From 2c218c9aa045e3f076653215ebbc9935117f8f62 Mon Sep 17 00:00:00 2001 From: Stian Thorgersen Date: Tue, 21 Oct 2014 12:36:20 +0200 Subject: [PATCH] KEYCLOAK-711 HttpServletReqest.logout() does not work with relative URI --- .../as7/KeycloakAuthenticatorValve.java | 3 ++- .../tomcat7/KeycloakAuthenticatorValve.java | 3 ++- .../undertow/ServletKeycloakAuthMech.java | 3 ++- .../undertow/UndertowKeycloakAuthMech.java | 3 ++- .../adapter/RelativeUriAdapterTest.java | 23 +++++++++++++++++++ 5 files changed, 31 insertions(+), 4 deletions(-) diff --git a/integration/as7-eap6/adapter/src/main/java/org/keycloak/adapters/as7/KeycloakAuthenticatorValve.java b/integration/as7-eap6/adapter/src/main/java/org/keycloak/adapters/as7/KeycloakAuthenticatorValve.java index ab4fb3f57a..b21653eb40 100755 --- a/integration/as7-eap6/adapter/src/main/java/org/keycloak/adapters/as7/KeycloakAuthenticatorValve.java +++ b/integration/as7-eap6/adapter/src/main/java/org/keycloak/adapters/as7/KeycloakAuthenticatorValve.java @@ -67,7 +67,8 @@ public class KeycloakAuthenticatorValve extends FormAuthenticator implements Lif if (session != null) { session.removeNote(KeycloakSecurityContext.class.getName()); if (ksc instanceof RefreshableKeycloakSecurityContext) { - ((RefreshableKeycloakSecurityContext)ksc).logout(deploymentContext.getDeployment()); + CatalinaHttpFacade facade = new CatalinaHttpFacade(request, null); + ((RefreshableKeycloakSecurityContext)ksc).logout(deploymentContext.resolveDeployment(facade)); } } } diff --git a/integration/tomcat7/adapter/src/main/java/org/keycloak/adapters/tomcat7/KeycloakAuthenticatorValve.java b/integration/tomcat7/adapter/src/main/java/org/keycloak/adapters/tomcat7/KeycloakAuthenticatorValve.java index de123895f5..0d45009f24 100755 --- a/integration/tomcat7/adapter/src/main/java/org/keycloak/adapters/tomcat7/KeycloakAuthenticatorValve.java +++ b/integration/tomcat7/adapter/src/main/java/org/keycloak/adapters/tomcat7/KeycloakAuthenticatorValve.java @@ -74,7 +74,8 @@ public class KeycloakAuthenticatorValve extends FormAuthenticator implements Lif if (session != null) { session.removeNote(KeycloakSecurityContext.class.getName()); try { - ServerRequest.invokeLogout(deploymentContext.getDeployment(), ksc.getToken().getSessionState()); + CatalinaHttpFacade facade = new CatalinaHttpFacade(request, null); + ServerRequest.invokeLogout(deploymentContext.resolveDeployment(facade), ksc.getToken().getSessionState()); } catch (Exception e) { log.severe("failed to invoke remote logout. " + e.getMessage()); } diff --git a/integration/undertow/src/main/java/org/keycloak/adapters/undertow/ServletKeycloakAuthMech.java b/integration/undertow/src/main/java/org/keycloak/adapters/undertow/ServletKeycloakAuthMech.java index 9b2e157725..7e1ee378e5 100755 --- a/integration/undertow/src/main/java/org/keycloak/adapters/undertow/ServletKeycloakAuthMech.java +++ b/integration/undertow/src/main/java/org/keycloak/adapters/undertow/ServletKeycloakAuthMech.java @@ -79,7 +79,8 @@ public class ServletKeycloakAuthMech extends UndertowKeycloakAuthMech { session.removeAttribute(KeycloakSecurityContext.class.getName()); session.removeAttribute(KeycloakUndertowAccount.class.getName()); if (account.getKeycloakSecurityContext() != null) { - account.getKeycloakSecurityContext().logout(deploymentContext.getDeployment()); + UndertowHttpFacade facade = new UndertowHttpFacade(notification.getExchange()); + account.getKeycloakSecurityContext().logout(deploymentContext.resolveDeployment(facade)); } } }; diff --git a/integration/undertow/src/main/java/org/keycloak/adapters/undertow/UndertowKeycloakAuthMech.java b/integration/undertow/src/main/java/org/keycloak/adapters/undertow/UndertowKeycloakAuthMech.java index e5050901ee..d1b9e4e4ef 100755 --- a/integration/undertow/src/main/java/org/keycloak/adapters/undertow/UndertowKeycloakAuthMech.java +++ b/integration/undertow/src/main/java/org/keycloak/adapters/undertow/UndertowKeycloakAuthMech.java @@ -66,7 +66,8 @@ public abstract class UndertowKeycloakAuthMech implements AuthenticationMechanis if (account == null) return; session.removeAttribute(KeycloakUndertowAccount.class.getName()); if (account.getKeycloakSecurityContext() != null) { - account.getKeycloakSecurityContext().logout(deploymentContext.getDeployment()); + UndertowHttpFacade facade = new UndertowHttpFacade(notification.getExchange()); + account.getKeycloakSecurityContext().logout(deploymentContext.resolveDeployment(facade)); } } }; diff --git a/testsuite/integration/src/test/java/org/keycloak/testsuite/adapter/RelativeUriAdapterTest.java b/testsuite/integration/src/test/java/org/keycloak/testsuite/adapter/RelativeUriAdapterTest.java index 0c3dfb8d93..f1e1c0b956 100755 --- a/testsuite/integration/src/test/java/org/keycloak/testsuite/adapter/RelativeUriAdapterTest.java +++ b/testsuite/integration/src/test/java/org/keycloak/testsuite/adapter/RelativeUriAdapterTest.java @@ -158,4 +158,27 @@ public class RelativeUriAdapterTest { } + + @Test + public void testServletRequestLogout() throws Exception { + driver.navigate().to("http://localhost:8081/customer-portal"); + Assert.assertTrue(driver.getCurrentUrl().startsWith(LOGIN_URL)); + loginPage.login("bburke@redhat.com", "password"); + Assert.assertEquals(driver.getCurrentUrl(), "http://localhost:8081/customer-portal"); + Assert.assertTrue(driver.getPageSource().contains("Bill Burke")); + + driver.navigate().to("http://localhost:8081/product-portal"); + Assert.assertEquals(driver.getCurrentUrl(), "http://localhost:8081/product-portal"); + Assert.assertTrue(driver.getPageSource().contains("iPhone")); + + // test logout + driver.navigate().to("http://localhost:8081/customer-portal/logout"); + + driver.navigate().to("http://localhost:8081/customer-portal"); + String currentUrl = driver.getCurrentUrl(); + Assert.assertTrue(currentUrl.startsWith(LOGIN_URL)); + driver.navigate().to("http://localhost:8081/product-portal"); + Assert.assertTrue(driver.getCurrentUrl().startsWith(LOGIN_URL)); + } + }