keycloak-uncached
Changes
examples/cordova/example-realm.json 4(+1 -3)
examples/cors/cors-realm.json 4(+2 -2)
examples/demo-template/admin-access-app/src/main/java/org/keycloak/example/AdminClient.java 19(+13 -6)
examples/demo-template/customer-app/src/main/java/org/keycloak/example/CustomerDatabaseClient.java 7(+6 -1)
examples/demo-template/customer-app-cli/src/main/java/org/keycloak/example/CustomerCli.java 5(+4 -1)
examples/demo-template/product-app/src/main/java/org/keycloak/example/oauth/ProductDatabaseClient.java 7(+6 -1)
examples/demo-template/testrealm.json 24(+12 -12)
examples/demo-template/third-party/src/main/java/org/keycloak/example/oauth/ProductDatabaseClient.java 8(+7 -1)
examples/demo-template/third-party-cdi/src/main/java/org/keycloak/example/oauth/DatabaseClient.java 11(+9 -2)
integration/servlet-oauth-client/src/main/java/org/keycloak/servlet/ServletOAuthClient.java 21(+15 -6)
Details
diff --git a/core/src/main/java/org/keycloak/AbstractOAuthClient.java b/core/src/main/java/org/keycloak/AbstractOAuthClient.java
index 3d16875..600dab0 100755
--- a/core/src/main/java/org/keycloak/AbstractOAuthClient.java
+++ b/core/src/main/java/org/keycloak/AbstractOAuthClient.java
@@ -19,6 +19,7 @@ public class AbstractOAuthClient {
protected String authUrl;
protected String codeUrl;
protected String refreshUrl;
+ protected boolean relativeUrls;
protected String scope;
protected String stateCookieName = OAUTH_TOKEN_REQUEST_STATE;
protected String stateCookiePath;
@@ -100,6 +101,14 @@ public class AbstractOAuthClient {
this.publicClient = publicClient;
}
+ public boolean isRelativeUrls() {
+ return relativeUrls;
+ }
+
+ public void setRelativeUrls(boolean relativeUrls) {
+ this.relativeUrls = relativeUrls;
+ }
+
protected String stripOauthParametersFromRedirect(String uri) {
KeycloakUriBuilder builder = KeycloakUriBuilder.fromUri(uri)
.replaceQueryParam(OAuth2Constants.CODE, null)
examples/cordova/example-realm.json 4(+1 -3)
diff --git a/examples/cordova/example-realm.json b/examples/cordova/example-realm.json
index 05ad905..161a421 100755
--- a/examples/cordova/example-realm.json
+++ b/examples/cordova/example-realm.json
@@ -52,9 +52,7 @@
"name": "cordova",
"enabled": true,
"publicClient": true,
- "redirectUris": [
- "http://localhost"
- ]
+ "redirectUris": []
}
],
"applicationRoleMappings": {
diff --git a/examples/cors/angular-product-app/src/main/webapp/js/app.js b/examples/cors/angular-product-app/src/main/webapp/js/app.js
index 3e56205..d093997 100755
--- a/examples/cors/angular-product-app/src/main/webapp/js/app.js
+++ b/examples/cors/angular-product-app/src/main/webapp/js/app.js
@@ -18,7 +18,7 @@ angular.element(document).ready(function ($http) {
console.log('here login');
auth.loggedIn = true;
auth.authz = keycloakAuth;
- auth.logoutUrl = keycloakAuth.authServerUrl + "/realms/" + keycloakAuth.realm + "/tokens/logout?redirect_uri=http://localhost:8080/angular-product/index.html";
+ auth.logoutUrl = keycloakAuth.authServerUrl + "/realms/" + keycloakAuth.realm + "/tokens/logout?redirect_uri=/angular-product/index.html";
module.factory('Auth', function() {
return auth;
});
diff --git a/examples/cors/angular-product-app/src/main/webapp/keycloak.json b/examples/cors/angular-product-app/src/main/webapp/keycloak.json
index 6b94b27..1246b2e 100755
--- a/examples/cors/angular-product-app/src/main/webapp/keycloak.json
+++ b/examples/cors/angular-product-app/src/main/webapp/keycloak.json
@@ -1,7 +1,7 @@
{
"realm" : "cors",
"realm-public-key" : "MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCrVrCuTtArbgaZzL1hvh0xtL5mc7o0NqPVnYXkLvgcwiC3BjLGw1tGEGoJaXDuSaRllobm53JBhjx33UNv+5z/UMG4kytBWxheNVKnL6GgqlNabMaFfPLPCF8kAgKnsi79NMo+n6KnSY8YeUmec/p2vjO2NjsSAVcWEQMVhJ31LwIDAQAB",
- "auth-server-url" : "http://localhost-auth:8080/auth",
+ "auth-server-url" : "/auth",
"ssl-not-required" : true,
"resource" : "angular-product",
"public-client" : true
examples/cors/cors-realm.json 4(+2 -2)
diff --git a/examples/cors/cors-realm.json b/examples/cors/cors-realm.json
index 1dd5503..5f801cd 100755
--- a/examples/cors/cors-realm.json
+++ b/examples/cors/cors-realm.json
@@ -47,9 +47,9 @@
"name": "angular-product",
"enabled": true,
"publicClient": true,
- "baseUrl": "http://localhost:8080/angular-product/index.html",
+ "baseUrl": "/angular-product/index.html",
"redirectUris": [
- "http://localhost:8080/angular-product/*"
+ "/angular-product/*"
],
"webOrigins": [
"http://localhost:8080"
