libre.sh/keycloak-scim
2
0
Fork 0
Code Issues 14 Pull requests Releases Packages Activity Actions 6

[KEYCLOAK-1205] Fix BearerAuthFilter refreshing token after it's expired

Browse source
This commit is contained in:
Dane Barentine 2015-04-14 22:05:29 -07:00
parent 47da227809
commit b1b149e0c3
3 changed files with 14 additions and 4 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
integration/admin-client/src/main/java/org/keycloak/admin/client/Keycloak.java
View file

@ -26,7 +26,7 @@ public class Keycloak {
target = client.target(config.getServerUrl()); target = client.target(config.getServerUrl());
target.register(new BearerAuthFilter(tokenManager.getAccessTokenString())); target.register(new BearerAuthFilter(tokenManager));
} }
public static Keycloak getInstance(String serverUrl, String realm, String username, String password, String clientId, String clientSecret){ public static Keycloak getInstance(String serverUrl, String realm, String username, String password, String clientId, String clientSecret){

13
integration/admin-client/src/main/java/org/keycloak/admin/client/resource/BearerAuthFilter.java
View file

@ -1,5 +1,7 @@
package org.keycloak.admin.client.resource; package org.keycloak.admin.client.resource;
import org.keycloak.admin.client.token.TokenManager;
import javax.ws.rs.client.ClientRequestContext; import javax.ws.rs.client.ClientRequestContext;
import javax.ws.rs.client.ClientRequestFilter; import javax.ws.rs.client.ClientRequestFilter;
import javax.ws.rs.core.HttpHeaders; import javax.ws.rs.core.HttpHeaders;
@ -11,14 +13,23 @@ import java.io.IOException;
public class BearerAuthFilter implements ClientRequestFilter { public class BearerAuthFilter implements ClientRequestFilter {
private final String tokenString; private final String tokenString;
private final TokenManager tokenManager;
public BearerAuthFilter(String tokenString) { public BearerAuthFilter(String tokenString) {
this.tokenString = tokenString; this.tokenString = tokenString;
this.tokenManager = null;
} }
public BearerAuthFilter(TokenManager tokenManager) {
this.tokenManager = tokenManager;
this.tokenString = null;
}
@Override @Override
public void filter(ClientRequestContext requestContext) throws IOException { public void filter(ClientRequestContext requestContext) throws IOException {
String authHeader = "Bearer " + tokenString; String authHeader = "Bearer " + (tokenManager != null ? tokenManager.getAccessTokenString() : tokenString);
requestContext.getHeaders().add(HttpHeaders.AUTHORIZATION, authHeader); requestContext.getHeaders().add(HttpHeaders.AUTHORIZATION, authHeader);
} }

3
integration/admin-client/src/main/java/org/keycloak/admin/client/token/TokenManager.java
View file

@ -66,8 +66,7 @@ public class TokenManager {
Form form = new Form() Form form = new Form()
.param("grant_type", "refresh_token") .param("grant_type", "refresh_token")
.param("username", config.getUsername()) .param("refresh_token", currentToken.getRefreshToken());
.param("password", config.getPassword());
if(config.isPublicClient()){ if(config.isPublicClient()){
form.param("client_id", config.getClientId()); form.param("client_id", config.getClientId());