libre.sh/keycloak-scim
3
0
Fork 0
Code Issues 15 Pull requests Releases Packages Activity Actions

Redirect to next required action if there are multiple actions

Browse source
This commit is contained in:
Stian Thorgersen 2013-09-21 12:51:33 +01:00
parent b541679ef3
commit eaeed0b9dd
1 changed files with 19 additions and 13 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

32
services/src/main/java/org/keycloak/services/resources/AccountService.java
View file

@ -116,7 +116,7 @@ public class AccountService {
accessCodeEntry.getRequiredActions().remove(UserModel.RequiredAction.UPDATE_PROFILE); accessCodeEntry.getRequiredActions().remove(UserModel.RequiredAction.UPDATE_PROFILE);
} }
Response response = redirectOauth(accessCodeEntry); Response response = redirectOauth(user, accessCodeEntry);
if (response != null) { if (response != null) {
return response; return response;
} else { } else {
@ -161,8 +161,7 @@ public class AccountService {
return null; return null;
} }
if (accessCodeEntry.getRequiredActions() == null if (accessCodeEntry.getRequiredActions() == null || !accessCodeEntry.getRequiredActions().contains(requiredAction)) {
|| !accessCodeEntry.getRequiredActions().contains(requiredAction)) {
return null; return null;
} }
@ -208,7 +207,7 @@ public class AccountService {
user.setTotp(true); user.setTotp(true);
Response response = redirectOauth(accessCodeEntry); Response response = redirectOauth(user, accessCodeEntry);
if (response != null) { if (response != null) {
return response; return response;
} else { } else {
@ -231,7 +230,7 @@ public class AccountService {
accessCodeEntry.getRequiredActions().remove(UserModel.RequiredAction.VERIFY_EMAIL); accessCodeEntry.getRequiredActions().remove(UserModel.RequiredAction.VERIFY_EMAIL);
} }
Response response = redirectOauth(accessCodeEntry); Response response = redirectOauth(user, accessCodeEntry);
if (response != null) { if (response != null) {
return response; return response;
} else { } else {
@ -239,17 +238,24 @@ public class AccountService {
} }
} }
private Response redirectOauth(AccessCodeEntry accessCodeEntry) { private Response redirectOauth(UserModel user, AccessCodeEntry accessCode) {
if (accessCodeEntry == null) { if (accessCode == null) {
return null; return null;
} }
String redirect = uriInfo.getQueryParameters().getFirst("redirect_uri");
if (redirect != null) { Set<RequiredAction> requiredActions = user.getRequiredActions();
String state = uriInfo.getQueryParameters().getFirst("state"); if (!requiredActions.isEmpty()) {
return Flows.oauth(realm, request, uriInfo, authManager, tokenManager).redirectAccessCode(accessCodeEntry, state, return Flows.forms(realm, request, uriInfo).setCode(accessCode.getCode()).setUser(user)
redirect); .forwardToAction(requiredActions.iterator().next());
} else { } else {
return null; String redirect = uriInfo.getQueryParameters().getFirst("redirect_uri");
if (redirect != null) {
String state = uriInfo.getQueryParameters().getFirst("state");
return Flows.oauth(realm, request, uriInfo, authManager, tokenManager).redirectAccessCode(accessCode, state,
redirect);
} else {
return null;
}
} }
} }