
||||||
},
|
|
||||||
complete: function(){
|
|
||||||
if( recurse ){
|
|
||||||
self._startTimer();
|
|
||||||
}
|
|
||||||
}
|
|
||||||
});
|
|
||||||
}
|
|
||||||
};
|
|
||||||
|
|
||||||
// expose
|
|
||||||
$.idleTimeout = function(element, resume, options){
|
|
||||||
idleTimeout.init( element, resume, $.extend($.idleTimeout.options, options) );
|
|
||||||
return this;
|
|
||||||
};
|
|
||||||
|
|
||||||
// options
|
|
||||||
$.idleTimeout.options = {
|
|
||||||
// number of seconds after user is idle to show the warning
|
|
||||||
warningLength: 30,
|
|
||||||
|
|
||||||
// url to call to keep the session alive while the user is active
|
|
||||||
keepAliveURL: "",
|
|
||||||
|
|
||||||
// the response from keepAliveURL must equal this text:
|
|
||||||
serverResponseEquals: "OK",
|
|
||||||
|
|
||||||
// user is considered idle after this many seconds. 10 minutes default
|
|
||||||
idleAfter: 600,
|
|
||||||
|
|
||||||
// a polling request will be sent to the server every X seconds
|
|
||||||
pollingInterval: 60,
|
|
||||||
|
|
||||||
// number of failed polling requests until we abort this script
|
|
||||||
failedRequests: 5,
|
|
||||||
|
|
||||||
// the $.ajax timeout in MILLISECONDS!
|
|
||||||
AJAXTimeout: 250,
|
|
||||||
|
|
||||||
/*
|
|
||||||
Callbacks
|
|
||||||
"this" refers to the element found by the first selector passed to $.idleTimeout.
|
|
||||||
*/
|
|
||||||
// callback to fire when the session times out
|
|
||||||
onTimeout: $.noop,
|
|
||||||
|
|
||||||
// fires when the user becomes idle
|
|
||||||
onIdle: $.noop,
|
|
||||||
|
|
||||||
// fires during each second of warningLength
|
|
||||||
onCountdown: $.noop,
|
|
||||||
|
|
||||||
// fires when the user resumes the session
|
|
||||||
onResume: $.noop,
|
|
||||||
|
|
||||||
// callback to fire when the script is aborted due to too many failed requests
|
|
||||||
onAbort: $.noop
|
|
||||||
};
|
|
||||||
|
|
||||||
})(jQuery, window);
|
|
|
@ -1,116 +0,0 @@
|
||||||
(function($){
|
|
||||||
|
|
||||||
$.idleTimer = function f(newTimeout){
|
|
||||||
|
|
||||||
//$.idleTimer.tId = -1 //timeout ID
|
|
||||||
|
|
||||||
var idle = false, //indicates if the user is idle
|
|
||||||
enabled = true, //indicates if the idle timer is enabled
|
|
||||||
timeout = 30000, //the amount of time (ms) before the user is considered idle
|
|
||||||
events = 'mousemove keydown DOMMouseScroll mousewheel mousedown', // activity is one of these events
|
|
||||||
//f.olddate = undefined, // olddate used for getElapsedTime. stored on the function
|
|
||||||
|
|
||||||
/* (intentionally not documented)
|
|
||||||
* Toggles the idle state and fires an appropriate event.
|
|
||||||
* @return {void}
|
|
||||||
*/
|
|
||||||
toggleIdleState = function(){
|
|
||||||
|
|
||||||
//toggle the state
|
|
||||||
idle = !idle;
|
|
||||||
|
|
||||||
// reset timeout counter
|
|
||||||
f.olddate = +new Date;
|
|
||||||
|
|
||||||
//fire appropriate event
|
|
||||||
$(document).trigger( $.data(document,'idleTimer', idle ? "idle" : "active" ) + '.idleTimer');
|
|
||||||
},
|
|
||||||
|
|
||||||
/**
|
|
||||||
* Stops the idle timer. This removes appropriate event handlers
|
|
||||||
* and cancels any pending timeouts.