diff --git a/examples/demo-template/admin-access-app/src/main/java/org/keycloak/example/AdminClient.java b/examples/demo-template/admin-access-app/src/main/java/org/keycloak/example/AdminClient.java
index 09a3633..763dfee 100755
--- a/examples/demo-template/admin-access-app/src/main/java/org/keycloak/example/AdminClient.java
+++ b/examples/demo-template/admin-access-app/src/main/java/org/keycloak/example/AdminClient.java
@@ -16,6 +16,7 @@ import org.keycloak.representations.idm.RoleRepresentation;
import org.keycloak.util.JsonSerialization;
import org.keycloak.util.KeycloakUriBuilder;
+import javax.servlet.http.HttpServletRequest;
import java.io.ByteArrayOutputStream;
import java.io.IOException;
import java.io.InputStream;
@@ -43,14 +44,14 @@ public class AdminClient {
}
}
- public static AccessTokenResponse getToken() throws IOException {
+ public static AccessTokenResponse getToken(HttpServletRequest request) throws IOException {
HttpClient client = new HttpClientBuilder()
.disableTrustManager().build();
try {
- HttpPost post = new HttpPost(KeycloakUriBuilder.fromUri("http://localhost:8080/auth")
+ HttpPost post = new HttpPost(KeycloakUriBuilder.fromUri(getBaseUrl(request) + "/auth")
.path(ServiceUrlConstants.TOKEN_SERVICE_DIRECT_GRANT_PATH).build("demo"));
List <NameValuePair> formparams = new ArrayList <NameValuePair>();
formparams.add(new BasicNameValuePair("username", "admin"));
@@ -94,14 +95,14 @@ public class AdminClient {
}
}
- public static void logout(AccessTokenResponse res) throws IOException {
+ public static void logout(HttpServletRequest request, AccessTokenResponse res) throws IOException {
HttpClient client = new HttpClientBuilder()
.disableTrustManager().build();
try {
- HttpGet get = new HttpGet(KeycloakUriBuilder.fromUri("http://localhost:8080/auth")
+ HttpGet get = new HttpGet(KeycloakUriBuilder.fromUri(getBaseUrl(request) + "/auth")
.path(ServiceUrlConstants.TOKEN_SERVICE_LOGOUT_PATH)
.queryParam("session_state", res.getSessionState())
.build("demo"));
@@ -117,12 +118,12 @@ public class AdminClient {
}
}
- public static List<RoleRepresentation> getRealmRoles(AccessTokenResponse res) throws Failure {
+ public static List<RoleRepresentation> getRealmRoles(HttpServletRequest request, AccessTokenResponse res) throws Failure {
HttpClient client = new HttpClientBuilder()
.disableTrustManager().build();
try {
- HttpGet get = new HttpGet("http://localhost:8080/auth/admin/realms/demo/roles");
+ HttpGet get = new HttpGet(getBaseUrl(request) + "/auth/admin/realms/demo/roles");
get.addHeader("Authorization", "Bearer " + res.getToken());
try {
HttpResponse response = client.execute(get);
@@ -143,4 +144,10 @@ public class AdminClient {
client.getConnectionManager().shutdown();
}
}
+
+ public static String getBaseUrl(HttpServletRequest request) {
+ String url = request.getRequestURL().toString();
+ return url.substring(0, url.indexOf('/', 8));
+ }
+
}
diff --git a/examples/demo-template/admin-access-app/src/main/webapp/admin/admin.jsp b/examples/demo-template/admin-access-app/src/main/webapp/admin/admin.jsp
index 1107888..7f478b4 100755
--- a/examples/demo-template/admin-access-app/src/main/webapp/admin/admin.jsp
+++ b/examples/demo-template/admin-access-app/src/main/webapp/admin/admin.jsp
@@ -12,9 +12,9 @@
<%
java.util.List<RoleRepresentation> list = null;
try {
- AccessTokenResponse res = AdminClient.getToken();
- list = AdminClient.getRealmRoles(res);
- AdminClient.logout(res);
+ AccessTokenResponse res = AdminClient.getToken(request);
+ list = AdminClient.getRealmRoles(request, res);
+ AdminClient.logout(request, res);
} catch (AdminClient.Failure failure) {
out.println("There was a failure processing request. You either didn't configure Keycloak properly");
out.println("Status from database service invocation was: " + failure.getStatus());
diff --git a/examples/demo-template/angular-product-app/src/main/webapp/js/app.js b/examples/demo-template/angular-product-app/src/main/webapp/js/app.js
index 7062c41..05dafbb 100755
--- a/examples/demo-template/angular-product-app/src/main/webapp/js/app.js
+++ b/examples/demo-template/angular-product-app/src/main/webapp/js/app.js
@@ -16,7 +16,7 @@ angular.element(document).ready(function ($http) {
keycloakAuth.init({ onLoad: 'login-required' }).success(function () {
auth.loggedIn = true;
auth.authz = keycloakAuth;
- auth.logoutUrl = keycloakAuth.authServerUrl + "/realms/demo/tokens/logout?redirect_uri=http://localhost:8080/angular-product/index.html";
+ auth.logoutUrl = keycloakAuth.authServerUrl + "/realms/demo/tokens/logout?redirect_uri=/angular-product/index.html";
module.factory('Auth', function() {
