libre.sh/keycloak-scim
3
0
Fork 0
Code Issues 15 Pull requests Releases 1 Packages Activity Actions

Merge pull request #2475 from patriot1burke/master

Browse source 
KEYCLOAK-2662
This commit is contained in:
Bill Burke 2016-04-01 17:55:42 -04:00
commit dfa7c76331
3 changed files with 15 additions and 5 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

16
adapters/oidc/servlet-filter/src/main/java/org/keycloak/adapters/servlet/OIDCFilterSessionStore.java
View file

@ -19,12 +19,12 @@ package org.keycloak.adapters.servlet;
import org.keycloak.KeycloakSecurityContext;
import org.keycloak.adapters.AdapterTokenStore;
import org.keycloak.adapters.spi.HttpFacade;
import org.keycloak.adapters.spi.KeycloakAccount;
import org.keycloak.adapters.KeycloakDeployment;
import org.keycloak.adapters.OidcKeycloakAccount;
import org.keycloak.adapters.RefreshableKeycloakSecurityContext;
import org.keycloak.adapters.RequestAuthenticator;
import org.keycloak.adapters.spi.HttpFacade;
import org.keycloak.adapters.spi.KeycloakAccount;
import org.keycloak.adapters.spi.SessionIdMapper;
import javax.servlet.http.HttpServletRequest;
@ -51,10 +51,16 @@ public class OIDCFilterSessionStore extends FilterSessionStore implements Adapte
}
public HttpServletRequestWrapper buildWrapper() {
HttpSession session = request.getSession();
KeycloakAccount account = (KeycloakAccount)session.getAttribute(KeycloakAccount.class.getName());
HttpSession session = request.getSession(false);
KeycloakAccount account = null;
if (session != null) {
account = (KeycloakAccount) session.getAttribute(KeycloakAccount.class.getName());
if (account == null) {
account = (KeycloakAccount) request.getAttribute(KeycloakAccount.class.getName());
}
}
if (account == null) {
account = (KeycloakAccount)request.getAttribute(KeycloakAccount.class.getName());
account = (KeycloakAccount) request.getAttribute(KeycloakAccount.class.getName());
}
return buildWrapper(session, account);
}

1
adapters/spi/servlet-adapter-spi/src/main/java/org/keycloak/adapters/servlet/FilterSessionStore.java
View file

@ -305,6 +305,7 @@ public class FilterSessionStore implements AdapterSessionStore {
@Override
public Principal getUserPrincipal() {
if (account == null) return null;
return account.getPrincipal();
}

3
testsuite/integration/src/test/java/org/keycloak/testsuite/adapter/CustomerDatabaseServlet.java
View file

@ -36,6 +36,9 @@ public class CustomerDatabaseServlet extends HttpServlet {
@Override
protected void doGet(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException {
// test that bearer token auth never has an HTTP session created
Assert.assertNull(req.getSession(false));
resp.setContentType("text/html");
PrintWriter pw = resp.getWriter();
Principal principal = req.getUserPrincipal();