Details
diff --git a/services/src/main/java/org/keycloak/protocol/oidc/endpoints/AuthorizationEndpoint.java b/services/src/main/java/org/keycloak/protocol/oidc/endpoints/AuthorizationEndpoint.java
index 6f0fdae..27070ad 100755
--- a/services/src/main/java/org/keycloak/protocol/oidc/endpoints/AuthorizationEndpoint.java
+++ b/services/src/main/java/org/keycloak/protocol/oidc/endpoints/AuthorizationEndpoint.java
@@ -60,8 +60,6 @@ public class AuthorizationEndpoint extends AuthorizationEndpointBase {
private String nonce;
private String idpHint;
- private String legacyResponseType;
-
public AuthorizationEndpoint(RealmModel realm, EventBuilder event) {
super(realm, event);
event.event(EventType.LOGIN);
@@ -102,15 +100,6 @@ public class AuthorizationEndpoint extends AuthorizationEndpointBase {
throw new RuntimeException("Unknown action " + action);
}
- /**
- * @deprecated
- */
- public AuthorizationEndpoint legacy(String legacyResponseType) {
- logger.warnv("Invoking deprecated endpoint {0}", uriInfo.getRequestUri());
- this.legacyResponseType = legacyResponseType;
- return this;
- }
-
public AuthorizationEndpoint register() {
event.event(EventType.REGISTER);
action = Action.REGISTER;
@@ -181,12 +170,8 @@ public class AuthorizationEndpoint extends AuthorizationEndpointBase {
private void checkResponseType() {
if (responseType == null) {
- if (legacyResponseType != null) {
- responseType = legacyResponseType;
- } else {
- event.error(Errors.INVALID_REQUEST);
- throw new ErrorPageException(session, Messages.MISSING_PARAMETER, OIDCLoginProtocol.RESPONSE_TYPE_PARAM);
- }
+ event.error(Errors.INVALID_REQUEST);
+ throw new ErrorPageException(session, Messages.MISSING_PARAMETER, OIDCLoginProtocol.RESPONSE_TYPE_PARAM);
}
event.detail(Details.RESPONSE_TYPE, responseType);
diff --git a/services/src/main/java/org/keycloak/protocol/oidc/endpoints/TokenEndpoint.java b/services/src/main/java/org/keycloak/protocol/oidc/endpoints/TokenEndpoint.java
index 8f875e1..382d2e2 100755
--- a/services/src/main/java/org/keycloak/protocol/oidc/endpoints/TokenEndpoint.java
+++ b/services/src/main/java/org/keycloak/protocol/oidc/endpoints/TokenEndpoint.java
@@ -83,8 +83,6 @@ public class TokenEndpoint {
private String grantType;
- private String legacyGrantType;
-
public TokenEndpoint(TokenManager tokenManager, RealmModel realm, EventBuilder event) {
this.tokenManager = tokenManager;
this.realm = realm;
@@ -132,15 +130,6 @@ public class TokenEndpoint {
return Cors.add(request, Response.ok()).auth().preflight().build();
}
- /**
- * @deprecated
- */
- public TokenEndpoint legacy(String legacyGrantType) {
- logger.warnv("Invoking deprecated endpoint {0}", uriInfo.getRequestUri());
- this.legacyGrantType = legacyGrantType;
- return this;
- }
-
private void checkSsl() {
if (!uriInfo.getBaseUri().getScheme().equals("https") && realm.getSslRequired().isRequired(clientConnection)) {
throw new ErrorResponseException("invalid_request", "HTTPS required", Response.Status.FORBIDDEN);
@@ -165,11 +154,7 @@ public class TokenEndpoint {
private void checkGrantType() {
if (grantType == null) {
- if (legacyGrantType != null) {
- grantType = legacyGrantType;
- } else {
- throw new ErrorResponseException("invalid_request", "Missing form parameter: " + OIDCLoginProtocol.GRANT_TYPE_PARAM, Response.Status.BAD_REQUEST);
- }