return auth;
});
diff --git a/examples/demo-template/angular-product-app/src/main/webapp/keycloak.json b/examples/demo-template/angular-product-app/src/main/webapp/keycloak.json
index 1efffef..a55fae3 100755
--- a/examples/demo-template/angular-product-app/src/main/webapp/keycloak.json
+++ b/examples/demo-template/angular-product-app/src/main/webapp/keycloak.json
@@ -1,7 +1,7 @@
{
"realm" : "demo",
"realm-public-key" : "MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCrVrCuTtArbgaZzL1hvh0xtL5mc7o0NqPVnYXkLvgcwiC3BjLGw1tGEGoJaXDuSaRllobm53JBhjx33UNv+5z/UMG4kytBWxheNVKnL6GgqlNabMaFfPLPCF8kAgKnsi79NMo+n6KnSY8YeUmec/p2vjO2NjsSAVcWEQMVhJ31LwIDAQAB",
- "auth-server-url" : "http://localhost:8080/auth",
+ "auth-server-url" : "/auth",
"ssl-not-required" : true,
"resource" : "angular-product",
"public-client" : true
diff --git a/examples/demo-template/customer-app/src/main/java/org/keycloak/example/AdminClient.java b/examples/demo-template/customer-app/src/main/java/org/keycloak/example/AdminClient.java
index f776c4c..91b7422 100755
--- a/examples/demo-template/customer-app/src/main/java/org/keycloak/example/AdminClient.java
+++ b/examples/demo-template/customer-app/src/main/java/org/keycloak/example/AdminClient.java
@@ -43,7 +43,7 @@ public class AdminClient {
HttpClient client = new HttpClientBuilder()
.disableTrustManager().build();
try {
- HttpGet get = new HttpGet("http://localhost:8080/auth/admin/realms/demo/roles");
+ HttpGet get = new HttpGet(getBaseUrl(req) + "/auth/admin/realms/demo/roles");
get.addHeader("Authorization", "Bearer " + session.getTokenString());
try {
HttpResponse response = client.execute(get);
@@ -64,4 +64,10 @@ public class AdminClient {
client.getConnectionManager().shutdown();
}
}
+
+ public static String getBaseUrl(HttpServletRequest request) {
+ String url = request.getRequestURL().toString();
+ return url.substring(0, url.indexOf('/', 8));
+ }
+
}
diff --git a/examples/demo-template/customer-app/src/main/java/org/keycloak/example/CustomerDatabaseClient.java b/examples/demo-template/customer-app/src/main/java/org/keycloak/example/CustomerDatabaseClient.java
index 9a112db..83e6c7e 100755
--- a/examples/demo-template/customer-app/src/main/java/org/keycloak/example/CustomerDatabaseClient.java
+++ b/examples/demo-template/customer-app/src/main/java/org/keycloak/example/CustomerDatabaseClient.java
@@ -48,7 +48,7 @@ public class CustomerDatabaseClient {
HttpClient client = new HttpClientBuilder()
.disableTrustManager().build();
try {
- HttpGet get = new HttpGet("http://localhost:8080/database/customers");
+ HttpGet get = new HttpGet(getBaseUrl(req) + "/database/customers");
get.addHeader("Authorization", "Bearer " + session.getTokenString());
try {
HttpResponse response = client.execute(get);
@@ -69,4 +69,9 @@ public class CustomerDatabaseClient {
client.getConnectionManager().shutdown();
}
}
+
+ public static String getBaseUrl(HttpServletRequest request) {
+ String url = request.getRequestURL().toString();
+ return url.substring(0, url.indexOf('/', 8));
+ }
}
diff --git a/examples/demo-template/customer-app/src/main/webapp/customers/view.jsp b/examples/demo-template/customer-app/src/main/webapp/customers/view.jsp
index 1ef5855..799f63d 100755
--- a/examples/demo-template/customer-app/src/main/webapp/customers/view.jsp
+++ b/examples/demo-template/customer-app/src/main/webapp/customers/view.jsp
@@ -10,13 +10,13 @@
</head>
<body bgcolor="#E3F6CE">
<%
- String logoutUri = KeycloakUriBuilder.fromUri("http://localhost:8080/auth").path(ServiceUrlConstants.TOKEN_SERVICE_LOGOUT_PATH)
- .queryParam("redirect_uri", "http://localhost:8080/customer-portal").build("demo").toString();
- String acctUri = KeycloakUriBuilder.fromUri("http://localhost:8080/auth").path(ServiceUrlConstants.ACCOUNT_SERVICE_PATH)
+ String logoutUri = KeycloakUriBuilder.fromUri("/auth").path(ServiceUrlConstants.TOKEN_SERVICE_LOGOUT_PATH)
+ .queryParam("redirect_uri", "/customer-portal").build("demo").toString();
+ String acctUri = KeycloakUriBuilder.fromUri("/auth").path(ServiceUrlConstants.ACCOUNT_SERVICE_PATH)
.queryParam("referrer", "customer-portal").build("demo").toString();
IDToken idToken = CustomerDatabaseClient.getIDToken(request);
%>
-<p>Goto: <a href="http://localhost:8080/product-portal">products</a> | <a href="<%=logoutUri%>">logout</a> | <a
+<p>Goto: <a href="/product-portal">products</a> | <a href="<%=logoutUri%>">logout</a> | <a
href="<%=acctUri%>">manage acct</a></p>
Servlet User Principal <b><%=request.getUserPrincipal().getName()%>
</b> made this request.
