diff --git a/services/src/main/java/org/keycloak/protocol/oidc/endpoints/AuthorizationEndpoint.java b/services/src/main/java/org/keycloak/protocol/oidc/endpoints/AuthorizationEndpoint.java
index 8306b7a..93bf67b 100755
--- a/services/src/main/java/org/keycloak/protocol/oidc/endpoints/AuthorizationEndpoint.java
+++ b/services/src/main/java/org/keycloak/protocol/oidc/endpoints/AuthorizationEndpoint.java
@@ -91,6 +91,25 @@ public class AuthorizationEndpoint {
@GET
public Response build() {
+ MultivaluedMap<String, String> params = uriInfo.getQueryParameters();
+
+ clientId = params.getFirst(OIDCLoginProtocol.CLIENT_ID_PARAM);
+ responseType = params.getFirst(OIDCLoginProtocol.RESPONSE_TYPE_PARAM);
+ redirectUriParam = params.getFirst(OIDCLoginProtocol.REDIRECT_URI_PARAM);
+ state = params.getFirst(OIDCLoginProtocol.STATE_PARAM);
+ scope = params.getFirst(OIDCLoginProtocol.SCOPE_PARAM);
+ loginHint = params.getFirst(OIDCLoginProtocol.LOGIN_HINT_PARAM);
+ prompt = params.getFirst(OIDCLoginProtocol.PROMPT_PARAM);
+ idpHint = params.getFirst(AdapterConstants.KC_IDP_HINT);
+
+ checkSsl();
+ checkRealm();
+ checkClient();
+ checkResponseType();
+ checkRedirectUri();
+
+ createClientSession();
+
switch (action) {
case REGISTER:
return buildRegister();
@@ -121,29 +140,6 @@ public class AuthorizationEndpoint {
return this;
}
- public AuthorizationEndpoint init() {
- MultivaluedMap<String, String> params = uriInfo.getQueryParameters();
-
- clientId = params.getFirst(OIDCLoginProtocol.CLIENT_ID_PARAM);
- responseType = params.getFirst(OIDCLoginProtocol.RESPONSE_TYPE_PARAM);
- redirectUriParam = params.getFirst(OIDCLoginProtocol.REDIRECT_URI_PARAM);
- state = params.getFirst(OIDCLoginProtocol.STATE_PARAM);
- scope = params.getFirst(OIDCLoginProtocol.SCOPE_PARAM);
- loginHint = params.getFirst(OIDCLoginProtocol.LOGIN_HINT_PARAM);
- prompt = params.getFirst(OIDCLoginProtocol.PROMPT_PARAM);
- idpHint = params.getFirst(AdapterConstants.KC_IDP_HINT);
-
- checkSsl();
- checkRealm();
- checkClient();
- checkResponseType();
- checkRedirectUri();
-
- createClientSession();
-
- return this;
- }
-
private void checkSsl() {
if (!uriInfo.getBaseUri().getScheme().equals("https") && realm.getSslRequired().isRequired(clientConnection)) {
event.error(Errors.SSL_REQUIRED);
@@ -172,7 +168,7 @@ public class AuthorizationEndpoint {
throw new ErrorPageException(session, Messages.CLIENT_NOT_FOUND );
}
- if ((client instanceof ClientModel) && ((ClientModel) client).isBearerOnly()) {
+ if (client.isBearerOnly()) {
event.error(Errors.NOT_ALLOWED);
throw new ErrorPageException(session, Messages.BEARER_ONLY );
}
@@ -198,7 +194,9 @@ public class AuthorizationEndpoint {
event.detail(Details.RESPONSE_TYPE, responseType);
if (responseType.equals(OAuth2Constants.CODE)) {
- action = Action.CODE;
+ if (action == null) {
+ action = Action.CODE;
+ }
} else {
event.error(Errors.INVALID_REQUEST);
throw new ErrorPageException(session, Messages.INVALID_PARAMETER, OIDCLoginProtocol.RESPONSE_TYPE_PARAM );
diff --git a/services/src/main/java/org/keycloak/protocol/oidc/endpoints/TokenEndpoint.java b/services/src/main/java/org/keycloak/protocol/oidc/endpoints/TokenEndpoint.java
index 43538ee..ffbc6a7 100755
--- a/services/src/main/java/org/keycloak/protocol/oidc/endpoints/TokenEndpoint.java
+++ b/services/src/main/java/org/keycloak/protocol/oidc/endpoints/TokenEndpoint.java
@@ -87,6 +87,14 @@ public class TokenEndpoint {
@POST
public Response build() {
+ formParams = request.getDecodedFormParameters();
+ grantType = formParams.getFirst(OIDCLoginProtocol.GRANT_TYPE_PARAM);