+ throw new ErrorResponseException("invalid_request", "Missing form parameter: " + OIDCLoginProtocol.GRANT_TYPE_PARAM, Response.Status.BAD_REQUEST);
}
if (grantType.equals(OAuth2Constants.AUTHORIZATION_CODE)) {
diff --git a/services/src/main/java/org/keycloak/protocol/oidc/OIDCLoginProtocolService.java b/services/src/main/java/org/keycloak/protocol/oidc/OIDCLoginProtocolService.java
index 382e85c..6f6be0c 100755
--- a/services/src/main/java/org/keycloak/protocol/oidc/OIDCLoginProtocolService.java
+++ b/services/src/main/java/org/keycloak/protocol/oidc/OIDCLoginProtocolService.java
@@ -14,9 +14,7 @@ import org.keycloak.protocol.oidc.endpoints.AuthorizationEndpoint;
import org.keycloak.protocol.oidc.endpoints.LoginStatusIframeEndpoint;
import org.keycloak.protocol.oidc.endpoints.LogoutEndpoint;
import org.keycloak.protocol.oidc.endpoints.TokenEndpoint;
-import org.keycloak.protocol.oidc.endpoints.TokenIntrospectionEndpoint;
import org.keycloak.protocol.oidc.endpoints.UserInfoEndpoint;
-import org.keycloak.protocol.oidc.endpoints.ValidateTokenEndpoint;
import org.keycloak.protocol.oidc.representations.JSONWebKeySet;
import org.keycloak.services.resources.RealmsResource;
@@ -88,17 +86,6 @@ public class OIDCLoginProtocolService {
return tokenUrl(baseUriBuilder).path(TokenEndpoint.class, "introspect");
}
- /**
- * @deprecated use {@link OIDCLoginProtocolService#tokenIntrospectionUrl(UriBuilder)} instead
- * @param baseUriBuilder
- * @return
- */
- @Deprecated
- public static UriBuilder validateAccessTokenUrl(UriBuilder baseUriBuilder) {
- UriBuilder uriBuilder = tokenServiceBaseUrl(baseUriBuilder);
- return uriBuilder.path(OIDCLoginProtocolService.class, "validateAccessToken");
- }
-
public static UriBuilder logoutUrl(UriInfo uriInfo) {
UriBuilder baseUriBuilder = uriInfo.getBaseUriBuilder();
return logoutUrl(baseUriBuilder);
@@ -149,14 +136,6 @@ public class OIDCLoginProtocolService {
return endpoint;
}
- @Path("login")
- @Deprecated
- public Object loginPage() {
- AuthorizationEndpoint endpoint = new AuthorizationEndpoint(realm, event);
- ResteasyProviderFactory.getInstance().injectProperties(endpoint);
- return endpoint.legacy(OIDCLoginProtocol.CODE_PARAM);
- }
-
@Path("login-status-iframe.html")
public Object getLoginStatusIframe() {
LoginStatusIframeEndpoint endpoint = new LoginStatusIframeEndpoint(realm);
@@ -164,45 +143,6 @@ public class OIDCLoginProtocolService {
return endpoint;
}
- @Path("grants/access")
- @Deprecated
- public Object grantAccessToken() {
- TokenEndpoint endpoint = new TokenEndpoint(tokenManager, realm, event);
- ResteasyProviderFactory.getInstance().injectProperties(endpoint);
- return endpoint.legacy(OAuth2Constants.PASSWORD);
- }
-
- @Path("refresh")
- @Deprecated
- public Object refreshAccessToken() {
- TokenEndpoint endpoint = new TokenEndpoint(tokenManager, realm, event);
- ResteasyProviderFactory.getInstance().injectProperties(endpoint);
- return endpoint.legacy(OAuth2Constants.REFRESH_TOKEN);
- }
-
- @Path("access/codes")
- @Deprecated
- public Object accessCodeToToken() {
- TokenEndpoint endpoint = new TokenEndpoint(tokenManager, realm, event);
- ResteasyProviderFactory.getInstance().injectProperties(endpoint);
- return endpoint.legacy(OAuth2Constants.AUTHORIZATION_CODE);
- }
-
- /**
- * @deprecated use {@link TokenIntrospectionEndpoint#introspect()} instead
- * @param tokenString
- * @return
- */
- @Path("validate")
- @Deprecated