diff --git a/examples/demo-template/customer-app/src/main/webapp/WEB-INF/keycloak.json b/examples/demo-template/customer-app/src/main/webapp/WEB-INF/keycloak.json
index 50ec3d3..d4d8f0a 100755
--- a/examples/demo-template/customer-app/src/main/webapp/WEB-INF/keycloak.json
+++ b/examples/demo-template/customer-app/src/main/webapp/WEB-INF/keycloak.json
@@ -2,7 +2,7 @@
"realm": "demo",
"resource": "customer-portal",
"realm-public-key": "MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCrVrCuTtArbgaZzL1hvh0xtL5mc7o0NqPVnYXkLvgcwiC3BjLGw1tGEGoJaXDuSaRllobm53JBhjx33UNv+5z/UMG4kytBWxheNVKnL6GgqlNabMaFfPLPCF8kAgKnsi79NMo+n6KnSY8YeUmec/p2vjO2NjsSAVcWEQMVhJ31LwIDAQAB",
- "auth-server-url": "http://localhost:8080/auth",
+ "auth-server-url": "/auth",
"ssl-not-required": true,
"expose-token": true,
"credentials": {
diff --git a/examples/demo-template/customer-app-cli/src/main/java/org/keycloak/example/CustomerCli.java b/examples/demo-template/customer-app-cli/src/main/java/org/keycloak/example/CustomerCli.java
index 824165b..a40df4c 100644
--- a/examples/demo-template/customer-app-cli/src/main/java/org/keycloak/example/CustomerCli.java
+++ b/examples/demo-template/customer-app-cli/src/main/java/org/keycloak/example/CustomerCli.java
@@ -115,7 +115,10 @@ public class CustomerCli {
}
public static void customers() throws Exception {
- String customersUrl = "http://localhost:8080/database/customers";
+ String baseUrl = keycloak.getDeployment().getAuthServerBaseUrl();
+ baseUrl = baseUrl.substring(0, baseUrl.indexOf('/', 8));
+
+ String customersUrl = baseUrl + "/database/customers";
HttpGet get = new HttpGet(customersUrl);
get.setHeader("Accept", "application/json");
get.setHeader("Authorization", "Bearer " + keycloak.getTokenString(10, TimeUnit.SECONDS));
diff --git a/examples/demo-template/customer-app-js/src/main/webapp/customers/view.html b/examples/demo-template/customer-app-js/src/main/webapp/customers/view.html
index 26ef5a3..85a3354 100755
--- a/examples/demo-template/customer-app-js/src/main/webapp/customers/view.html
+++ b/examples/demo-template/customer-app-js/src/main/webapp/customers/view.html
@@ -5,7 +5,7 @@
</head>
<body bgcolor="#E3F6CE">
-<p>Goto: <a href="http://localhost:8080/product-portal">products</a> | <a href="#" onclick="keycloak.logout()">logout</a> | <a href="#" onclick="keycloak.accountManagement()">manage acct</a></p>
+<p>Goto: <a href="/product-portal">products</a> | <a href="#" onclick="keycloak.logout()">logout</a> | <a href="#" onclick="keycloak.accountManagement()">manage acct</a></p>
User <b id="subject"></b> made this request.
