keycloak-memoizeit
Changes
adapters/oidc/js/src/main/resources/keycloak.js 54(+34 -20)
Details
adapters/oidc/js/src/main/resources/keycloak.js 54(+34 -20)
diff --git a/adapters/oidc/js/src/main/resources/keycloak.js b/adapters/oidc/js/src/main/resources/keycloak.js
index 08f8040..9a11b8c 100755
--- a/adapters/oidc/js/src/main/resources/keycloak.js
+++ b/adapters/oidc/js/src/main/resources/keycloak.js
@@ -154,10 +154,14 @@
case 'check-sso':
if (loginIframe.enable) {
setupCheckLoginIframe().success(function() {
- checkLoginIframe().success(function () {
- doLogin(false);
+ checkLoginIframe().success(function (unchanged) {
+ if (!unchanged) {
+ doLogin(false);
+ } else {
+ initPromise.setSuccess();
+ }
}).error(function () {
- initPromise.setSuccess();
+ initPromise.setError();
});
});
} else {
@@ -191,12 +195,16 @@
if (loginIframe.enable) {
setupCheckLoginIframe().success(function() {
- checkLoginIframe().success(function () {
- kc.onAuthSuccess && kc.onAuthSuccess();
- initPromise.setSuccess();
+ checkLoginIframe().success(function (unchanged) {
+ if (unchanged) {
+ kc.onAuthSuccess && kc.onAuthSuccess();
+ initPromise.setSuccess();
+ scheduleCheckIframe();
+ } else {
+ initPromise.setSuccess();
+ }
}).error(function () {
- setToken(null, null, null);
- initPromise.setSuccess();
+ initPromise.setError();
});
});
} else {
@@ -593,6 +601,7 @@
var tokenResponse = JSON.parse(req.responseText);
authSuccess(tokenResponse['access_token'], tokenResponse['refresh_token'], tokenResponse['id_token'], kc.flow === 'standard');
+ scheduleCheckIframe();
} else {
kc.onAuthError && kc.onAuthError();
promise && promise.setError();
@@ -1076,8 +1085,6 @@
loginIframe.iframeOrigin = authUrl.substring(0, authUrl.indexOf('/', 8));
}
promise.setSuccess();
-
- setTimeout(check, loginIframe.interval * 1000);
}
var src = kc.endpoints.checkSessionIframe();
@@ -1104,31 +1111,38 @@
for (var i = callbacks.length - 1; i >= 0; --i) {
var promise = callbacks[i];
- if (event.data == 'unchanged') {
- promise.setSuccess();
- } else {
+ if (event.data == 'error') {
promise.setError();
+ } else {
+ promise.setSuccess(event.data == 'unchanged');
}
}
};
window.addEventListener('message', messageCallback, false);
- var check = function() {
- checkLoginIframe();
+ return promise.promise;
+ }
+
+ function scheduleCheckIframe() {
+ if (loginIframe.enable) {
if (kc.token) {
- setTimeout(check, loginIframe.interval * 1000);
+ setTimeout(function() {
+ checkLoginIframe().success(function(unchanged) {
+ if (unchanged) {
+ scheduleCheckIframe();
+ }
+ });
+ }, loginIframe.interval * 1000);
}
- };
-
- return promise.promise;
+ }
}
function checkLoginIframe() {
var promise = createPromise(true);
if (loginIframe.iframe && loginIframe.iframeOrigin ) {
- var msg = kc.clientId + ' ' + kc.sessionId;
+ var msg = kc.clientId + ' ' + (kc.sessionId ? kc.sessionId : '');
loginIframe.callbackList.push(promise);
var origin = loginIframe.iframeOrigin;
if (loginIframe.callbackList.length == 1) {
diff --git a/adapters/oidc/js/src/main/resources/login-status-iframe.html b/adapters/oidc/js/src/main/resources/login-status-iframe.html
index e848dd6..30e30d8 100755
--- a/adapters/oidc/js/src/main/resources/login-status-iframe.html
+++ b/adapters/oidc/js/src/main/resources/login-status-iframe.html
@@ -23,9 +23,20 @@
function checkState(clientId, origin, sessionState, callback) {
var cookie = getCookie();
- if (!cookie) {
- callback('changed');
- } else if (!init) {
+ var checkCookie = function() {
+ if (clientId === init.clientId && origin === init.origin) {
+ var c = cookie.split('/');
+ if (sessionState === c[2]) {
+ callback('unchanged');
+ } else {
+ callback('changed');
+ }
+ } else {
+ callback('error');
+ }
+ }
+
+ if (!init) {
var req = new XMLHttpRequest();
var url = location.href.split("?")[0] + "/init";
@@ -41,9 +52,7 @@
clientId: clientId,
origin: origin
}
- callback('unchanged');
- } else if (req.status === 404) {
- callback('changed');
+ checkCookie();
} else {
callback('error');
}
@@ -51,17 +60,14 @@
};
req.send();
- } else {
- if (clientId === init.clientId && origin === init.origin) {
- var c = cookie.split('/');
- if (sessionState === c[2]) {
- callback('unchanged');
- } else {
- callback('changed');
- }
+ } else if (!cookie) {
+ if (sessionState != '') {
+ callback('changed');
} else {
- callback('error');
+ callback('unchanged');
}
+ } else {
+ checkCookie();
}
}
diff --git a/services/src/main/java/org/keycloak/protocol/oidc/endpoints/LoginStatusIframeEndpoint.java b/services/src/main/java/org/keycloak/protocol/oidc/endpoints/LoginStatusIframeEndpoint.java
index a478169..ce3e36a 100755
--- a/services/src/main/java/org/keycloak/protocol/oidc/endpoints/LoginStatusIframeEndpoint.java
+++ b/services/src/main/java/org/keycloak/protocol/oidc/endpoints/LoginStatusIframeEndpoint.java
@@ -76,7 +76,7 @@ public class LoginStatusIframeEndpoint {
UriInfo uriInfo = session.getContext().getUri();
RealmModel realm = session.getContext().getRealm();
ClientModel client = session.realms().getClientByClientId(clientId, realm);
- if (client != null) {
+ if (client != null && client.isEnabled()) {
Set<String> validWebOrigins = WebOriginsUtils.resolveValidWebOrigins(uriInfo, client);
validWebOrigins.add(UriUtils.getOrigin(uriInfo.getRequestUri()));
if (validWebOrigins.contains("*") || validWebOrigins.contains(origin)) {