Merge pull request #685 from mposolda/master

Support for cors in PublicRealmResource
2014-09-10 13:16:21 +02:00 · 2014-09-10 13:16:21 +02:00 · ec1434c65e
commit ec1434c65e
parent 88a39dbaf7 aa7bbeb11b
4 changed files with 54 additions and 3 deletions
--- a/examples/cors/angular-product-app/src/main/webapp/index.html
+++ b/examples/cors/angular-product-app/src/main/webapp/index.html
@ -34,6 +34,7 @@
            </tbody>
        </table>
    </div>
+    <hr />
    <div>
        <h2><span>Realm Roles</span></h2>
        <button type="submit" data-ng-click="loadRoles()">load Roles</button>
@ -52,6 +53,7 @@
            </tbody>
        </table>
    </div>
+    <hr />
    <div>
        <h2><span>Social providers</span></h2>
        <button type="submit" data-ng-click="loadServerInfo()">load available social providers</button>
@ -67,7 +69,18 @@
            </tr>
            </tbody>
        </table>
-     </div>
+    </div>
+    <hr />
+    <div>
+        <h2><span>Realm info</span></h2>
+        <button type="submit" data-ng-click="loadPublicRealmInfo()">Load public realm info</button>
+
+        <div data-ng-show="realm">
+            Realm name: {{realm.realm}} <br/>
+            Public key: {{realm.public_key}} <br/>
+        </div>
+    </div>
+    <hr />
 </div>
 </body>
 </html>
--- a/examples/cors/angular-product-app/src/main/webapp/js/app.js
+++ b/examples/cors/angular-product-app/src/main/webapp/js/app.js
@ -66,6 +66,12 @@ module.controller('GlobalCtrl', function($scope, $http) {

    };

+    $scope.loadPublicRealmInfo = function() {
+        $http.get("http://localhost-auth:8080/auth/realms/cors").success(function(data) {
+            $scope.realm = angular.fromJson(data);
+        });
+    };
+
    $scope.logout = logout;
 });

--- a/services/src/main/java/org/keycloak/services/resources/Cors.java
+++ b/services/src/main/java/org/keycloak/services/resources/Cors.java
@ -34,6 +34,8 @@ public class Cors {
    public static final String ACCESS_CONTROL_ALLOW_CREDENTIALS = "Access-Control-Allow-Credentials";
    public static final String ACCESS_CONTROL_MAX_AGE = "Access-Control-Max-Age";

+    public static final String ACCESS_CONTROL_ALLOW_ORIGIN_WILDCARD = "*";
+

    private HttpRequest request;
    private ResponseBuilder builder;
@ -85,6 +87,13 @@ public class Cors {
        return this;
    }

+    public Cors allowedOrigins(String... allowedOrigins) {
+        if (allowedOrigins != null && allowedOrigins.length > 0) {
+            this.allowedOrigins = new HashSet<String>(Arrays.asList(allowedOrigins));
+        }
+        return this;
+    }
+
    public Cors allowedMethods(String... allowedMethods) {
        this.allowedMethods = new HashSet<String>(Arrays.asList(allowedMethods));
        return this;
@ -101,7 +110,7 @@ public class Cors {
            return builder.build();
        }

-        if (!preflight && (allowedOrigins == null || !allowedOrigins.contains(origin))) {
+        if (!preflight && (allowedOrigins == null || (!allowedOrigins.contains(origin) && !allowedOrigins.contains(ACCESS_CONTROL_ALLOW_ORIGIN_WILDCARD)))) {
            return builder.build();
        }

@ -135,7 +144,7 @@ public class Cors {
            return;
        }

-        if (!preflight && (allowedOrigins == null || !allowedOrigins.contains(origin))) {
+        if (!preflight && (allowedOrigins == null || (!allowedOrigins.contains(origin) && !allowedOrigins.contains(ACCESS_CONTROL_ALLOW_ORIGIN_WILDCARD)))) {
            logger.debug("!preflight and no origin");
            return;
        }
--- a/services/src/main/java/org/keycloak/services/resources/PublicRealmResource.java
+++ b/services/src/main/java/org/keycloak/services/resources/PublicRealmResource.java
@ -2,13 +2,18 @@ package org.keycloak.services.resources;

 import org.jboss.logging.Logger;
 import org.jboss.resteasy.annotations.cache.NoCache;
+import org.jboss.resteasy.spi.HttpRequest;
+import org.jboss.resteasy.spi.HttpResponse;
 import org.keycloak.models.RealmModel;
 import org.keycloak.representations.idm.PublishedRealmRepresentation;
 import org.keycloak.services.resources.admin.AdminRoot;

 import javax.ws.rs.GET;
+import javax.ws.rs.OPTIONS;
+import javax.ws.rs.Path;
 import javax.ws.rs.Produces;
 import javax.ws.rs.core.Context;
+import javax.ws.rs.core.Response;
 import javax.ws.rs.core.UriInfo;

 /**
@ -23,12 +28,29 @@ public class PublicRealmResource {
    @Context
    protected UriInfo uriInfo;

+    @Context
+    protected HttpRequest request;
+
+    @Context
+    protected HttpResponse response;
+
    protected RealmModel realm;

    public PublicRealmResource(RealmModel realm) {
        this.realm = realm;
    }

+    /**
+     * CORS preflight
+     *
+     * @return
+     */
+    @Path("/")
+    @OPTIONS
+    public Response accountPreflight() {
+        return Cors.add(request, Response.ok()).auth().preflight().build();
+    }
+
    /**
     * Public information about the realm.
     *
@ -38,6 +60,7 @@ public class PublicRealmResource {
    @NoCache
    @Produces("application/json")
    public PublishedRealmRepresentation getRealm() {
+        Cors.add(request).allowedOrigins(Cors.ACCESS_CONTROL_ALLOW_ORIGIN_WILDCARD).auth().build(response);
        return realmRep(realm, uriInfo);
    }