From e0ec121012a6f8a2a9cbde5f70f865ae82e9b813 Mon Sep 17 00:00:00 2001 From: Stian Thorgersen Date: Wed, 16 Jul 2014 10:47:42 +0100 Subject: [PATCH] KEYCLOAK-559 If session iframe is enabled, check this before doing a login if onload is check-sso --- integration/js/src/main/resources/keycloak.js | 55 ++++++++++++++----- .../services/resources/RealmsResource.java | 4 -- 2 files changed, 42 insertions(+), 17 deletions(-) diff --git a/integration/js/src/main/resources/keycloak.js b/integration/js/src/main/resources/keycloak.js index 617cbc4f7a..d6392ac1fb 100755 --- a/integration/js/src/main/resources/keycloak.js +++ b/integration/js/src/main/resources/keycloak.js @@ -57,6 +57,17 @@ processCallback(callback, initPromise); return; } else if (initOptions) { + var doLogin = function(prompt) { + if (!prompt) { + options.prompt = 'none'; + } + kc.login(options).success(function () { + initPromise.setSuccess(); + }).error(function () { + initPromise.setError(); + }); + } + if (initOptions.token || initOptions.refreshToken) { setToken(initOptions.token, initOptions.refreshToken); initPromise.setSuccess(); @@ -64,16 +75,20 @@ var options = {}; switch (initOptions.onLoad) { case 'check-sso': - options.prompt = 'none'; - case 'login-required': - var p = kc.login(options); - if (p) { - p.success(function() { - initPromise.setSuccess(); - }).error(function() { - initPromise.setError(); + if (loginIframe.enable) { + setupCheckLoginIframe().success(function() { + checkLoginIframe().success(function () { + doLogin(false); + }).error(function () { + initPromise.setSuccess(); + }); }); - }; + } else { + doLogin(false); + } + break; + case 'login-required': + doLogin(true); break; default: throw 'Invalid value for onLoad'; @@ -525,7 +540,14 @@ } function setupCheckLoginIframe() { - if (!loginIframe.enable || loginIframe.iframe) { + var promise = createPromise(); + + if (!loginIframe.enable) { + return; + } + + if (loginIframe.iframe) { + promise.setSuccess(); return; } @@ -539,6 +561,7 @@ loginIframe.iframeOrigin = realmUrl.substring(0, realmUrl.indexOf('/', 8)); } loginIframe.iframe = iframe; + promise.setSuccess(); } var src = getRealmUrl() + '/login-status-iframe.html?client_id=' + encodeURIComponent(kc.clientId) + '&origin=' + window.location.origin; @@ -553,7 +576,8 @@ var data = event.data; var promise = loginIframe.callbackMap[data.callbackId]; delete loginIframe.callbackMap[data.callbackId]; - if (kc.sessionId == data.session && data.loggedIn) { + + if ((!kc.sessionId || kc.sessionId == data.session) && data.loggedIn) { promise.setSuccess(); } else { clearToken(); @@ -570,19 +594,21 @@ }; setTimeout(check, loginIframe.interval * 1000); + + return promise.promise; } function checkLoginIframe() { var promise = createPromise(); - if (loginIframe.iframe || loginIframe.iframeOrigin) { + if (loginIframe.iframe && loginIframe.iframeOrigin) { var msg = {}; msg.callbackId = createCallbackId(); loginIframe.callbackMap[msg.callbackId] = promise; var origin = loginIframe.iframeOrigin; loginIframe.iframe.contentWindow.postMessage(msg, origin); } else { - promise.setSuccess(); + promise.setError(); } return promise.promise; @@ -593,14 +619,17 @@ return { login: function(options) { window.location.href = kc.createLoginUrl(options); + return createPromise().promise; }, logout: function(options) { window.location.href = kc.createLogoutUrl(options); + return createPromise().promise; }, accountManagement : function() { window.location.href = kc.createAccountUrl(); + return createPromise().promise; }, redirectUri: function(options) { diff --git a/services/src/main/java/org/keycloak/services/resources/RealmsResource.java b/services/src/main/java/org/keycloak/services/resources/RealmsResource.java index fb406ab6cd..6fafca45df 100755 --- a/services/src/main/java/org/keycloak/services/resources/RealmsResource.java +++ b/services/src/main/java/org/keycloak/services/resources/RealmsResource.java @@ -103,10 +103,6 @@ public class RealmsResource { if (client == null) { throw new NotFoundException("could not find client: " + client_id); } - AuthenticationManager.AuthResult result = auth.authenticateIdentityCookie(session, realm, uriInfo, headers); - if (result == null) { - throw new UnauthorizedException("not logged in, can't get page"); - } InputStream is = getClass().getClassLoader().getResourceAsStream("login-status-iframe.html"); if (is == null) throw new NotFoundException("Could not find login-status-iframe.html ");