libre.sh/keycloak-scim
3
0
Fork 0
Code Issues 15 Pull requests Releases Packages Activity Actions

KEYCLOAK-7451 OAuth Authorization Server Metadata for Proof Key for Code Exchange

Browse source
This commit is contained in:
Takashi Norimatsu 2018-05-28 14:13:54 +09:00 committed by Marek Posolda
parent 6a2f73df9c
commit eb97151476
3 changed files with 22 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

6
services/src/main/java/org/keycloak/protocol/oidc/OIDCWellKnownProvider.java
View file

@ -69,6 +69,9 @@ public class OIDCWellKnownProvider implements WellKnownProvider {
// TODO: Add more of OIDC scopes
public static final List<String> SCOPES_SUPPORTED= list(OAuth2Constants.SCOPE_OPENID, OAuth2Constants.OFFLINE_ACCESS);
// KEYCLOAK-7451 OAuth Authorization Server Metadata for Proof Key for Code Exchange
public static final List<String> DEFAULT_CODE_CHALLENGE_METHODS_SUPPORTED = list(OAuth2Constants.PKCE_METHOD_PLAIN, OAuth2Constants.PKCE_METHOD_S256);
private KeycloakSession session;
public OIDCWellKnownProvider(KeycloakSession session) {
@ -113,6 +116,9 @@ public class OIDCWellKnownProvider implements WellKnownProvider {
config.setRequestParameterSupported(true);
config.setRequestUriParameterSupported(true);
// KEYCLOAK-7451 OAuth Authorization Server Metadata for Proof Key for Code Exchange
config.setCodeChallengeMethodsSupported(DEFAULT_CODE_CHALLENGE_METHODS_SUPPORTED);
return config;
}

12
services/src/main/java/org/keycloak/protocol/oidc/representations/OIDCConfigurationRepresentation.java
View file

@ -103,6 +103,10 @@ public class OIDCConfigurationRepresentation {
@JsonProperty("request_uri_parameter_supported")
private Boolean requestUriParameterSupported;
// KEYCLOAK-7451 OAuth Authorization Server Metadata for Proof Key for Code Exchange
@JsonProperty("code_challenge_methods_supported")
private List<String> codeChallengeMethodsSupported;
protected Map<String, Object> otherClaims = new HashMap<String, Object>();
public String getIssuer() {
@ -297,6 +301,14 @@ public class OIDCConfigurationRepresentation {
this.requestUriParameterSupported = requestUriParameterSupported;
}
// KEYCLOAK-7451 OAuth Authorization Server Metadata for Proof Key for Code Exchange
public List<String> getCodeChallengeMethodsSupported() {
return codeChallengeMethodsSupported;
}
public void setCodeChallengeMethodsSupported(List<String> codeChallengeMethodsSupported) {
this.codeChallengeMethodsSupported = codeChallengeMethodsSupported;
}
@JsonAnyGetter
public Map<String, Object> getOtherClaims() {
return otherClaims;

4
testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/oidc/OIDCWellKnownProviderTest.java
View file

@ -119,6 +119,10 @@ public class OIDCWellKnownProviderTest extends AbstractKeycloakTest {
// Request and Request_Uri
Assert.assertTrue(oidcConfig.getRequestParameterSupported());
Assert.assertTrue(oidcConfig.getRequestUriParameterSupported());
// KEYCLOAK-7451 OAuth Authorization Server Metadata for Proof Key for Code Exchange
// PKCE support
Assert.assertNames(oidcConfig.getCodeChallengeMethodsSupported(), OAuth2Constants.PKCE_METHOD_PLAIN, OAuth2Constants.PKCE_METHOD_S256);
} finally {
client.close();
}