From 95059253637fdb94d805a29df01141b7fcfa5ec8 Mon Sep 17 00:00:00 2001 From: Martin Kanis Date: Wed, 2 May 2018 09:31:42 +0200 Subject: [PATCH] Revert "KEYCLOAK-5270 Realm cookie path for IE<=11 users (#5106)" (#5183) This reverts commit a67da7bc593ec6cdab93ca5ea8181a7e5bae1957. --- .../managers/AuthenticationManager.java | 3 +- .../testsuite/cookies/CookiesPathTest.java | 82 ------------------- 2 files changed, 1 insertion(+), 84 deletions(-) delete mode 100644 testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/cookies/CookiesPathTest.java diff --git a/services/src/main/java/org/keycloak/services/managers/AuthenticationManager.java b/services/src/main/java/org/keycloak/services/managers/AuthenticationManager.java index 345a388b43..87df91759f 100755 --- a/services/src/main/java/org/keycloak/services/managers/AuthenticationManager.java +++ b/services/src/main/java/org/keycloak/services/managers/AuthenticationManager.java @@ -629,8 +629,7 @@ public class AuthenticationManager { public static String getRealmCookiePath(RealmModel realm, UriInfo uriInfo) { URI uri = RealmsResource.realmBaseUrl(uriInfo).build(realm.getName()); - // KEYCLOAK-5270 - return uri.getRawPath() + "/"; + return uri.getRawPath(); } public static String getAccountCookiePath(RealmModel realm, UriInfo uriInfo) { diff --git a/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/cookies/CookiesPathTest.java b/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/cookies/CookiesPathTest.java deleted file mode 100644 index 71aa622157..0000000000 --- a/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/cookies/CookiesPathTest.java +++ /dev/null @@ -1,82 +0,0 @@ -package org.keycloak.testsuite.cookies; - -import org.hamcrest.Matchers; -import org.junit.Assert; -import org.junit.Test; -import org.keycloak.models.AdminRoles; -import org.keycloak.models.Constants; -import org.keycloak.representations.idm.RealmRepresentation; -import org.keycloak.testsuite.AbstractKeycloakTest; -import org.keycloak.testsuite.util.ClientBuilder; -import org.keycloak.testsuite.util.RealmBuilder; -import org.keycloak.testsuite.util.URLUtils; -import org.keycloak.testsuite.util.UserBuilder; -import org.openqa.selenium.Cookie; - -import java.util.List; -import java.util.Set; - -/** - * @author Martin Kanis - */ -public class CookiesPathTest extends AbstractKeycloakTest { - - @Test - public void testCookiesPath() { - // navigate to "/realms/foo/account" and remove cookies in the browser for the current path - // first access to the path means there are no cookies being sent - // we are redirected to login page and Keycloak sets cookie's path to "/auth/realms/foo/" - deleteAllCookiesForRealm("foo"); - - Assert.assertTrue("There shouldn't be any cookies sent!", driver.manage().getCookies().isEmpty()); - - // refresh the page and cookies are sent within the request - driver.navigate().refresh(); - - Set cookies = driver.manage().getCookies(); - Assert.assertTrue("There should be cookies sent!", cookies.size() > 0); - // check cookie's path, for some reason IE adds extra slash to the beginning of the path - cookies.stream().forEach(cookie -> Assert.assertThat(cookie.getPath(), Matchers.endsWith("/auth/realms/foo/"))); - - // now navigate to realm which name overlaps the first realm and delete cookies for that realm (foobar) - // - deleteAllCookiesForRealm("foobar"); - - // cookies shouldn't be sent for the first access to /realms/foobar/account - // At this moment IE would sent cookies for /auth/realms/foo without the fix - cookies = driver.manage().getCookies(); - Assert.assertTrue("There shouldn't be any cookies sent!", cookies.isEmpty()); - - // refresh the page and check if correct cookies were sent - driver.navigate().refresh(); - cookies = driver.manage().getCookies(); - - Assert.assertTrue("There should be cookies sent!", cookies.size() > 0); - // check cookie's path, for some reason IE adds extra slash to the beginning of the path - cookies.stream().forEach(cookie -> Assert.assertThat(cookie.getPath(), Matchers.endsWith("/auth/realms/foobar/"))); - - // lets back to "/realms/foo/account" to test the cookies for "foo" realm are still there and haven't been (correctly) sent to "foobar" - URLUtils.navigateToUri( oauth.AUTH_SERVER_ROOT + "/realms/foo/account", true); - - cookies = driver.manage().getCookies(); - Assert.assertTrue("There should be cookies sent!", cookies.size() > 0); - cookies.stream().forEach(cookie -> Assert.assertThat(cookie.getPath(), Matchers.endsWith("/auth/realms/foo/"))); - } - - /** - * Add two realms which names are overlapping i.e foo and foobar - * @param testRealms - */ - @Override - public void addTestRealms(List testRealms) { - RealmBuilder foo = RealmBuilder.create().name("foo").testEventListener(); - foo.client(ClientBuilder.create().clientId("myclient").publicClient().directAccessGrants()); - foo.user(UserBuilder.create().username("foo").password("password").role(Constants.REALM_MANAGEMENT_CLIENT_ID, AdminRoles.REALM_ADMIN)); - testRealms.add(foo.build()); - - RealmBuilder foobar = RealmBuilder.create().name("foobar").testEventListener(); - foobar.client(ClientBuilder.create().clientId("myclient").publicClient().directAccessGrants()); - foobar.user(UserBuilder.create().username("foobar").password("password").role(Constants.REALM_MANAGEMENT_CLIENT_ID, AdminRoles.REALM_ADMIN)); - testRealms.add(foobar.build()); - } -}