Prosoft Git

keycloak-memoizeit

relay state

7/15/2015 9:22:30 PM
Bill Burke

Bill Burke

Commit: 5a9badf

Tree: 9835a44

Parents: dd11dce

Changes

docbook/reference/en/en-US/modules/saml.xml 3(+3 -0)

forms/common-themes/src/main/resources/theme/base/admin/resources/partials/client-detail.html 7(+7 -0)

saml/saml-protocol/src/main/java/org/keycloak/protocol/saml/SamlProtocol.java 3(+2 -1)

saml/saml-protocol/src/main/java/org/keycloak/protocol/saml/SamlService.java 5(+5 -0)

Details

docbook/reference/en/en-US/modules/saml.xml 3(+3 -0) 

diff --git a/docbook/reference/en/en-US/modules/saml.xml b/docbook/reference/en/en-US/modules/saml.xml
index 1fe17e8..0ac20a6 100755
--- a/docbook/reference/en/en-US/modules/saml.xml
+++ b/docbook/reference/en/en-US/modules/saml.xml
@@ -193,5 +193,8 @@
             go to the client page in the admin console of the client you want to set this up for.  Specify the <literal>IDP Initiated SSO URL Name</literal>.  This is a simple string
             with no whitespace in it.  After this you can reference your client at the following URL:  <literal>root/auth/realms/{realm}/protocol/saml/clients/{url-name}</literal>
         </para>
+        <para>
+            If your client requires a special relay state, you can also configure this in the admin console.
+        </para>
     </section>
 </chapter>

forms/common-themes/src/main/resources/theme/base/admin/resources/partials/client-detail.html 7(+7 -0) 

diff --git a/forms/common-themes/src/main/resources/theme/base/admin/resources/partials/client-detail.html b/forms/common-themes/src/main/resources/theme/base/admin/resources/partials/client-detail.html
index 7ef3efe..8038cc7 100755
--- a/forms/common-themes/src/main/resources/theme/base/admin/resources/partials/client-detail.html
+++ b/forms/common-themes/src/main/resources/theme/base/admin/resources/partials/client-detail.html
@@ -211,6 +211,13 @@
                 </div>
                 <kc-tooltip>URL fragment name to reference client when you want to do IDP Initiated SSO.  Leaving this empty will disable IDP Initiated SSO.  The URL you will reference from your browser will be: {server-root}/realms/{realm}/protocol/saml/clients/{client-url-name}</kc-tooltip>
             </div>
+            <div class="form-group clearfix block" data-ng-show="protocol == 'saml'">
+                <label class="col-md-2 control-label" for="idpInitiatedRelayState">IDP Initiated SSO Relay State</label>
+                <div class="col-sm-6">
+                    <input ng-model="client.attributes.saml_idp_initiated_sso_relay_state" class="form-control" type="text" name="idpInitiatedRelayState" id="idpInitiatedRelayState" />
+                </div>
+                <kc-tooltip>Relay state you want to send with SAML request when you want to do IDP Initiated SSO.</kc-tooltip>
+            </div>
             <div class="form-group" data-ng-show="!client.bearerOnly && !create && protocol == 'openid-connect'">
                 <label class="col-md-2 control-label" for="newWebOrigin">Web Origins</label>

saml/saml-protocol/src/main/java/org/keycloak/protocol/saml/SamlProtocol.java 3(+2 -1) 

diff --git a/saml/saml-protocol/src/main/java/org/keycloak/protocol/saml/SamlProtocol.java b/saml/saml-protocol/src/main/java/org/keycloak/protocol/saml/SamlProtocol.java
index c171110..15ff6f2 100755
--- a/saml/saml-protocol/src/main/java/org/keycloak/protocol/saml/SamlProtocol.java
+++ b/saml/saml-protocol/src/main/java/org/keycloak/protocol/saml/SamlProtocol.java
@@ -59,7 +59,6 @@ import java.util.UUID;
  * @version $Revision: 1 $
  */
 public class SamlProtocol implements LoginProtocol {
-    public static final String SAML_IDP_INITIATED_SSO_URL_NAME = "saml_idp_initiated_sso_url_name";
     protected static final Logger logger = Logger.getLogger(SamlProtocol.class);
 
 
@@ -95,6 +94,8 @@ public class SamlProtocol implements LoginProtocol {
     public static final String SAML_NAME_ID_FORMAT = "SAML_NAME_ID_FORMAT";
     public static final String SAML_DEFAULT_NAMEID_FORMAT = JBossSAMLURIConstants.NAMEID_FORMAT_UNSPECIFIED.get();
     public static final String SAML_PERSISTENT_NAME_ID_FOR = "saml.persistent.name.id.for";
+    public static final String SAML_IDP_INITIATED_SSO_RELAY_STATE = "saml_idp_initiated_sso_relay_state";
+    public static final String SAML_IDP_INITIATED_SSO_URL_NAME = "saml_idp_initiated_sso_url_name";
 
     protected KeycloakSession session;

saml/saml-protocol/src/main/java/org/keycloak/protocol/saml/SamlService.java 5(+5 -0) 

diff --git a/saml/saml-protocol/src/main/java/org/keycloak/protocol/saml/SamlService.java b/saml/saml-protocol/src/main/java/org/keycloak/protocol/saml/SamlService.java
index 4710ae6..d418f0e 100755
--- a/saml/saml-protocol/src/main/java/org/keycloak/protocol/saml/SamlService.java
+++ b/saml/saml-protocol/src/main/java/org/keycloak/protocol/saml/SamlService.java
@@ -609,6 +609,11 @@ public class SamlService {
         clientSession.setNote(SamlProtocol.SAML_IDP_INITIATED_LOGIN, "true");
         clientSession.setRedirectUri(redirect);
 
+        String relayState = client.getAttribute(SamlProtocol.SAML_IDP_INITIATED_SSO_RELAY_STATE);
+        if (relayState != null && !relayState.trim().equals("")) {
+            clientSession.setNote(GeneralConstants.RELAY_STATE, relayState);
+        }
+
 
         return newBrowserAuthentication(clientSession);

Bonobo Git Server (6.3.0.632) © 2015 Jakub Chodounský · Official Page · Github