KEYCLOAK-9983 - Fix the P3P header corruption in Japanese and Turkish (#6006)
This commit is contained in:
parent
a75c2452d1
commit
8bee7ec542
17 changed files with 5 additions and 54 deletions
|
@ -62,7 +62,7 @@ public class LoginStatusIframeEndpoint {
|
||||||
|
|
||||||
InputStream resource = getClass().getClassLoader().getResourceAsStream("login-status-iframe.html");
|
InputStream resource = getClass().getClassLoader().getResourceAsStream("login-status-iframe.html");
|
||||||
if (resource != null) {
|
if (resource != null) {
|
||||||
P3PHelper.addP3PHeader(session);
|
P3PHelper.addP3PHeader();
|
||||||
return Response.ok(resource).cacheControl(cacheControl).build();
|
return Response.ok(resource).cacheControl(cacheControl).build();
|
||||||
} else {
|
} else {
|
||||||
return Response.status(Response.Status.NOT_FOUND).build();
|
return Response.status(Response.Status.NOT_FOUND).build();
|
||||||
|
|
|
@ -628,7 +628,7 @@ public class AuthenticationManager {
|
||||||
// Max age should be set to the max lifespan of the session as it's used to invalidate old-sessions on re-login
|
// Max age should be set to the max lifespan of the session as it's used to invalidate old-sessions on re-login
|
||||||
int sessionCookieMaxAge = session.isRememberMe() && realm.getSsoSessionMaxLifespanRememberMe() > 0 ? realm.getSsoSessionMaxLifespanRememberMe() : realm.getSsoSessionMaxLifespan();
|
int sessionCookieMaxAge = session.isRememberMe() && realm.getSsoSessionMaxLifespanRememberMe() > 0 ? realm.getSsoSessionMaxLifespanRememberMe() : realm.getSsoSessionMaxLifespan();
|
||||||
CookieHelper.addCookie(KEYCLOAK_SESSION_COOKIE, sessionCookieValue, cookiePath, null, null, sessionCookieMaxAge, secureOnly, false);
|
CookieHelper.addCookie(KEYCLOAK_SESSION_COOKIE, sessionCookieValue, cookiePath, null, null, sessionCookieMaxAge, secureOnly, false);
|
||||||
P3PHelper.addP3PHeader(keycloakSession);
|
P3PHelper.addP3PHeader();
|
||||||
}
|
}
|
||||||
|
|
||||||
public static void createRememberMeCookie(RealmModel realm, String username, UriInfo uriInfo, ClientConnection connection) {
|
public static void createRememberMeCookie(RealmModel realm, String username, UriInfo uriInfo, ClientConnection connection) {
|
||||||
|
|
|
@ -17,15 +17,8 @@
|
||||||
|
|
||||||
package org.keycloak.services.util;
|
package org.keycloak.services.util;
|
||||||
|
|
||||||
import org.jboss.logging.Logger;
|
|
||||||
import org.jboss.resteasy.spi.HttpResponse;
|
import org.jboss.resteasy.spi.HttpResponse;
|
||||||
import org.jboss.resteasy.spi.ResteasyProviderFactory;
|
import org.jboss.resteasy.spi.ResteasyProviderFactory;
|
||||||
import org.keycloak.models.KeycloakSession;
|
|
||||||
import org.keycloak.services.validation.Validation;
|
|
||||||
import org.keycloak.theme.Theme;
|
|
||||||
|
|
||||||
import java.io.IOException;
|
|
||||||
import java.util.Locale;
|
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* IE requires P3P header to allow loading cookies from iframes when domain differs from main page (see KEYCLOAK-2828 for more details)
|
* IE requires P3P header to allow loading cookies from iframes when domain differs from main page (see KEYCLOAK-2828 for more details)
|
||||||
|
