libre.sh/keycloak-scim
2
0
Fork 0
Code Issues 14 Pull requests Releases Packages Activity Actions 6

Merge pull request #1613 from raehalme/KEYCLOAK-1832

Browse source 
KEYCLOAK-1832 Added check for null authentication on the logout method
This commit is contained in:
Stian Thorgersen 2015-09-16 13:34:51 +02:00
commit 85df0b6a67
2 changed files with 11 additions and 2 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

7
integration/spring-security/src/main/java/org/keycloak/adapters/springsecurity/authentication/KeycloakLogoutHandler.java
View file

@ -32,8 +32,11 @@ public class KeycloakLogoutHandler implements LogoutHandler {
@Override
public void logout(HttpServletRequest request, HttpServletResponse response, Authentication authentication) {
if (!KeycloakAuthenticationToken.class.isAssignableFrom(authentication.getClass())) {
if (authentication == null) {
log.warn("Cannot log out without authentication");
return;
}
else if (!KeycloakAuthenticationToken.class.isAssignableFrom(authentication.getClass())) {
log.warn("Cannot log out a non-Keycloak authentication: {}", authentication);
return;
}

6
integration/spring-security/src/test/java/org/keycloak/adapters/springsecurity/authentication/KeycloakLogoutHandlerTest.java
View file

@ -88,6 +88,12 @@ public class KeycloakLogoutHandlerTest {
verifyZeroInteractions(session);
}
@Test
public void testLogoutNullAuthentication() throws Exception {
keycloakLogoutHandler.logout(request, response, null);
verifyZeroInteractions(session);
}
@Test
public void testHandleSingleSignOut() throws Exception {
keycloakLogoutHandler.handleSingleSignOut(request, response, keycloakAuthenticationToken);