|
|
||||||
* @return {void}
|
|
||||||
* @method stop
|
|
||||||
* @static
|
|
||||||
*/
|
|
||||||
stop = function(){
|
|
||||||
|
|
||||||
//set to disabled
|
|
||||||
enabled = false;
|
|
||||||
|
|
||||||
//clear any pending timeouts
|
|
||||||
clearTimeout($.idleTimer.tId);
|
|
||||||
|
|
||||||
//detach the event handlers
|
|
||||||
$(document).unbind('.idleTimer');
|
|
||||||
},
|
|
||||||
|
|
||||||
|
|
||||||
/* (intentionally not documented)
|
|
||||||
* Handles a user event indicating that the user isn't idle.
|
|
||||||
* @param {Event} event A DOM2-normalized event object.
|
|
||||||
* @return {void}
|
|
||||||
*/
|
|
||||||
handleUserEvent = function(){
|
|
||||||
|
|
||||||
//clear any existing timeout
|
|
||||||
clearTimeout($.idleTimer.tId);
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
//if the idle timer is enabled
|
|
||||||
if (enabled){
|
|
||||||
|
|
||||||
|
|
||||||
//if it's idle, that means the user is no longer idle
|
|
||||||
if (idle){
|
|
||||||
toggleIdleState();
|
|
||||||
}
|
|
||||||
|
|
||||||
//set a new timeout
|
|
||||||
$.idleTimer.tId = setTimeout(toggleIdleState, timeout);
|
|
||||||
|
|
||||||
}
|
|
||||||
};
|
|
||||||
|
|
||||||
|
|
||||||
/**
|
|
||||||
* Starts the idle timer. This adds appropriate event handlers
|
|
||||||
* and starts the first timeout.
|
|
||||||
* @param {int} newTimeout (Optional) A new value for the timeout period in ms.
|
|
||||||
* @return {void}
|
|
||||||
* @method $.idleTimer
|
|
||||||
* @static
|
|
||||||
*/
|
|
||||||
|
|
||||||
|
|
||||||
f.olddate = f.olddate || +new Date;
|
|
||||||
|
|
||||||
//assign a new timeout if necessary
|
|
||||||
if (typeof newTimeout == "number"){
|
|
||||||
timeout = newTimeout;
|
|
||||||
} else if (newTimeout === 'destroy') {
|
|
||||||
stop();
|
|
||||||
return this;
|
|
||||||
} else if (newTimeout === 'getElapsedTime'){
|
|
||||||
return (+new Date) - f.olddate;
|
|
||||||
}
|
|
||||||
|
|
||||||
//assign appropriate event handlers
|
|
||||||
$(document).bind($.trim((events+' ').split(' ').join('.idleTimer ')),handleUserEvent);
|
|
||||||
|
|
||||||
|
|
||||||
//set a timeout to toggle state
|
|
||||||
$.idleTimer.tId = setTimeout(toggleIdleState, timeout);
|
|
||||||
|
|
||||||
// assume the user is active for the first x seconds.
|
|
||||||
$.data(document,'idleTimer',"active");
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
}; // end of $.idleTimer()
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
})(jQuery);
|
|
|
@ -98,10 +98,7 @@ public class TokenManager {
|
||||||
accessToken.setRealmAccess(refreshToken.getRealmAccess());
|
accessToken.setRealmAccess(refreshToken.getRealmAccess());
|
||||||
accessToken.setResourceAccess(refreshToken.getResourceAccess());
|
accessToken.setResourceAccess(refreshToken.getResourceAccess());
|
||||||
|
|
||||||
// only refresh session if next token refresh will be after idle timeout
|
userSession.setLastSessionRefresh(currentTime);
|
||||||
if (currentTime + realm.getAccessTokenLifespan() > userSession.getLastSessionRefresh() + realm.getSsoSessionIdleTimeout()) {
|
|
||||||
userSession.setLastSessionRefresh(currentTime);
|
|
||||||
}
|
|
||||||
|
|
||||||
return accessToken;
|
return accessToken;
|
||||||
}
|
}
|
||||||
|
|
|
@ -241,10 +241,7 @@ public class RefreshTokenTest {
|
||||||
session.getTransaction().commit();
|
session.getTransaction().commit();
|
||||||
session.close();
|
session.close();
|
||||||
|
|
||||||
// should not update last refresh because the access token interval is way less than idle timeout
|
Assert.assertNotEquals(last, next);
|
||||||
Assert.assertEquals(last, next);
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
session = keycloakRule.startSession();
|
session = keycloakRule.startSession();
|
||||||
realm = session.realms().getRealmByName("test");
|
realm = session.realms().getRealmByName("test");
|
||||||
|
|
Loading…
Reference in a new issue