<p><b>User details (from <span id="profileType"></span>)</b></p>
diff --git a/examples/demo-template/customer-app-js/src/main/webapp/keycloak.json b/examples/demo-template/customer-app-js/src/main/webapp/keycloak.json
index d73332e..c35e126 100644
--- a/examples/demo-template/customer-app-js/src/main/webapp/keycloak.json
+++ b/examples/demo-template/customer-app-js/src/main/webapp/keycloak.json
@@ -1,7 +1,7 @@
{
"realm" : "demo",
"realm-public-key" : "MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCrVrCuTtArbgaZzL1hvh0xtL5mc7o0NqPVnYXkLvgcwiC3BjLGw1tGEGoJaXDuSaRllobm53JBhjx33UNv+5z/UMG4kytBWxheNVKnL6GgqlNabMaFfPLPCF8kAgKnsi79NMo+n6KnSY8YeUmec/p2vjO2NjsSAVcWEQMVhJ31LwIDAQAB",
- "auth-server-url" : "http://localhost:8080/auth",
+ "auth-server-url" : "/auth",
"ssl-not-required" : true,
"resource" : "customer-portal-js",
"public-client" : true
diff --git a/examples/demo-template/product-app/src/main/java/org/keycloak/example/oauth/ProductDatabaseClient.java b/examples/demo-template/product-app/src/main/java/org/keycloak/example/oauth/ProductDatabaseClient.java
index 6d70dcf..79827b3 100755
--- a/examples/demo-template/product-app/src/main/java/org/keycloak/example/oauth/ProductDatabaseClient.java
+++ b/examples/demo-template/product-app/src/main/java/org/keycloak/example/oauth/ProductDatabaseClient.java
@@ -39,7 +39,7 @@ public class ProductDatabaseClient
HttpClient client = new HttpClientBuilder()
.disableTrustManager().build();
try {
- HttpGet get = new HttpGet("http://localhost:8080/database/products");
+ HttpGet get = new HttpGet(getBaseUrl(req) + "/database/products");
get.addHeader("Authorization", "Bearer " + session.getTokenString());
try {
HttpResponse response = client.execute(get);
@@ -61,4 +61,9 @@ public class ProductDatabaseClient
}
}
+ public static String getBaseUrl(HttpServletRequest request) {
+ String url = request.getRequestURL().toString();
+ return url.substring(0, url.indexOf('/', 8));
+ }
+
}
diff --git a/examples/demo-template/product-app/src/main/webapp/products/view.jsp b/examples/demo-template/product-app/src/main/webapp/products/view.jsp
index ad12e8a..e8bc118 100755
--- a/examples/demo-template/product-app/src/main/webapp/products/view.jsp
+++ b/examples/demo-template/product-app/src/main/webapp/products/view.jsp
@@ -9,13 +9,13 @@
</head>
<body bgcolor="#F5F6CE">
<%
- String logoutUri = KeycloakUriBuilder.fromUri("http://localhost:8080/auth").path(ServiceUrlConstants.TOKEN_SERVICE_LOGOUT_PATH)
- .queryParam("redirect_uri", "http://localhost:8080/customer-portal").build("demo").toString();
- String acctUri = KeycloakUriBuilder.fromUri("http://localhost:8080/auth").path(ServiceUrlConstants.ACCOUNT_SERVICE_PATH)
+ String logoutUri = KeycloakUriBuilder.fromUri("/auth").path(ServiceUrlConstants.TOKEN_SERVICE_LOGOUT_PATH)
+ .queryParam("redirect_uri", "/customer-portal").build("demo").toString();
+ String acctUri = KeycloakUriBuilder.fromUri("/auth").path(ServiceUrlConstants.ACCOUNT_SERVICE_PATH)
.queryParam("referrer", "product-portal").build("demo").toString();
%>
-<p>Goto: <a href="http://localhost:8080/customer-portal">customers</a> | <a href="<%=logoutUri%>">logout</a> | <a href="<%=acctUri%>">manage acct</a></p>
+<p>Goto: <a href="/customer-portal">customers</a> | <a href="<%=logoutUri%>">logout</a> | <a href="<%=acctUri%>">manage acct</a></p>
User <b><%=request.getUserPrincipal().getName()%></b> made this request.