@ -34,23 +27,9 @@ import java.util.Locale;
|
||||||
*/
|
*/
|
||||||
public class P3PHelper {
|
public class P3PHelper {
|
||||||
|
|
||||||
private static final Logger logger = Logger.getLogger(P3PHelper.class);
|
public static void addP3PHeader() {
|
||||||
|
HttpResponse response = ResteasyProviderFactory.getContextData(HttpResponse.class);
|
||||||
public static void addP3PHeader(KeycloakSession session) {
|
response.getOutputHeaders().putSingle("P3P", "CP=\"This is not a P3P policy!\"");
|
||||||
try {
|
|
||||||
Theme theme = session.theme().getTheme(Theme.Type.LOGIN);
|
|
||||||
|
|
||||||
Locale locale = session.getContext().resolveLocale(null);
|
|
||||||
String p3pValue = theme.getMessages(locale).getProperty("p3pPolicy");
|
|
||||||
|
|
||||||
if (!Validation.isBlank(p3pValue)) {
|
|
||||||
HttpResponse response = ResteasyProviderFactory.getContextData(HttpResponse.class);
|
|
||||||
response.getOutputHeaders().putSingle("P3P", p3pValue);
|
|
||||||
}
|
|
||||||
} catch (IOException e) {
|
|
||||||
logger.error("Failed to set P3P header", e);
|
|
||||||
return;
|
|
||||||
}
|
|
||||||
}
|
}
|
||||||
|
|
||||||
}
|
}
|
||||||
|
|
|
@ -255,8 +255,6 @@ requiredAction.UPDATE_PASSWORD=Passwort aktualisieren
|
||||||
requiredAction.UPDATE_PROFILE=Profil aktualisieren
|
requiredAction.UPDATE_PROFILE=Profil aktualisieren
|
||||||
requiredAction.VERIFY_EMAIL=E-Mail Adresse verifizieren
|
requiredAction.VERIFY_EMAIL=E-Mail Adresse verifizieren
|
||||||
|
|
||||||
p3pPolicy=CP="Das ist keine P3P Policy!"
|
|
||||||
|
|
||||||
doX509Login=Sie werden angemeldet als\:
|
doX509Login=Sie werden angemeldet als\:
|
||||||
clientCertificate=X509 Client Zertifikat\:
|
clientCertificate=X509 Client Zertifikat\:
|
||||||
noCertificate=[Kein Zertifikat]
|
noCertificate=[Kein Zertifikat]
|
||||||
|
|
|
@ -266,8 +266,6 @@ requiredAction.UPDATE_PASSWORD=Mettre \u00e0 jour votre mot de passe
|
||||||
requiredAction.UPDATE_PROFILE=Mettre \u00e0 jour votre profil
|
requiredAction.UPDATE_PROFILE=Mettre \u00e0 jour votre profil
|
||||||
requiredAction.VERIFY_EMAIL=Valider votre adresse email
|
requiredAction.VERIFY_EMAIL=Valider votre adresse email
|
||||||
|
|
||||||
p3pPolicy=CP="Ce n''est pas une P3P policy!"
|
|
||||||
|
|
||||||
|
|
||||||
doX509Login=Vous allez \u00eatre connect\u00e9 en tant que\:
|
doX509Login=Vous allez \u00eatre connect\u00e9 en tant que\:
|
||||||
clientCertificate=X509 certificat client\:
|
clientCertificate=X509 certificat client\:
|
||||||
|
|
|
@ -212,5 +212,3 @@ clientNotFoundMessage=Client non trovato.
|
||||||
clientDisabledMessage=Client disabilitato.
|
clientDisabledMessage=Client disabilitato.
|
||||||
invalidParameterMessage=Parametro non valido\: {0}
|
invalidParameterMessage=Parametro non valido\: {0}
|
||||||
alreadyLoggedIn=Sei gi\u00e0 connesso.
|
alreadyLoggedIn=Sei gi\u00e0 connesso.
|
||||||
|
|
||||||
p3pPolicy=CP="Questa non \u00e8 una P3P policy!"
|
|
||||||
|
|
|
@ -291,8 +291,6 @@ requiredAction.UPDATE_PASSWORD=パスワードの更新
|
||||||
requiredAction.UPDATE_PROFILE=プロフィールの更新
|
requiredAction.UPDATE_PROFILE=プロフィールの更新
|
||||||
requiredAction.VERIFY_EMAIL=Eメールの確認
|
requiredAction.VERIFY_EMAIL=Eメールの確認
|
||||||
|
|
||||||
p3pPolicy=CP="これはP3Pポリシーではありません!"
