This commit is contained in:
Michael Gerber 2015-01-09 14:03:36 +01:00
parent 7ce1502bc5
commit 9c484b9938
3 changed files with 17 additions and 1 deletions

View file

@ -63,4 +63,7 @@ public class UriUtils {
return map; return map;
} }
public static String stripQueryParam(String url, String name){
return url.replaceFirst("[\\?&]"+name+"=[^&]*$|"+name+"=[^&]*&", "");
}
} }

View file

@ -2,6 +2,7 @@ package org.keycloak.util;
import org.junit.Test; import org.junit.Test;
import static org.junit.Assert.assertEquals;
import static org.junit.Assert.assertFalse; import static org.junit.Assert.assertFalse;
import static org.junit.Assert.assertTrue; import static org.junit.Assert.assertTrue;
@ -43,4 +44,15 @@ public class UriUtilsTest {
assertFalse(UriUtils.isOrigin(origin)); assertFalse(UriUtils.isOrigin(origin));
} }
@Test
public void testStripQueryParam(){
assertEquals("http://localhost",UriUtils.stripQueryParam("http://localhost?login_hint=michael","login_hint"));
assertEquals("http://localhost",UriUtils.stripQueryParam("http://localhost?login_hint=michael@me.com","login_hint"));
assertEquals("http://localhost?param=test",UriUtils.stripQueryParam("http://localhost?param=test&login_hint=michael","login_hint"));
assertEquals("http://localhost?param=test",UriUtils.stripQueryParam("http://localhost?param=test&login_hint=michael@me.com","login_hint"));
assertEquals("http://localhost?param=test",UriUtils.stripQueryParam("http://localhost?login_hint=michael&param=test","login_hint"));
assertEquals("http://localhost?param=test",UriUtils.stripQueryParam("http://localhost?login_hint=michael@me.com&param=test","login_hint"));
assertEquals("http://localhost?pre=test&param=test",UriUtils.stripQueryParam("http://localhost?pre=test&login_hint=michael&param=test","login_hint"));
assertEquals("http://localhost?pre=test&param=test",UriUtils.stripQueryParam("http://localhost?pre=test&login_hint=michael@me.com&param=test","login_hint"));
}
} }

View file

@ -11,6 +11,7 @@ import org.keycloak.representations.AccessToken;
import org.keycloak.representations.AccessTokenResponse; import org.keycloak.representations.AccessTokenResponse;
import org.keycloak.representations.IDToken; import org.keycloak.representations.IDToken;
import org.keycloak.util.KeycloakUriBuilder; import org.keycloak.util.KeycloakUriBuilder;
import org.keycloak.util.UriUtils;
import java.io.IOException; import java.io.IOException;
import java.util.UUID; import java.util.UUID;
@ -128,7 +129,7 @@ public class OAuthRequestAuthenticator {
} }
String loginHint = getQueryParamValue("login_hint"); String loginHint = getQueryParamValue("login_hint");
url = url.replaceFirst("[\\?&]login_hint=[^&]*$|login_hint=.*&", ""); url = UriUtils.stripQueryParam(url,"login_hint");
KeycloakUriBuilder redirectUriBuilder = deployment.getAuthUrl().clone() KeycloakUriBuilder redirectUriBuilder = deployment.getAuthUrl().clone()
.queryParam(OAuth2Constants.CLIENT_ID, deployment.getResourceName()) .queryParam(OAuth2Constants.CLIENT_ID, deployment.getResourceName())