<h2>Product Listing</h2>
<%
diff --git a/examples/demo-template/product-app/src/main/webapp/WEB-INF/keycloak.json b/examples/demo-template/product-app/src/main/webapp/WEB-INF/keycloak.json
index ab28c0f..2a7dbd2 100755
--- a/examples/demo-template/product-app/src/main/webapp/WEB-INF/keycloak.json
+++ b/examples/demo-template/product-app/src/main/webapp/WEB-INF/keycloak.json
@@ -2,7 +2,7 @@
"realm" : "demo",
"resource" : "product-portal",
"realm-public-key" : "MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCrVrCuTtArbgaZzL1hvh0xtL5mc7o0NqPVnYXkLvgcwiC3BjLGw1tGEGoJaXDuSaRllobm53JBhjx33UNv+5z/UMG4kytBWxheNVKnL6GgqlNabMaFfPLPCF8kAgKnsi79NMo+n6KnSY8YeUmec/p2vjO2NjsSAVcWEQMVhJ31LwIDAQAB",
- "auth-server-url" : "http://localhost:8080/auth",
+ "auth-server-url" : "/auth",
"ssl-not-required" : true,
"credentials" : {
"secret": "password"
diff --git a/examples/demo-template/subsystem-config.xml b/examples/demo-template/subsystem-config.xml
index 977eb8b..59bdd6f 100755
--- a/examples/demo-template/subsystem-config.xml
+++ b/examples/demo-template/subsystem-config.xml
@@ -2,7 +2,7 @@
<subsystem xmlns="urn:jboss:domain:keycloak:1.0">
<realm name="demo">
<realm-public-key>MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCrVrCuTtArbgaZzL1hvh0xtL5mc7o0NqPVnYXkLvgcwiC3BjLGw1tGEGoJaXDuSaRllobm53JBhjx33UNv+5z/UMG4kytBWxheNVKnL6GgqlNabMaFfPLPCF8kAgKnsi79NMo+n6KnSY8YeUmec/p2vjO2NjsSAVcWEQMVhJ31LwIDAQAB</realm-public-key>
- <auth-server-url>http://localhost:8080/auth</auth-server-url>
+ <auth-server-url>/auth</auth-server-url>
<ssl-not-required>true</ssl-not-required>
</realm>
<secure-deployment name="customer-portal.war">
examples/demo-template/testrealm.json 24(+12 -12)
diff --git a/examples/demo-template/testrealm.json b/examples/demo-template/testrealm.json
index f321333..3c44a07 100755
--- a/examples/demo-template/testrealm.json
+++ b/examples/demo-template/testrealm.json
@@ -89,10 +89,10 @@
{
"name": "customer-portal",
"enabled": true,
- "adminUrl": "http://localhost:8080/customer-portal",
- "baseUrl": "http://localhost:8080/customer-portal",
+ "adminUrl": "/customer-portal",
+ "baseUrl": "/customer-portal",
"redirectUris": [
- "http://localhost:8080/customer-portal/*"
+ "/customer-portal/*"
],
"secret": "password"
},
@@ -100,18 +100,18 @@
"name": "customer-portal-js",
"enabled": true,
"publicClient": true,
- "baseUrl": "http://localhost:8080/customer-portal-js",
+ "baseUrl": "/customer-portal-js",
"redirectUris": [
- "http://localhost:8080/customer-portal-js/*"
+ "/customer-portal-js/*"
]
},
{
"name": "angular-product",
"enabled": true,
"publicClient": true,
- "baseUrl": "http://localhost:8080/angular-product/index.html",
+ "baseUrl": "/angular-product/index.html",
"redirectUris": [
- "http://localhost:8080/angular-product/*"
+ "/angular-product/*"
]
},
{
@@ -126,10 +126,10 @@
{
"name": "product-portal",
"enabled": true,
- "adminUrl": "http://localhost:8080/product-portal",
- "baseUrl": "http://localhost:8080/product-portal",
+ "adminUrl": "/product-portal",
+ "baseUrl": "/product-portal",
"redirectUris": [
- "http://localhost:8080/product-portal/*"
+ "/product-portal/*"
],
"secret": "password"
}
@@ -139,8 +139,8 @@
"name": "third-party",
"enabled": true,
"redirectUris": [
- "http://localhost:8080/oauth-client/*",
- "http://localhost:8080/oauth-client-cdi/*"
+ "/oauth-client/*",
+ "/oauth-client-cdi/*"
],
"secret": "password"
},
diff --git a/examples/demo-template/third-party/src/main/java/org/keycloak/example/oauth/ProductDatabaseClient.java b/examples/demo-template/third-party/src/main/java/org/keycloak/example/oauth/ProductDatabaseClient.java
index 4ddd049..d9377c9 100755
--- a/examples/demo-template/third-party/src/main/java/org/keycloak/example/oauth/ProductDatabaseClient.java
+++ b/examples/demo-template/third-party/src/main/java/org/keycloak/example/oauth/ProductDatabaseClient.java
@@ -78,7 +78,7 @@ public class ProductDatabaseClient {
ServletOAuthClient oAuthClient = (ServletOAuthClient) request.getServletContext().getAttribute(ServletOAuthClient.class.getName());
HttpClient client = oAuthClient.getClient();
- HttpGet get = new HttpGet("http://localhost:8080/database/products");
+ HttpGet get = new HttpGet(getBaseUrl(request) + "/database/products");
get.addHeader("Authorization", "Bearer " + accessToken);
try {
HttpResponse response = client.execute(get);
@@ -96,4 +96,10 @@ public class ProductDatabaseClient {