- public Object validateAccessToken(@QueryParam("access_token") String tokenString) {
- logger.warnv("Invoking deprecated endpoint {0}", uriInfo.getRequestUri());
- ValidateTokenEndpoint endpoint = new ValidateTokenEndpoint(tokenManager, realm, event);
- ResteasyProviderFactory.getInstance().injectProperties(endpoint);
- return endpoint;
-
- }
-
@GET
@Path("certs")
@Produces(MediaType.APPLICATION_JSON)
diff --git a/testsuite/integration/src/test/java/org/keycloak/testsuite/oauth/AccessTokenTest.java b/testsuite/integration/src/test/java/org/keycloak/testsuite/oauth/AccessTokenTest.java
index 4e2f1f3..2b4ec04 100755
--- a/testsuite/integration/src/test/java/org/keycloak/testsuite/oauth/AccessTokenTest.java
+++ b/testsuite/integration/src/test/java/org/keycloak/testsuite/oauth/AccessTokenTest.java
@@ -401,65 +401,6 @@ public class AccessTokenTest {
}
@Test
- public void testValidateAccessToken() throws Exception {
- Client client = ClientBuilder.newClient();
- UriBuilder builder = UriBuilder.fromUri(org.keycloak.testsuite.Constants.AUTH_SERVER_ROOT);
- URI grantUri = OIDCLoginProtocolService.tokenUrl(builder).build("test");
- WebTarget grantTarget = client.target(grantUri);
- builder = UriBuilder.fromUri(org.keycloak.testsuite.Constants.AUTH_SERVER_ROOT);
- URI validateUri = OIDCLoginProtocolService.validateAccessTokenUrl(builder).build("test");
- WebTarget validateTarget = client.target(validateUri);
-
- {
- Response response = validateTarget.queryParam("access_token", "bad token").request().get();
- Assert.assertEquals(400, response.getStatus());
- HashMap<String, String> error = response.readEntity(new GenericType<HashMap<String, String>>() {
- });
- Assert.assertNotNull(error.get("error"));
- }
-
-
- org.keycloak.representations.AccessTokenResponse tokenResponse = null;
- {
- Response response = executeGrantAccessTokenRequest(grantTarget);
- Assert.assertEquals(200, response.getStatus());
- tokenResponse = response.readEntity(org.keycloak.representations.AccessTokenResponse.class);
- response.close();
- }
-
- {
- Response response = validateTarget.queryParam("access_token", tokenResponse.getToken()).request().get();
- Assert.assertEquals(200, response.getStatus());
- AccessToken token = response.readEntity(AccessToken.class);
- Assert.assertNotNull(token);
- response.close();
- }
- {
- builder = UriBuilder.fromUri(org.keycloak.testsuite.Constants.AUTH_SERVER_ROOT);
- URI logoutUri = OIDCLoginProtocolService.logoutUrl(builder).build("test");
- String header = BasicAuthHelper.createHeader("test-app", "password");
- Form form = new Form();
- form.param("refresh_token", tokenResponse.getRefreshToken());
- Response response = client.target(logoutUri).request()
- .header(HttpHeaders.AUTHORIZATION, header)
- .post(Entity.form(form));
- Assert.assertEquals(204, response.getStatus());
- response.close();
- }
- {
- Response response = validateTarget.queryParam("access_token", tokenResponse.getToken()).request().get();
- Assert.assertEquals(400, response.getStatus());
- HashMap<String, String> error = response.readEntity(new GenericType<HashMap<String, String>>() {
- });
- Assert.assertNotNull(error.get("error"));
- }
-
- client.close();
- events.clear();
-
- }
-
- @Test
public void testGrantAccessToken() throws Exception {
Client client = ClientBuilder.newClient();
UriBuilder builder = UriBuilder.fromUri(org.keycloak.testsuite.Constants.AUTH_SERVER_ROOT);
