From 0b3ae30473444d19c1b67c0b86741e9c9943aff2 Mon Sep 17 00:00:00 2001 From: rmartinc Date: Thu, 23 Nov 2017 11:18:29 +0100 Subject: [PATCH 1/2] Parameter "ui_locales" not redirected to login page in java adapters --- .../org/keycloak/adapters/OAuthRequestAuthenticator.java | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/adapters/oidc/adapter-core/src/main/java/org/keycloak/adapters/OAuthRequestAuthenticator.java b/adapters/oidc/adapter-core/src/main/java/org/keycloak/adapters/OAuthRequestAuthenticator.java index 8d875ee4eb..6d7e6608b0 100755 --- a/adapters/oidc/adapter-core/src/main/java/org/keycloak/adapters/OAuthRequestAuthenticator.java +++ b/adapters/oidc/adapter-core/src/main/java/org/keycloak/adapters/OAuthRequestAuthenticator.java @@ -170,6 +170,9 @@ public class OAuthRequestAuthenticator { String maxAge = getQueryParamValue(OAuth2Constants.MAX_AGE); url = UriUtils.stripQueryParam(url, OAuth2Constants.MAX_AGE); + String uiLocales = getQueryParamValue(OAuth2Constants.UI_LOCALES_PARAM); + url = UriUtils.stripQueryParam(url, OAuth2Constants.UI_LOCALES_PARAM); + KeycloakUriBuilder redirectUriBuilder = deployment.getAuthUrl().clone() .queryParam(OAuth2Constants.RESPONSE_TYPE, OAuth2Constants.CODE) .queryParam(OAuth2Constants.CLIENT_ID, deployment.getResourceName()) @@ -188,6 +191,9 @@ public class OAuthRequestAuthenticator { if (maxAge != null && maxAge.length() > 0) { redirectUriBuilder.queryParam(OAuth2Constants.MAX_AGE, maxAge); } + if (uiLocales != null && uiLocales.length() > 0) { + redirectUriBuilder.queryParam(OAuth2Constants.UI_LOCALES_PARAM, uiLocales); + } scope = TokenUtil.attachOIDCScope(scope); redirectUriBuilder.queryParam(OAuth2Constants.SCOPE, scope); From ecbf6e53867759a75066fe41fafedd2047c43b42 Mon Sep 17 00:00:00 2001 From: rmartinc Date: Thu, 23 Nov 2017 17:58:58 +0100 Subject: [PATCH 2/2] KEYCLOAK-5896: adding a test for the ui_locales change. --- .../AbstractDemoFilterServletAdapterTest.java | 7 +++ .../AbstractDemoServletsAdapterTest.java | 56 +++++++++++++++++++ 2 files changed, 63 insertions(+) diff --git a/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/adapter/servlet/AbstractDemoFilterServletAdapterTest.java b/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/adapter/servlet/AbstractDemoFilterServletAdapterTest.java index 71e04697bb..c4dbd6dce8 100644 --- a/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/adapter/servlet/AbstractDemoFilterServletAdapterTest.java +++ b/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/adapter/servlet/AbstractDemoFilterServletAdapterTest.java @@ -34,4 +34,11 @@ public abstract class AbstractDemoFilterServletAdapterTest extends AbstractDemoS } + @Test + @Override + @Ignore + public void testOIDCUiLocalesParamForwarding() { + + } + } diff --git a/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/adapter/servlet/AbstractDemoServletsAdapterTest.java b/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/adapter/servlet/AbstractDemoServletsAdapterTest.java index 16bdaa4a51..6a8930f90e 100644 --- a/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/adapter/servlet/AbstractDemoServletsAdapterTest.java +++ b/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/adapter/servlet/AbstractDemoServletsAdapterTest.java @@ -17,6 +17,7 @@ package org.keycloak.testsuite.adapter.servlet; import org.apache.commons.io.FileUtils; +import org.apache.http.client.utils.URLEncodedUtils; import org.jboss.arquillian.container.test.api.Deployment; import org.jboss.arquillian.graphene.page.Page; import org.jboss.shrinkwrap.api.spec.WebArchive; @@ -64,12 +65,17 @@ import javax.ws.rs.core.Response; import java.io.File; import java.io.IOException; import java.net.URI; +import java.net.URISyntaxException; +import java.nio.charset.StandardCharsets; import java.util.Arrays; import java.util.List; import java.util.Map; +import java.util.Set; import java.util.concurrent.TimeUnit; import java.util.regex.Matcher; import java.util.regex.Pattern; +import java.util.stream.Collectors; +import java.util.stream.Stream; import static org.junit.Assert.*; @@ -576,6 +582,56 @@ public abstract class AbstractDemoServletsAdapterTest extends AbstractServletsAd setAdapterAndServerTimeOffset(0, tokenMinTTLPage.toString()); } + private static Map getQueryFromUrl(String url) { + try { + return URLEncodedUtils.parse(new URI(url), StandardCharsets.UTF_8).stream() + .collect(Collectors.toMap(p -> p.getName(), p -> p.getValue())); + } catch (URISyntaxException e) { + return null; + } + } + + @Test + public void testOIDCUiLocalesParamForwarding() { + RealmRepresentation demoRealmRep = testRealmResource().toRepresentation(); + boolean enabled = demoRealmRep.isInternationalizationEnabled(); + String defaultLocale = demoRealmRep.getDefaultLocale(); + Set locales = demoRealmRep.getSupportedLocales(); + demoRealmRep.setInternationalizationEnabled(true); + demoRealmRep.setDefaultLocale("en"); + demoRealmRep.setSupportedLocales(Stream.of("en", "de").collect(Collectors.toSet())); + testRealmResource().update(demoRealmRep); + + // test login with ui_locales to de+en + String portalUri = securePortal.getUriBuilder().build().toString(); + String appUri = securePortal.getUriBuilder().queryParam(OAuth2Constants.UI_LOCALES_PARAM, "de en").build().toString(); + URLUtils.navigateToUri(appUri, true); + assertCurrentUrlStartsWithLoginUrlOf(testRealmPage); + // check the ui_locales param is there + Map parameters = getQueryFromUrl(driver.getCurrentUrl()); + assertEquals("de en", parameters.get(OAuth2Constants.UI_LOCALES_PARAM)); + // check that the page is in german + String pageSource = driver.getPageSource(); + assertTrue(pageSource.contains("Passwort")); + testRealmLoginPage.form().login("bburke@redhat.com", "password"); + // check no ui_locales in the final url adapter url + assertCurrentUrlEquals(portalUri); + pageSource = driver.getPageSource(); + assertTrue(pageSource.contains("Bill Burke") && pageSource.contains("Stian Thorgersen")); + // logout + String logoutUri = OIDCLoginProtocolService.logoutUrl(authServerPage.createUriBuilder()) + .queryParam(OAuth2Constants.REDIRECT_URI, securePortal.toString()).build("demo").toString(); + driver.navigate().to(logoutUri); + assertCurrentUrlStartsWithLoginUrlOf(testRealmPage); + securePortal.navigateTo(); + assertCurrentUrlStartsWithLoginUrlOf(testRealmPage); + + demoRealmRep.setInternationalizationEnabled(enabled); + demoRealmRep.setDefaultLocale(defaultLocale); + demoRealmRep.setSupportedLocales(locales); + testRealmResource().update(demoRealmRep); + } + @Test public void testBasicAuth() { String value = "hello";