libre.sh/keycloak-scim
4
0
Fork 0
Code Issues 15 Pull requests Releases 1 Activity Actions

Added check for null authentication on the logout method.

Browse source
This commit is contained in:
Thomas Raehalme 2015-09-10 12:30:07 +03:00
parent 1c38bb7158
commit e0eac89e5a
2 changed files with 11 additions and 2 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

7
integration/spring-security/src/main/java/org/keycloak/adapters/springsecurity/authentication/KeycloakLogoutHandler.java
View file

@ -32,8 +32,11 @@ public class KeycloakLogoutHandler implements LogoutHandler {
@Override @Override
public void logout(HttpServletRequest request, HttpServletResponse response, Authentication authentication) { public void logout(HttpServletRequest request, HttpServletResponse response, Authentication authentication) {
if (authentication == null) {
if (!KeycloakAuthenticationToken.class.isAssignableFrom(authentication.getClass())) { log.warn("Cannot log out without authentication");
return;
}
else if (!KeycloakAuthenticationToken.class.isAssignableFrom(authentication.getClass())) {
log.warn("Cannot log out a non-Keycloak authentication: {}", authentication); log.warn("Cannot log out a non-Keycloak authentication: {}", authentication);
return; return;
} }

6
integration/spring-security/src/test/java/org/keycloak/adapters/springsecurity/authentication/KeycloakLogoutHandlerTest.java
View file

@ -88,6 +88,12 @@ public class KeycloakLogoutHandlerTest {
verifyZeroInteractions(session); verifyZeroInteractions(session);
} }
@Test
public void testLogoutNullAuthentication() throws Exception {
keycloakLogoutHandler.logout(request, response, null);
verifyZeroInteractions(session);
}
@Test @Test
public void testHandleSingleSignOut() throws Exception { public void testHandleSingleSignOut() throws Exception {
keycloakLogoutHandler.handleSingleSignOut(request, response, keycloakAuthenticationToken); keycloakLogoutHandler.handleSingleSignOut(request, response, keycloakAuthenticationToken);