libre.sh/keycloak-scim
4
0
Fork 0
Code Issues 15 Pull requests Releases 1 Activity Actions

KEYCLOAK-18818 Add CORS preflight handler to token revocation endpoint

Browse source
This commit is contained in:
Thomas Darimont 2021-08-22 22:52:47 +02:00 committed by Marek Posolda
parent c8bee9fac4
commit e217e9a175
1 changed files with 6 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

6
services/src/main/java/org/keycloak/protocol/oidc/endpoints/TokenRevocationEndpoint.java
View file

@ -21,6 +21,7 @@ import java.util.Objects;
import java.util.stream.Collectors;
import javax.ws.rs.Consumes;
import javax.ws.rs.OPTIONS;
import javax.ws.rs.POST;
import javax.ws.rs.core.Context;
import javax.ws.rs.core.HttpHeaders;
@ -125,6 +126,11 @@ public class TokenRevocationEndpoint {
return cors.builder(Response.ok()).build();
}
@OPTIONS
public Response preflight() {
return Cors.add(request, Response.ok()).auth().preflight().allowedMethods("POST", "OPTIONS").build();
}
private void checkSsl() {
if (!session.getContext().getUri().getBaseUri().getScheme().equals("https")
&& realm.getSslRequired().isRequired(clientConnection)) {