Merge pull request #2275 from stianst/KEYCLOAK-2511

KEYCLOAK-2511 Rename session-state in access token response to sessio…
This commit is contained in:
Stian Thorgersen 2016-02-25 12:03:37 +01:00
commit ca81f3f18d
5 changed files with 11 additions and 4 deletions

View file

@ -52,7 +52,7 @@ public class AccessTokenResponse {
@JsonProperty("not-before-policy")
protected int notBeforePolicy;
@JsonProperty("session-state")
@JsonProperty("session_state")
protected String sessionState;
protected Map<String, Object> otherClaims = new HashMap<String, Object>();

View file

@ -121,6 +121,13 @@
The Client Registration service endpoints have been moved from <literal>{realm}/clients</literal> to <literal>{realm}/clients-registrations</literal>.
</para>
</simplesect>
<simplesect>
<title>Session state parameter in authentication response renamed</title>
<para>
In the OpenID Connect authentication response we used to return the session state as <literal>session-state</literal> this is not
correct according to the specification and has been renamed to <literal>session_state</literal>.
</para>
</simplesect>
<simplesect>
<title>Deprecated OpenID Connect endpoints</title>
<para>

View file

@ -73,7 +73,7 @@ Pragma: no-cache
"expires_in":3600,
"refresh_token":"tGzv3JOkF0XG5Qx2TlKWIA",
"id_token":"tGzv3JOkF0XG5Qx2TlKWIA",
"session-state":"234234-234234-234234"
"session_state":"234234-234234-234234"
}]]>
</programlisting>
</para>

View file

@ -61,7 +61,7 @@ Pragma: no-cache
"refresh_expires_in":600,
"id_token":"tGzv3JOkF0XG5Qx2TlKWIA",
"not-before-policy":0,
"session-state":"234234-234234-234234"
"session_state":"234234-234234-234234"
}]]>
</programlisting>
</para>

View file

@ -163,7 +163,7 @@ public class OIDCLoginProtocol implements LoginProtocol {
if (responseType.hasResponseType(OIDCResponseType.TOKEN)) {
redirectUri.addParam("access_token", res.getToken());
redirectUri.addParam("token_type", res.getTokenType());
redirectUri.addParam("session-state", res.getSessionState());
redirectUri.addParam("session_state", res.getSessionState());
redirectUri.addParam("expires_in", String.valueOf(res.getExpiresIn()));
}