Prosoft Git

keycloak-uncached

[KEYCLOAK-6878] - Always refresh token option not working

3/21/2018 10:01:02 AM
pedroigor

pedroigor

Commit: 3559c5d

Tree: 734b7cd

Parents: bb3c76a

Changes

adapters/oidc/spring-security/src/main/java/org/keycloak/adapters/springsecurity/filter/KeycloakSecurityContextRequestFilter.java 36(+16 -20)

Details

adapters/oidc/spring-security/src/main/java/org/keycloak/adapters/springsecurity/filter/KeycloakSecurityContextRequestFilter.java 36(+16 -20) 

diff --git a/adapters/oidc/spring-security/src/main/java/org/keycloak/adapters/springsecurity/filter/KeycloakSecurityContextRequestFilter.java b/adapters/oidc/spring-security/src/main/java/org/keycloak/adapters/springsecurity/filter/KeycloakSecurityContextRequestFilter.java
index 50db7de..3821103 100644
--- a/adapters/oidc/spring-security/src/main/java/org/keycloak/adapters/springsecurity/filter/KeycloakSecurityContextRequestFilter.java
+++ b/adapters/oidc/spring-security/src/main/java/org/keycloak/adapters/springsecurity/filter/KeycloakSecurityContextRequestFilter.java
@@ -16,6 +16,15 @@
  */
 package org.keycloak.adapters.springsecurity.filter;
 
+import java.io.IOException;
+
+import javax.servlet.FilterChain;
+import javax.servlet.ServletException;
+import javax.servlet.ServletRequest;
+import javax.servlet.ServletResponse;
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
+
 import org.keycloak.KeycloakPrincipal;
 import org.keycloak.KeycloakSecurityContext;
 import org.keycloak.adapters.AdapterDeploymentContext;
@@ -29,14 +38,6 @@ import org.springframework.security.core.Authentication;
 import org.springframework.security.core.context.SecurityContextHolder;
 import org.springframework.web.filter.GenericFilterBean;
 
-import javax.servlet.FilterChain;
-import javax.servlet.ServletException;
-import javax.servlet.ServletRequest;
-import javax.servlet.ServletResponse;
-import javax.servlet.http.HttpServletRequest;
-import javax.servlet.http.HttpServletResponse;
-import java.io.IOException;
-
 /**
  * @author <a href="mailto:psilva@redhat.com">Pedro Igor</a>
  */
@@ -60,19 +61,14 @@ public class KeycloakSecurityContextRequestFilter extends GenericFilterBean impl
 
         if (keycloakSecurityContext instanceof RefreshableKeycloakSecurityContext) {
             RefreshableKeycloakSecurityContext refreshableSecurityContext = (RefreshableKeycloakSecurityContext) keycloakSecurityContext;
+            KeycloakDeployment deployment = resolveDeployment(request, response);
 
-            if (refreshableSecurityContext.isActive()) {
-                KeycloakDeployment deployment = resolveDeployment(request, response);
-
-                if (deployment.isAlwaysRefreshToken()) {
-                    if (refreshableSecurityContext.refreshExpiredToken(false)) {
-                        request.setAttribute(KeycloakSecurityContext.class.getName(), refreshableSecurityContext);
-                    } else {
-                        clearAuthenticationContext();
-                    }
+            if (deployment.isAlwaysRefreshToken()) {
+                if (refreshableSecurityContext.refreshExpiredToken(false)) {
+                    request.setAttribute(KeycloakSecurityContext.class.getName(), refreshableSecurityContext);
+                } else {
+                    clearAuthenticationContext();
                 }
-            } else {
-                clearAuthenticationContext();
             }
         }
 
@@ -80,7 +76,7 @@ public class KeycloakSecurityContextRequestFilter extends GenericFilterBean impl
     }
 
     @Override
-    protected void initFilterBean() throws ServletException {
+    protected void initFilterBean() {
         deploymentContext = applicationContext.getBean(AdapterDeploymentContext.class);
     }

Bonobo Git Server (6.3.0.632) © 2015 Jakub Chodounský · Official Page · Github