|
|
||||||
|
|
||||||
doX509Login=次のユーザーとしてログインします\:
|
doX509Login=次のユーザーとしてログインします\:
|
||||||
clientCertificate=X509クライアント証明書\:
|
clientCertificate=X509クライアント証明書\:
|
||||||
noCertificate=[証明書なし]
|
noCertificate=[証明書なし]
|
||||||
|
|
|
@ -215,5 +215,3 @@ clientNotFoundMessage=Nenurodytas klientas.
|
||||||
clientDisabledMessage=Kliento galiojimas išjungtas.
|
clientDisabledMessage=Kliento galiojimas išjungtas.
|
||||||
invalidParameterMessage=Neteisingas parametras\: {0}
|
invalidParameterMessage=Neteisingas parametras\: {0}
|
||||||
alreadyLoggedIn=Jūs jau esate prisijungę.
|
alreadyLoggedIn=Jūs jau esate prisijungę.
|
||||||
|
|
||||||
p3pPolicy=CP="Nurodyta reiksme nera P3P taisykle!"
|
|
|
@ -274,8 +274,6 @@ requiredAction.UPDATE_PASSWORD=Update wachtwoord
|
||||||
requiredAction.UPDATE_PROFILE=Update profiel
|
requiredAction.UPDATE_PROFILE=Update profiel
|
||||||
requiredAction.VERIFY_EMAIL=Verifieer e-mail
|
requiredAction.VERIFY_EMAIL=Verifieer e-mail
|
||||||
|
|
||||||
p3pPolicy=CP="This is not a P3P policy!"
|
|
||||||
|
|
||||||
doX509Login=U wordt ingelogd als\:
|
doX509Login=U wordt ingelogd als\:
|
||||||
clientCertificate=X509 client certificate\:
|
clientCertificate=X509 client certificate\:
|
||||||
noCertificate=[No Certificate]
|
noCertificate=[No Certificate]
|
||||||
|
|
|
@ -227,5 +227,3 @@ clientNotFoundMessage=Klient ikke funnet.
|
||||||
clientDisabledMessage=Klient deaktivert.
|
clientDisabledMessage=Klient deaktivert.
|
||||||
invalidParameterMessage=Ugyldig parameter\: {0}
|
invalidParameterMessage=Ugyldig parameter\: {0}
|
||||||
alreadyLoggedIn=Du er allerede innlogget.
|
alreadyLoggedIn=Du er allerede innlogget.
|
||||||
|
|
||||||
p3pPolicy=CP="Dette er ikke en P3P policy!"
|
|
||||||
|
|
|
@ -292,8 +292,6 @@ requiredAction.UPDATE_PASSWORD=Zaktualizuj hasło
|
||||||
requiredAction.UPDATE_PROFILE=Zaktualizuj profil
|
requiredAction.UPDATE_PROFILE=Zaktualizuj profil
|
||||||
requiredAction.VERIFY_EMAIL=Zweryfikuj adres e-mail
|
requiredAction.VERIFY_EMAIL=Zweryfikuj adres e-mail
|
||||||
|
|
||||||
p3pPolicy=CP \= "To nie jest polityka P3P\!"
|
|
||||||
|
|
||||||
doX509Login=Użytkownik będzie zalogowany jako\:
|
doX509Login=Użytkownik będzie zalogowany jako\:
|
||||||
clientCertificate=X509 certyfikat klienta\:
|
clientCertificate=X509 certyfikat klienta\:
|
||||||
noCertificate=[brak certyfikatu]
|
noCertificate=[brak certyfikatu]
|
||||||
|
|
|
@ -216,5 +216,3 @@ clientNotFoundMessage=Клиент не найден.
|
||||||
clientDisabledMessage=Клиент отключен.
|
clientDisabledMessage=Клиент отключен.
|
||||||
invalidParameterMessage=Неверный параметр\: {0}
|
invalidParameterMessage=Неверный параметр\: {0}
|
||||||
alreadyLoggedIn=Вы уже вошли.
|
alreadyLoggedIn=Вы уже вошли.
|
||||||
|
|
||||||
p3pPolicy=CP="Это не политика P3P!"