throw new RuntimeException(e);
}
}
+
+ public static String getBaseUrl(HttpServletRequest request) {
+ String url = request.getRequestURL().toString();
+ return url.substring(0, url.indexOf('/', 8));
+ }
+
}
diff --git a/examples/demo-template/third-party/src/main/webapp/WEB-INF/keycloak.json b/examples/demo-template/third-party/src/main/webapp/WEB-INF/keycloak.json
index f7da55e..a4635bb 100755
--- a/examples/demo-template/third-party/src/main/webapp/WEB-INF/keycloak.json
+++ b/examples/demo-template/third-party/src/main/webapp/WEB-INF/keycloak.json
@@ -1,7 +1,7 @@
{
"realm" : "demo",
"resource" : "third-party",
- "auth-server-url" : "http://localhost:8080/auth",
+ "auth-server-url" : "/auth",
"ssl-not-required" : true,
"credentials" : {
"secret": "password"
diff --git a/examples/demo-template/third-party-cdi/src/main/java/org/keycloak/example/oauth/DatabaseClient.java b/examples/demo-template/third-party-cdi/src/main/java/org/keycloak/example/oauth/DatabaseClient.java
index a2389e3..d76c55c 100755
--- a/examples/demo-template/third-party-cdi/src/main/java/org/keycloak/example/oauth/DatabaseClient.java
+++ b/examples/demo-template/third-party-cdi/src/main/java/org/keycloak/example/oauth/DatabaseClient.java
@@ -58,12 +58,12 @@ public class DatabaseClient {
static class TypedList extends ArrayList<String> {}
public void sendCustomersRequest() {
- List<String> customers = sendRequestToDBApplication("http://localhost:8080/database/customers");
+ List<String> customers = sendRequestToDBApplication(getBaseUrl() + "/database/customers");
userData.setCustomers(customers);
}
public void sendProductsRequest() {
- List<String> products = sendRequestToDBApplication("http://localhost:8080/database/products");
+ List<String> products = sendRequestToDBApplication(getBaseUrl() + "/database/products");
userData.setProducts(products);
}
@@ -100,4 +100,11 @@ public class DatabaseClient {
return null;
}
}
+
+ public String getBaseUrl() {
+ String url = request.getRequestURL().toString();
+ return url.substring(0, url.indexOf('/', 8));
+ }
+
+
}
diff --git a/examples/demo-template/third-party-cdi/src/main/webapp/WEB-INF/keycloak.json b/examples/demo-template/third-party-cdi/src/main/webapp/WEB-INF/keycloak.json
index f7da55e..a4635bb 100755
--- a/examples/demo-template/third-party-cdi/src/main/webapp/WEB-INF/keycloak.json
+++ b/examples/demo-template/third-party-cdi/src/main/webapp/WEB-INF/keycloak.json
@@ -1,7 +1,7 @@
{
"realm" : "demo",
"resource" : "third-party",
- "auth-server-url" : "http://localhost:8080/auth",
+ "auth-server-url" : "/auth",
"ssl-not-required" : true,
"credentials" : {
"secret": "password"
diff --git a/examples/js-console/example-realm.json b/examples/js-console/example-realm.json
index ab43028..35e8d27 100755
--- a/examples/js-console/example-realm.json
+++ b/examples/js-console/example-realm.json
@@ -46,13 +46,11 @@
"name": "js-console",
"enabled": true,
"publicClient": true,
- "baseUrl": "http://localhost:8080/js-console",
+ "baseUrl": "/js-console",
"redirectUris": [
- "http://localhost:8080/js-console/*"
+ "/js-console/*"
],
- "webOrigins": [
- "http://localhost:8080"
- ]
+ "webOrigins": []
}
],
"applicationScopeMappings": {
diff --git a/examples/js-console/src/main/webapp/keycloak.json b/examples/js-console/src/main/webapp/keycloak.json
index 286d87b..6f157b2 100644
--- a/examples/js-console/src/main/webapp/keycloak.json
+++ b/examples/js-console/src/main/webapp/keycloak.json
@@ -1,7 +1,7 @@
{
"realm" : "example",
"realm-public-key" : "MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCrVrCuTtArbgaZzL1hvh0xtL5mc7o0NqPVnYXkLvgcwiC3BjLGw1tGEGoJaXDuSaRllobm53JBhjx33UNv+5z/UMG4kytBWxheNVKnL6GgqlNabMaFfPLPCF8kAgKnsi79NMo+n6KnSY8YeUmec/p2vjO2NjsSAVcWEQMVhJ31LwIDAQAB",
- "auth-server-url" : "http://localhost:8080/auth",
+ "auth-server-url" : "/auth",
"ssl-not-required" : true,
"resource" : "js-console",
"public-client" : true
diff --git a/integration/servlet-oauth-client/src/main/java/org/keycloak/servlet/ServletOAuthClient.java b/integration/servlet-oauth-client/src/main/java/org/keycloak/servlet/ServletOAuthClient.java
index 461b0bd..95dbf1e 100755
--- a/integration/servlet-oauth-client/src/main/java/org/keycloak/servlet/ServletOAuthClient.java
+++ b/integration/servlet-oauth-client/src/main/java/org/keycloak/servlet/ServletOAuthClient.java
@@ -40,8 +40,8 @@ public class ServletOAuthClient extends AbstractOAuthClient {
