libre.sh/keycloak-scim
3
0
Fork 0
Code Issues 15 Pull requests Releases 1 Packages Activity Actions

KEYCLOAK-559 If session iframe is enabled, check this before doing a login if onload is check-sso

Browse source
This commit is contained in:
Stian Thorgersen 2014-07-16 10:47:42 +01:00
parent 63ff5736a2
commit e0ec121012
2 changed files with 42 additions and 17 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

55
integration/js/src/main/resources/keycloak.js
View file

@ -57,6 +57,17 @@
processCallback(callback, initPromise); processCallback(callback, initPromise);
return; return;
} else if (initOptions) { } else if (initOptions) {
var doLogin = function(prompt) {
if (!prompt) {
options.prompt = 'none';
}
kc.login(options).success(function () {
initPromise.setSuccess();
}).error(function () {
initPromise.setError();
});
}
if (initOptions.token || initOptions.refreshToken) { if (initOptions.token || initOptions.refreshToken) {
setToken(initOptions.token, initOptions.refreshToken); setToken(initOptions.token, initOptions.refreshToken);
initPromise.setSuccess(); initPromise.setSuccess();
@ -64,16 +75,20 @@
var options = {}; var options = {};
switch (initOptions.onLoad) { switch (initOptions.onLoad) {
case 'check-sso': case 'check-sso':
options.prompt = 'none'; if (loginIframe.enable) {
case 'login-required': setupCheckLoginIframe().success(function() {
var p = kc.login(options); checkLoginIframe().success(function () {
if (p) { doLogin(false);
p.success(function() { }).error(function () {
initPromise.setSuccess(); initPromise.setSuccess();
}).error(function() { });
initPromise.setError();
}); });
}; } else {
doLogin(false);
}
break;
case 'login-required':
doLogin(true);
break; break;
default: default:
throw 'Invalid value for onLoad'; throw 'Invalid value for onLoad';
@ -525,7 +540,14 @@
} }
function setupCheckLoginIframe() { function setupCheckLoginIframe() {
if (!loginIframe.enable || loginIframe.iframe) { var promise = createPromise();
if (!loginIframe.enable) {
return;
}
if (loginIframe.iframe) {
promise.setSuccess();
return; return;
} }
@ -539,6 +561,7 @@
loginIframe.iframeOrigin = realmUrl.substring(0, realmUrl.indexOf('/', 8)); loginIframe.iframeOrigin = realmUrl.substring(0, realmUrl.indexOf('/', 8));
} }
loginIframe.iframe = iframe; loginIframe.iframe = iframe;
promise.setSuccess();
} }
var src = getRealmUrl() + '/login-status-iframe.html?client_id=' + encodeURIComponent(kc.clientId) + '&origin=' + window.location.origin; var src = getRealmUrl() + '/login-status-iframe.html?client_id=' + encodeURIComponent(kc.clientId) + '&origin=' + window.location.origin;
@ -553,7 +576,8 @@
var data = event.data; var data = event.data;
var promise = loginIframe.callbackMap[data.callbackId]; var promise = loginIframe.callbackMap[data.callbackId];
delete loginIframe.callbackMap[data.callbackId]; delete loginIframe.callbackMap[data.callbackId];
if (kc.sessionId == data.session && data.loggedIn) {
if ((!kc.sessionId || kc.sessionId == data.session) && data.loggedIn) {
promise.setSuccess(); promise.setSuccess();
} else { } else {
clearToken(); clearToken();
@ -570,19 +594,21 @@
}; };
setTimeout(check, loginIframe.interval * 1000); setTimeout(check, loginIframe.interval * 1000);
return promise.promise;
} }
function checkLoginIframe() { function checkLoginIframe() {
var promise = createPromise(); var promise = createPromise();
if (loginIframe.iframe || loginIframe.iframeOrigin) { if (loginIframe.iframe && loginIframe.iframeOrigin) {
var msg = {}; var msg = {};
msg.callbackId = createCallbackId(); msg.callbackId = createCallbackId();
loginIframe.callbackMap[msg.callbackId] = promise; loginIframe.callbackMap[msg.callbackId] = promise;
var origin = loginIframe.iframeOrigin; var origin = loginIframe.iframeOrigin;
loginIframe.iframe.contentWindow.postMessage(msg, origin); loginIframe.iframe.contentWindow.postMessage(msg, origin);
} else { } else {
promise.setSuccess(); promise.setError();
} }
return promise.promise; return promise.promise;
@ -593,14 +619,17 @@
return { return {
login: function(options) { login: function(options) {
window.location.href = kc.createLoginUrl(options); window.location.href = kc.createLoginUrl(options);
return createPromise().promise;
}, },
logout: function(options) { logout: function(options) {
window.location.href = kc.createLogoutUrl(options); window.location.href = kc.createLogoutUrl(options);
return createPromise().promise;
}, },
accountManagement : function() { accountManagement : function() {
window.location.href = kc.createAccountUrl(); window.location.href = kc.createAccountUrl();
return createPromise().promise;
}, },
redirectUri: function(options) { redirectUri: function(options) {

4
services/src/main/java/org/keycloak/services/resources/RealmsResource.java
View file

@ -103,10 +103,6 @@ public class RealmsResource {
if (client == null) { if (client == null) {
throw new NotFoundException("could not find client: " + client_id); throw new NotFoundException("could not find client: " + client_id);
} }
AuthenticationManager.AuthResult result = auth.authenticateIdentityCookie(session, realm, uriInfo, headers);
if (result == null) {
throw new UnauthorizedException("not logged in, can't get page");
}
InputStream is = getClass().getClassLoader().getResourceAsStream("login-status-iframe.html"); InputStream is = getClass().getClassLoader().getResourceAsStream("login-status-iframe.html");
if (is == null) throw new NotFoundException("Could not find login-status-iframe.html "); if (is == null) throw new NotFoundException("Could not find login-status-iframe.html ");