keycloak-uncached
Changes
forms/common-freemarker/pom.xml 5(+5 -0)
testsuite/integration/src/test/java/org/keycloak/testsuite/oauth/AuthorizationCodeTest.java 6(+1 -5)
Details
diff --git a/admin-ui/src/main/resources/META-INF/resources/admin/js/controllers/realm.js b/admin-ui/src/main/resources/META-INF/resources/admin/js/controllers/realm.js
index d2e4e68..0de9f8c 100755
--- a/admin-ui/src/main/resources/META-INF/resources/admin/js/controllers/realm.js
+++ b/admin-ui/src/main/resources/META-INF/resources/admin/js/controllers/realm.js
@@ -71,15 +71,15 @@ module.controller('GlobalCtrl', function($scope, $http, Auth, Current, $location
});
});
-module.controller('HomeCtrl', function(Realm, $location) {
+module.controller('HomeCtrl', function(Realm, Auth, $location) {
Realm.query(null, function(realms) {
var realm;
if (realms.length == 1) {
realm = realms[0].realm;
} else if (realms.length == 2) {
- if (realms[0].realm == 'keycloak-admin') {
+ if (realms[0].realm == Auth.user.realm) {
realm = realms[1].realm;
- } else if (realms[1].realm == 'administration') {
+ } else if (realms[1].realm == Auth.user.realm) {
realm = realms[0].realm;
}
}
diff --git a/admin-ui/src/main/resources/META-INF/resources/admin/partials/menu.html b/admin-ui/src/main/resources/META-INF/resources/admin/partials/menu.html
index c7c1dfd..b6f07e5 100755
--- a/admin-ui/src/main/resources/META-INF/resources/admin/partials/menu.html
+++ b/admin-ui/src/main/resources/META-INF/resources/admin/partials/menu.html
@@ -16,7 +16,7 @@
{{auth.user.displayName}}<b class="caret"></b>
</a>
<ul class="dropdown-menu">
- <li><a href="/auth/rest/realms/keycloak-admin/account?referrer=admin-console">Manage Account</a></li>
+ <li><a href="/auth/rest/realms/{{auth.user.realm}}/account?referrer=admin-console">Manage Account</a></li>
<li class="separator"><a href="/auth/rest/admin/logout">Sign Out</a></li>
</ul>
</li>
forms/common-freemarker/pom.xml 5(+5 -0)
diff --git a/forms/common-freemarker/pom.xml b/forms/common-freemarker/pom.xml
index dc1d26b..385176f 100755
--- a/forms/common-freemarker/pom.xml
+++ b/forms/common-freemarker/pom.xml
@@ -19,6 +19,11 @@
<version>${project.version}</version>
</dependency>
<dependency>
+ <groupId>org.keycloak</groupId>
+ <artifactId>keycloak-model-api</artifactId>
+ <version>${project.version}</version>
+ </dependency>
+ <dependency>
<groupId>org.jboss.resteasy</groupId>
<artifactId>resteasy-jaxrs</artifactId>
</dependency>
diff --git a/forms/common-freemarker/src/main/java/org/keycloak/freemarker/ThemeLoader.java b/forms/common-freemarker/src/main/java/org/keycloak/freemarker/ThemeLoader.java
index 63c52f1..2d40eb0 100644
--- a/forms/common-freemarker/src/main/java/org/keycloak/freemarker/ThemeLoader.java
+++ b/forms/common-freemarker/src/main/java/org/keycloak/freemarker/ThemeLoader.java
@@ -1,6 +1,7 @@
package org.keycloak.freemarker;
import org.jboss.resteasy.logging.Logger;
+import org.keycloak.models.Config;
import org.keycloak.util.ProviderLoader;
import java.io.IOException;
@@ -19,12 +20,10 @@ import java.util.Properties;
public class ThemeLoader {
private static final Logger logger = Logger.getLogger(ThemeLoader.class);
- private static String DEFAULT = "keycloak";
- public static final String BASE = "base";
public static Theme createTheme(String name, Theme.Type type) throws FreeMarkerException {
if (name == null) {
- name = DEFAULT;
+ name = Config.getThemeDefault();
}
List<ThemeProvider> providers = new LinkedList();
@@ -61,21 +60,21 @@ public class ThemeLoader {
try {
return p.createTheme(name, type);
} catch (IOException e) {
- if (name.equals(BASE)) {
+ if (name.equals(Config.getThemeBase())) {
throw new FreeMarkerException("Failed to create " + type.toString().toLowerCase() + " theme", e);
} else {
logger.error("Failed to create " + type.toString().toLowerCase() + " theme", e);
- return findTheme(providers, BASE, type);
+ return findTheme(providers, Config.getThemeBase(), type);
}
}
}
}
- if (name.equals(BASE)) {
+ if (name.equals(Config.getThemeBase())) {
throw new FreeMarkerException(type.toString().toLowerCase() + " theme '" + name + "' not found");
} else {
logger.error(type.toString().toLowerCase() + " theme '" + name + "' not found");
- return findTheme(providers, BASE, type);
+ return findTheme(providers, Config.getThemeBase(), type);
}
}
diff --git a/forms/common-themes/src/main/java/org/keycloak/theme/ClassLoaderTheme.java b/forms/common-themes/src/main/java/org/keycloak/theme/ClassLoaderTheme.java
index d63dc7d..7c6e02c 100644
--- a/forms/common-themes/src/main/java/org/keycloak/theme/ClassLoaderTheme.java
+++ b/forms/common-themes/src/main/java/org/keycloak/theme/ClassLoaderTheme.java
@@ -18,6 +18,8 @@ public class ClassLoaderTheme implements Theme {
private final Type type;
+ private final ClassLoader classLoader;
+
private final String templateRoot;
private final String resourceRoot;
@@ -26,9 +28,10 @@ public class ClassLoaderTheme implements Theme {
private final Properties properties;
- public ClassLoaderTheme(String name, Type type) throws IOException {