|
|
||||||
|
|
|
@ -254,8 +254,6 @@ requiredAction.UPDATE_PASSWORD=Aktualizovať heslo
|
||||||
requiredAction.UPDATE_PROFILE=Aktualizovať profil
|
requiredAction.UPDATE_PROFILE=Aktualizovať profil
|
||||||
requiredAction.VERIFY_EMAIL=Overiť e-mail
|
requiredAction.VERIFY_EMAIL=Overiť e-mail
|
||||||
|
|
||||||
p3pPolicy=CP="Toto nie je plán (policy) P3P!"
|
|
||||||
|
|
||||||
doX509Login=Budete prihlásení ako\:
|
doX509Login=Budete prihlásení ako\:
|
||||||
clientCertificate=certifikát klienta X509\:
|
clientCertificate=certifikát klienta X509\:
|
||||||
noCertificate=[Bez certifikátu]
|
noCertificate=[Bez certifikátu]
|
||||||
|
|
|
@ -212,5 +212,3 @@ clientNotFoundMessage=Klienten hittades ej.
|
||||||
clientDisabledMessage=Klienten är inaktiverad.
|
clientDisabledMessage=Klienten är inaktiverad.
|
||||||
invalidParameterMessage=Ogiltig parameter\: {0}
|
invalidParameterMessage=Ogiltig parameter\: {0}
|
||||||
alreadyLoggedIn=Du är redan inloggad.
|
alreadyLoggedIn=Du är redan inloggad.
|
||||||
|
|
||||||
p3pPolicy=CP="Det här är ingen P3P policy!"
|
|
||||||
|
|
|
@ -294,8 +294,6 @@ requiredAction.UPDATE_PASSWORD=\u015Eifre g\u00FCncelle
|
||||||
requiredAction.UPDATE_PROFILE=Profili G\u00FCncelle
|
requiredAction.UPDATE_PROFILE=Profili G\u00FCncelle
|
||||||
requiredAction.VERIFY_EMAIL=E-mail''i do\u011Frula
|
requiredAction.VERIFY_EMAIL=E-mail''i do\u011Frula
|
||||||
|
|
||||||
p3pPolicy=CP="Bu bir P3P politikas\u0131 de\u011Fil!"
|
|
||||||
|
|
||||||
doX509Login=Olarak giri\u015F yapacaks\u0131n\u0131z\:
|
doX509Login=Olarak giri\u015F yapacaks\u0131n\u0131z\:
|
||||||
clientCertificate=X509 istemci sertifikas\u0131\:
|
clientCertificate=X509 istemci sertifikas\u0131\:
|
||||||
noCertificate=[Sertifika Yok]
|
noCertificate=[Sertifika Yok]
|
||||||
|
|
|
@ -230,5 +230,3 @@ clientNotFoundMessage=客户端未找到
|
||||||
clientDisabledMessage=客户端已禁用
|
clientDisabledMessage=客户端已禁用
|
||||||
invalidParameterMessage=无效的参数 \: {0}
|
invalidParameterMessage=无效的参数 \: {0}
|
||||||
alreadyLoggedIn=您已经登录
|
alreadyLoggedIn=您已经登录
|
||||||
|
|
||||||
p3pPolicy="This is not a P3P policy!"
|
|
||||||
|
|
|
@ -292,8 +292,6 @@ requiredAction.UPDATE_PASSWORD=Update Password
|
||||||
requiredAction.UPDATE_PROFILE=Update Profile
|
requiredAction.UPDATE_PROFILE=Update Profile
|
||||||
requiredAction.VERIFY_EMAIL=Verify Email
|
requiredAction.VERIFY_EMAIL=Verify Email
|
||||||
|
|
||||||
p3pPolicy=CP="This is not a P3P policy!"
|
|
||||||
|
|
||||||
doX509Login=You will be logged in as\:
|
doX509Login=You will be logged in as\:
|
||||||
clientCertificate=X509 client certificate\:
|
clientCertificate=X509 client certificate\:
|
||||||
noCertificate=[No Certificate]
|
noCertificate=[No Certificate]
|
||||||
|
|
Loading…
Reference in a new issue