KEYCLOAK-559 If session iframe is enabled, check this before doing a login if onload is check-sso

This commit is contained in:
Stian Thorgersen 2014-07-16 10:47:42 +01:00
parent 63ff5736a2
commit e0ec121012
2 changed files with 42 additions and 17 deletions

View file

@ -57,6 +57,17 @@
processCallback(callback, initPromise);
return;
} else if (initOptions) {
var doLogin = function(prompt) {
if (!prompt) {
options.prompt = 'none';
}
kc.login(options).success(function () {
initPromise.setSuccess();
}).error(function () {
initPromise.setError();
});
}
if (initOptions.token || initOptions.refreshToken) {
setToken(initOptions.token, initOptions.refreshToken);
initPromise.setSuccess();
@ -64,16 +75,20 @@
var options = {};
switch (initOptions.onLoad) {
case 'check-sso':
options.prompt = 'none';
case 'login-required':
var p = kc.login(options);
if (p) {
p.success(function() {
if (loginIframe.enable) {
setupCheckLoginIframe().success(function() {
checkLoginIframe().success(function () {
doLogin(false);
}).error(function () {
initPromise.setSuccess();
}).error(function() {
initPromise.setError();
});
};
});
} else {
doLogin(false);
}
break;
case 'login-required':
doLogin(true);
break;
default:
throw 'Invalid value for onLoad';
@ -525,7 +540,14 @@
}
function setupCheckLoginIframe() {
if (!loginIframe.enable || loginIframe.iframe) {
var promise = createPromise();
if (!loginIframe.enable) {
return;
}
if (loginIframe.iframe) {
promise.setSuccess();
return;
}
@ -539,6 +561,7 @@
loginIframe.iframeOrigin = realmUrl.substring(0, realmUrl.indexOf('/', 8));
}
loginIframe.iframe = iframe;
promise.setSuccess();
}
var src = getRealmUrl() + '/login-status-iframe.html?client_id=' + encodeURIComponent(kc.clientId) + '&origin=' + window.location.origin;
@ -553,7 +576,8 @@
var data = event.data;
var promise = loginIframe.callbackMap[data.callbackId];
delete loginIframe.callbackMap[data.callbackId];
if (kc.sessionId == data.session && data.loggedIn) {
if ((!kc.sessionId || kc.sessionId == data.session) && data.loggedIn) {
promise.setSuccess();
} else {
clearToken();
@ -570,19 +594,21 @@
};
setTimeout(check, loginIframe.interval * 1000);
return promise.promise;
}
function checkLoginIframe() {
var promise = createPromise();
if (loginIframe.iframe || loginIframe.iframeOrigin) {
if (loginIframe.iframe && loginIframe.iframeOrigin) {
var msg = {};
msg.callbackId = createCallbackId();
loginIframe.callbackMap[msg.callbackId] = promise;
var origin = loginIframe.iframeOrigin;
loginIframe.iframe.contentWindow.postMessage(msg, origin);
} else {
promise.setSuccess();
promise.setError();
}
return promise.promise;
@ -593,14 +619,17 @@
return {
login: function(options) {
window.location.href = kc.createLoginUrl(options);
return createPromise().promise;
},
logout: function(options) {
window.location.href = kc.createLogoutUrl(options);
return createPromise().promise;
},
accountManagement : function() {
window.location.href = kc.createAccountUrl();
return createPromise().promise;
},
redirectUri: function(options) {

View file

@ -103,10 +103,6 @@ public class RealmsResource {
if (client == null) {
throw new NotFoundException("could not find client: " + client_id);
}
AuthenticationManager.AuthResult result = auth.authenticateIdentityCookie(session, realm, uriInfo, headers);
if (result == null) {
throw new UnauthorizedException("not logged in, can't get page");
}
InputStream is = getClass().getClassLoader().getResourceAsStream("login-status-iframe.html");
if (is == null) throw new NotFoundException("Could not find login-status-iframe.html ");