+
+ checkSsl();
+ checkRealm();
+ checkGrantType();
+ checkClient();
+
switch (action) {
case AUTHORIZATION_CODE:
return buildAuthorizationCodeAccessTokenResponse();
@@ -116,18 +124,6 @@ public class TokenEndpoint {
return this;
}
- public TokenEndpoint init() {
- formParams = request.getDecodedFormParameters();
- grantType = formParams.getFirst(OIDCLoginProtocol.GRANT_TYPE_PARAM);
-
- checkSsl();
- checkRealm();
- checkGrantType();
- checkClient();
-
- return this;
- }
-
private void checkSsl() {
if (!uriInfo.getBaseUri().getScheme().equals("https") && realm.getSslRequired().isRequired(clientConnection)) {
throw new ErrorResponseException("invalid_request", "HTTPS required", Response.Status.FORBIDDEN);
diff --git a/services/src/main/java/org/keycloak/protocol/oidc/OIDCLoginProtocolService.java b/services/src/main/java/org/keycloak/protocol/oidc/OIDCLoginProtocolService.java
index 666586f..e0c7170 100755
--- a/services/src/main/java/org/keycloak/protocol/oidc/OIDCLoginProtocolService.java
+++ b/services/src/main/java/org/keycloak/protocol/oidc/OIDCLoginProtocolService.java
@@ -107,7 +107,7 @@ public class OIDCLoginProtocolService {
public Object auth() {
AuthorizationEndpoint endpoint = new AuthorizationEndpoint(authManager, realm, event);
ResteasyProviderFactory.getInstance().injectProperties(endpoint);
- return endpoint.init();
+ return endpoint;
}
/**
@@ -117,7 +117,7 @@ public class OIDCLoginProtocolService {
public Object registerPage() {
AuthorizationEndpoint endpoint = new AuthorizationEndpoint(authManager, realm, event);
ResteasyProviderFactory.getInstance().injectProperties(endpoint);
- return endpoint.init().register();
+ return endpoint.register();
}
/**
@@ -127,7 +127,7 @@ public class OIDCLoginProtocolService {
public Object token() {
TokenEndpoint endpoint = new TokenEndpoint(tokenManager, authManager, realm, event);
ResteasyProviderFactory.getInstance().injectProperties(endpoint);
- return endpoint.init();
+ return endpoint;
}
@Path("login")
@@ -135,7 +135,7 @@ public class OIDCLoginProtocolService {
public Object loginPage() {
AuthorizationEndpoint endpoint = new AuthorizationEndpoint(authManager, realm, event);
ResteasyProviderFactory.getInstance().injectProperties(endpoint);
- return endpoint.legacy(OIDCLoginProtocol.CODE_PARAM).init();
+ return endpoint.legacy(OIDCLoginProtocol.CODE_PARAM);
}
@Path("login-status-iframe.html")
@@ -150,7 +150,7 @@ public class OIDCLoginProtocolService {
public Object grantAccessToken() {
TokenEndpoint endpoint = new TokenEndpoint(tokenManager, authManager, realm, event);
ResteasyProviderFactory.getInstance().injectProperties(endpoint);
- return endpoint.legacy(OAuth2Constants.PASSWORD).init();
+ return endpoint.legacy(OAuth2Constants.PASSWORD);
}
@Path("refresh")
@@ -158,7 +158,7 @@ public class OIDCLoginProtocolService {
public Object refreshAccessToken() {
TokenEndpoint endpoint = new TokenEndpoint(tokenManager, authManager, realm, event);
ResteasyProviderFactory.getInstance().injectProperties(endpoint);
- return endpoint.legacy(OAuth2Constants.REFRESH_TOKEN).init();
+ return endpoint.legacy(OAuth2Constants.REFRESH_TOKEN);
}
@Path("access/codes")
@@ -166,7 +166,7 @@ public class OIDCLoginProtocolService {
public Object accessCodeToToken() {
TokenEndpoint endpoint = new TokenEndpoint(tokenManager, authManager, realm, event);
ResteasyProviderFactory.getInstance().injectProperties(endpoint);
- return endpoint.legacy(OAuth2Constants.AUTHORIZATION_CODE).init();
+ return endpoint.legacy(OAuth2Constants.AUTHORIZATION_CODE);
}
@Path("validate")