this.client = client;
}
- public AccessTokenResponse resolveBearerToken(String redirectUri, String code) throws IOException, ServerRequest.HttpFailure {
- return ServerRequest.invokeAccessCodeToToken(client, publicClient, code, codeUrl, redirectUri, clientId, credentials);
+ private AccessTokenResponse resolveBearerToken(HttpServletRequest request, String redirectUri, String code) throws IOException, ServerRequest.HttpFailure {
+ return ServerRequest.invokeAccessCodeToToken(client, publicClient, code, getUrl(request, codeUrl), redirectUri, clientId, credentials);
}
/**
@@ -75,7 +75,7 @@ public class ServletOAuthClient extends AbstractOAuthClient {
public void redirect(String redirectUri, HttpServletRequest request, HttpServletResponse response) throws IOException {
String state = getStateCode();
- KeycloakUriBuilder uriBuilder = KeycloakUriBuilder.fromUri(authUrl)
+ KeycloakUriBuilder uriBuilder = KeycloakUriBuilder.fromUri(getUrl(request, authUrl))
.queryParam(OAuth2Constants.CLIENT_ID, clientId)
.queryParam(OAuth2Constants.REDIRECT_URI, redirectUri)
.queryParam(OAuth2Constants.STATE, state);
@@ -143,11 +143,11 @@ public class ServletOAuthClient extends AbstractOAuthClient {
throw new IOException("state parameter invalid");
}
if (code == null) throw new IOException("code parameter was null");
- return resolveBearerToken(redirectUri, code);
+ return resolveBearerToken(request, redirectUri, code);
}
- public AccessTokenResponse refreshToken(String refreshToken) throws IOException, ServerRequest.HttpFailure {
- return ServerRequest.invokeRefresh(client, publicClient, refreshToken, refreshUrl, clientId, credentials);
+ public AccessTokenResponse refreshToken(HttpServletRequest request, String refreshToken) throws IOException, ServerRequest.HttpFailure {
+ return ServerRequest.invokeRefresh(client, publicClient, refreshToken, getUrl(request, refreshUrl), clientId, credentials);
}
public static IDToken extractIdToken(String idToken) {
@@ -160,5 +160,14 @@ public class ServletOAuthClient extends AbstractOAuthClient {
}
}
+ private String getUrl(HttpServletRequest request, String url) {
+ if (relativeUrls) {
+ String baseUrl = request.getRequestURL().toString();
+ baseUrl = baseUrl.substring(0, baseUrl.indexOf('/', 8));
+ return baseUrl + url;
+ } else {
+ return url;
+ }
+ }
}
diff --git a/integration/servlet-oauth-client/src/main/java/org/keycloak/servlet/ServletOAuthClientBuilder.java b/integration/servlet-oauth-client/src/main/java/org/keycloak/servlet/ServletOAuthClientBuilder.java
index 54095be..52d9710 100755
--- a/integration/servlet-oauth-client/src/main/java/org/keycloak/servlet/ServletOAuthClientBuilder.java
+++ b/integration/servlet-oauth-client/src/main/java/org/keycloak/servlet/ServletOAuthClientBuilder.java
@@ -50,6 +50,8 @@ public class ServletOAuthClientBuilder {
throw new RuntimeException("You must specify auth-url");
}
KeycloakUriBuilder serverBuilder = KeycloakUriBuilder.fromUri(adapterConfig.getAuthServerUrl());
+ oauthClient.setRelativeUrls(serverBuilder.clone().getHost() == null);
+
String authUrl = serverBuilder.clone().path(ServiceUrlConstants.TOKEN_SERVICE_LOGIN_PATH).build(adapterConfig.getRealm()).toString();
String tokenUrl = serverBuilder.clone().path(ServiceUrlConstants.TOKEN_SERVICE_ACCESS_CODE_PATH).build(adapterConfig.getRealm()).toString();
String refreshUrl = serverBuilder.clone().path(ServiceUrlConstants.TOKEN_SERVICE_REFRESH_PATH).build(adapterConfig.getRealm()).toString();
diff --git a/services/src/main/java/org/keycloak/services/resources/AccountService.java b/services/src/main/java/org/keycloak/services/resources/AccountService.java
index 57d229a..f3b751e 100755
--- a/services/src/main/java/org/keycloak/services/resources/AccountService.java
+++ b/services/src/main/java/org/keycloak/services/resources/AccountService.java
@@ -222,10 +222,12 @@ public class AccountService {
requireOneOf(AccountRoles.MANAGE_ACCOUNT, AccountRoles.VIEW_PROFILE);
UserRepresentation rep = ModelToRepresentation.toRepresentation(auth.getUser());
- Iterator<String> itr = rep.getAttributes().keySet().iterator();
- while (itr.hasNext()) {
- if (itr.next().startsWith("keycloak.")) {
- itr.remove();
+ if (rep.getAttributes() != null) {
+ Iterator<String> itr = rep.getAttributes().keySet().iterator();
+ while (itr.hasNext()) {
+ if (itr.next().startsWith("keycloak.")) {
+ itr.remove();
+ }
}
}