Prosoft Git

keycloak-memoizeit

idp initiated relaystate query param

7/16/2015 9:48:07 AM
Bill Burke

Bill Burke

Commit: 808d27b

Tree: f30aab7

Parents: 5a9badf

Changes

docbook/reference/en/en-US/modules/saml.xml 3(+2 -1)

saml/saml-protocol/src/main/java/org/keycloak/protocol/saml/SamlService.java 7(+5 -2)

Details

docbook/reference/en/en-US/modules/saml.xml 3(+2 -1) 

diff --git a/docbook/reference/en/en-US/modules/saml.xml b/docbook/reference/en/en-US/modules/saml.xml
index 0ac20a6..4f4ffb7 100755
--- a/docbook/reference/en/en-US/modules/saml.xml
+++ b/docbook/reference/en/en-US/modules/saml.xml
@@ -194,7 +194,8 @@
             with no whitespace in it.  After this you can reference your client at the following URL:  <literal>root/auth/realms/{realm}/protocol/saml/clients/{url-name}</literal>
         </para>
         <para>
-            If your client requires a special relay state, you can also configure this in the admin console.
+            If your client requires a special relay state, you can also configure this in the admin console.  Alternatively, you can specify the relay state in a
+            <literal>RelayState</literal> query parameter, i.e. :  <literal>root/auth/realms/{realm}/protocol/saml/clients/{url-name}?RelayState=thestate</literal>
         </para>
     </section>
 </chapter>

saml/saml-protocol/src/main/java/org/keycloak/protocol/saml/SamlService.java 7(+5 -2) 

diff --git a/saml/saml-protocol/src/main/java/org/keycloak/protocol/saml/SamlService.java b/saml/saml-protocol/src/main/java/org/keycloak/protocol/saml/SamlService.java
index d418f0e..da2fc9e 100755
--- a/saml/saml-protocol/src/main/java/org/keycloak/protocol/saml/SamlService.java
+++ b/saml/saml-protocol/src/main/java/org/keycloak/protocol/saml/SamlService.java
@@ -561,7 +561,8 @@ public class SamlService {
     @GET
     @Path("clients/{client}")
     @Produces(MediaType.TEXT_HTML)
-    public Response idpInitiatedSSO(@PathParam("client") String clientUrlName) {
+    public Response idpInitiatedSSO(@PathParam("client") String clientUrlName,
+                                    @QueryParam("RelayState") String relayState) {
         event.event(EventType.LOGIN);
         ClientModel client = null;
         for (ClientModel c : realm.getClients()) {
@@ -609,7 +610,9 @@ public class SamlService {
         clientSession.setNote(SamlProtocol.SAML_IDP_INITIATED_LOGIN, "true");
         clientSession.setRedirectUri(redirect);
 
-        String relayState = client.getAttribute(SamlProtocol.SAML_IDP_INITIATED_SSO_RELAY_STATE);
+        if (relayState == null) {
+            relayState = client.getAttribute(SamlProtocol.SAML_IDP_INITIATED_SSO_RELAY_STATE);
+        }
         if (relayState != null && !relayState.trim().equals("")) {
             clientSession.setNote(GeneralConstants.RELAY_STATE, relayState);
         }

Bonobo Git Server (6.3.0.632) © 2015 Jakub Chodounský · Official Page · Github