From 740943290cfe3e0be38fbcd19a02e1fe7c81af67 Mon Sep 17 00:00:00 2001 From: Jeroen Rosenberg Date: Fri, 16 May 2014 13:46:46 +0200 Subject: [PATCH 1/3] URI encode clientId for referrer parameter --- integration/js/src/main/resources/keycloak.js | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/integration/js/src/main/resources/keycloak.js b/integration/js/src/main/resources/keycloak.js index 046c9c1b95..1a6b545d2b 100755 --- a/integration/js/src/main/resources/keycloak.js +++ b/integration/js/src/main/resources/keycloak.js @@ -131,7 +131,7 @@ var Keycloak = function (config) { kc.createAccountUrl = function(options) { var url = getRealmUrl() + '/account' - + '?referrer=' + kc.clientId + + '?referrer=' + encodeURIComponent(kc.clientId) + '&referrer_uri=' + encodeURIComponent(adapter.redirectUri(options)); return url; From d3a2617d3c6d3c69b429d92747246a91f40a6b0b Mon Sep 17 00:00:00 2001 From: Jeroen Rosenberg Date: Fri, 16 May 2014 13:49:28 +0200 Subject: [PATCH 2/3] Read optional client secret configuration to ensure we can use Basic auth as well --- integration/js/src/main/resources/keycloak.js | 2 ++ 1 file changed, 2 insertions(+) diff --git a/integration/js/src/main/resources/keycloak.js b/integration/js/src/main/resources/keycloak.js index 1a6b545d2b..188c99d357 100755 --- a/integration/js/src/main/resources/keycloak.js +++ b/integration/js/src/main/resources/keycloak.js @@ -329,6 +329,7 @@ var Keycloak = function (config) { kc.authServerUrl = config['auth-server-url']; kc.realm = config['realm']; kc.clientId = config['resource']; + kc.clientSecret = (config['credentials'] || {})['secret']; promise.setSuccess(); } else { @@ -360,6 +361,7 @@ var Keycloak = function (config) { kc.authServerUrl = config.url; kc.realm = config.realm; kc.clientId = config.clientId; + kc.clientSecret = (config.credentials || {}).secret; promise.setSuccess(); } From b92494f0238da91b95b3e4cc98de8fe4fe30cef2 Mon Sep 17 00:00:00 2001 From: Jeroen Rosenberg Date: Fri, 16 May 2014 13:52:59 +0200 Subject: [PATCH 3/3] Refactored to use switch with fall through for readability --- integration/js/src/main/resources/keycloak.js | 33 ++++++++++--------- 1 file changed, 17 insertions(+), 16 deletions(-) diff --git a/integration/js/src/main/resources/keycloak.js b/integration/js/src/main/resources/keycloak.js index 188c99d357..6dc108fc63 100755 --- a/integration/js/src/main/resources/keycloak.js +++ b/integration/js/src/main/resources/keycloak.js @@ -54,21 +54,22 @@ var Keycloak = function (config) { if (initOptions.token || initOptions.refreshToken) { setToken(initOptions.token, initOptions.refreshToken); } else if (initOptions.onLoad) { - if (initOptions.onLoad == 'check-sso' || initOptions.onLoad == 'login-required') { - var options = {}; - if (initOptions.onLoad == 'check-sso') { + var options = {}; + switch (initOptions.onLoad) { + case 'check-sso': options.prompt = 'none'; - } - var p = kc.login(options); - if (p) { - p.success(function() { - initPromise.setSuccess(); - }).error(function() { - initPromise.setError(); - }); - }; - } else { - throw 'Invalid value for onLoad'; + case 'login-required': + var p = kc.login(options); + if (p) { + p.success(function() { + initPromise.setSuccess(); + }).error(function() { + initPromise.setError(); + }); + }; + break; + default: + throw 'Invalid value for onLoad'; } } } else { @@ -143,7 +144,7 @@ var Keycloak = function (config) { kc.hasRealmRole = function (role) { var access = kc.realmAccess; - return access && access.roles.indexOf(role) >= 0 || false; + return !!access && access.roles.indexOf(role) >= 0; } kc.hasResourceRole = function(role, resource) { @@ -152,7 +153,7 @@ var Keycloak = function (config) { } var access = kc.resourceAccess[resource || kc.clientId]; - return access && access.roles.indexOf(role) >= 0 || false; + return !!access && access.roles.indexOf(role) >= 0; } kc.loadUserProfile = function() {