libre.sh/keycloak-scim
3
0
Fork 0
Code Issues 15 Pull requests Releases 1 Packages Activity Actions

KEYCLOAK-2662

Browse source
This commit is contained in:
Bill Burke 2016-04-01 16:43:38 -04:00
parent 4d5ae5dd68
commit f21cede378
3 changed files with 15 additions and 5 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

16
adapters/oidc/servlet-filter/src/main/java/org/keycloak/adapters/servlet/OIDCFilterSessionStore.java
View file

@ -19,12 +19,12 @@ package org.keycloak.adapters.servlet;
import org.keycloak.KeycloakSecurityContext; import org.keycloak.KeycloakSecurityContext;
import org.keycloak.adapters.AdapterTokenStore; import org.keycloak.adapters.AdapterTokenStore;
import org.keycloak.adapters.spi.HttpFacade;
import org.keycloak.adapters.spi.KeycloakAccount;
import org.keycloak.adapters.KeycloakDeployment; import org.keycloak.adapters.KeycloakDeployment;
import org.keycloak.adapters.OidcKeycloakAccount; import org.keycloak.adapters.OidcKeycloakAccount;
import org.keycloak.adapters.RefreshableKeycloakSecurityContext; import org.keycloak.adapters.RefreshableKeycloakSecurityContext;
import org.keycloak.adapters.RequestAuthenticator; import org.keycloak.adapters.RequestAuthenticator;
import org.keycloak.adapters.spi.HttpFacade;
import org.keycloak.adapters.spi.KeycloakAccount;
import org.keycloak.adapters.spi.SessionIdMapper; import org.keycloak.adapters.spi.SessionIdMapper;
import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletRequest;
@ -51,10 +51,16 @@ public class OIDCFilterSessionStore extends FilterSessionStore implements Adapte
} }
public HttpServletRequestWrapper buildWrapper() { public HttpServletRequestWrapper buildWrapper() {
HttpSession session = request.getSession(); HttpSession session = request.getSession(false);
KeycloakAccount account = (KeycloakAccount)session.getAttribute(KeycloakAccount.class.getName()); KeycloakAccount account = null;
if (session != null) {
account = (KeycloakAccount) session.getAttribute(KeycloakAccount.class.getName());
if (account == null) {
account = (KeycloakAccount) request.getAttribute(KeycloakAccount.class.getName());
}
}
if (account == null) { if (account == null) {
account = (KeycloakAccount)request.getAttribute(KeycloakAccount.class.getName()); account = (KeycloakAccount) request.getAttribute(KeycloakAccount.class.getName());
} }
return buildWrapper(session, account); return buildWrapper(session, account);
} }

1
adapters/spi/servlet-adapter-spi/src/main/java/org/keycloak/adapters/servlet/FilterSessionStore.java
View file

@ -305,6 +305,7 @@ public class FilterSessionStore implements AdapterSessionStore {
@Override @Override
public Principal getUserPrincipal() { public Principal getUserPrincipal() {
if (account == null) return null;
return account.getPrincipal(); return account.getPrincipal();
} }

3
testsuite/integration/src/test/java/org/keycloak/testsuite/adapter/CustomerDatabaseServlet.java
View file

@ -36,6 +36,9 @@ public class CustomerDatabaseServlet extends HttpServlet {
@Override @Override
protected void doGet(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException { protected void doGet(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException {
// test that bearer token auth never has an HTTP session created
Assert.assertNull(req.getSession(false));
resp.setContentType("text/html"); resp.setContentType("text/html");
PrintWriter pw = resp.getWriter(); PrintWriter pw = resp.getWriter();
Principal principal = req.getUserPrincipal(); Principal principal = req.getUserPrincipal();