+ public ClassLoaderTheme(String name, Type type, ClassLoader classLoader) throws IOException {
this.name = name;
this.type = type;
+ this.classLoader = classLoader;
String themeRoot = "theme/" + type.toString().toLowerCase() + "/" + name + "/";
@@ -37,7 +40,7 @@ public class ClassLoaderTheme implements Theme {
this.messages = themeRoot + "messages/messages.properties";
this.properties = new Properties();
- URL p = getClass().getClassLoader().getResource(themeRoot + "theme.properties");
+ URL p = classLoader.getResource(themeRoot + "theme.properties");
if (p != null) {
properties.load(p.openStream());
this.parentName = properties.getProperty("parent");
@@ -63,28 +66,28 @@ public class ClassLoaderTheme implements Theme {
@Override
public URL getTemplate(String name) {
- return getClass().getClassLoader().getResource(templateRoot + name);
+ return classLoader.getResource(templateRoot + name);
}
@Override
public InputStream getTemplateAsStream(String name) {
- return getClass().getClassLoader().getResourceAsStream(templateRoot + name);
+ return classLoader.getResourceAsStream(templateRoot + name);
}
@Override
public URL getResource(String path) {
- return getClass().getClassLoader().getResource(resourceRoot + path);
+ return classLoader.getResource(resourceRoot + path);
}
@Override
public InputStream getResourceAsStream(String path) {
- return getClass().getClassLoader().getResourceAsStream(resourceRoot + path);
+ return classLoader.getResourceAsStream(resourceRoot + path);
}
@Override
public Properties getMessages() throws IOException {
Properties m = new Properties();
- URL url = getClass().getClassLoader().getResource(this.messages);
+ URL url = classLoader.getResource(this.messages);
if (url != null) {
m.load(url.openStream());
}
diff --git a/forms/common-themes/src/main/java/org/keycloak/theme/DefaultLoginThemeProvider.java b/forms/common-themes/src/main/java/org/keycloak/theme/DefaultLoginThemeProvider.java
index e45fd96..2a63e17 100644
--- a/forms/common-themes/src/main/java/org/keycloak/theme/DefaultLoginThemeProvider.java
+++ b/forms/common-themes/src/main/java/org/keycloak/theme/DefaultLoginThemeProvider.java
@@ -3,6 +3,7 @@ package org.keycloak.theme;
import org.keycloak.freemarker.Theme;
import org.keycloak.freemarker.ThemeLoader;
import org.keycloak.freemarker.ThemeProvider;
+import org.keycloak.models.Config;
import java.io.IOException;
import java.util.Collections;
@@ -14,13 +15,14 @@ import java.util.Set;
*/
public class DefaultLoginThemeProvider implements ThemeProvider {
+ public static final String BASE = "base";
public static final String PATTERNFLY = "patternfly";
public static final String KEYCLOAK = "keycloak";
private static Set<String> defaultThemes = new HashSet<String>();
static {
- defaultThemes.add(ThemeLoader.BASE);
+ defaultThemes.add(BASE);
defaultThemes.add(PATTERNFLY);
defaultThemes.add(KEYCLOAK);
}
@@ -33,7 +35,7 @@ public class DefaultLoginThemeProvider implements ThemeProvider {
@Override
public Theme createTheme(String name, Theme.Type type) throws IOException {
if (hasTheme(name, type)) {
- return new ClassLoaderTheme(name, type);
+ return new ClassLoaderTheme(name, type, getClass().getClassLoader());
} else {
return null;
}
diff --git a/forms/common-themes/src/main/java/org/keycloak/theme/FolderThemeProvider.java b/forms/common-themes/src/main/java/org/keycloak/theme/FolderThemeProvider.java
index 9a2ef16..a76b328 100644
--- a/forms/common-themes/src/main/java/org/keycloak/theme/FolderThemeProvider.java
+++ b/forms/common-themes/src/main/java/org/keycloak/theme/FolderThemeProvider.java
@@ -2,6 +2,7 @@ package org.keycloak.theme;
import org.keycloak.freemarker.Theme;
import org.keycloak.freemarker.ThemeProvider;
+import org.keycloak.models.Config;
import java.io.File;
import java.io.FileFilter;
@@ -18,7 +19,7 @@ public class FolderThemeProvider implements ThemeProvider {
private File rootDir;
public FolderThemeProvider() {
- String d = System.getProperty("keycloak.theme.dir");
+ String d = Config.getThemeDir();
if (d != null) {
rootDir = new File(d);
}
diff --git a/model/api/src/main/java/org/keycloak/models/Config.java b/model/api/src/main/java/org/keycloak/models/Config.java
new file mode 100644
index 0000000..fccf84f
--- /dev/null
+++ b/model/api/src/main/java/org/keycloak/models/Config.java
@@ -0,0 +1,66 @@
+package org.keycloak.models;
+
+import java.io.File;
+
+/**
+ * @author <a href="mailto:sthorger@redhat.com">Stian Thorgersen</a>
+ */
+public class Config {
+
+ public static final String ADMIN_REALM_KEY = "keycloak.admin.realm";
+ public static final String ADMIN_REALM_DEFAULT = "keycloak-admin";
+
+ public static final String MODEL_PROVIDER_KEY = "keycloak.model";
+
+ public static final String THEME_BASE_KEY = "keycloak.theme.base";
+ public static final String THEME_BASE_DEFAULT = "base";
+ public static final String THEME_DEFAULT_KEY = "keycloak.theme.default";
+ public static final String THEME_DEFAULT_DEFAULT = "keycloak";
+ public static final String THEME_DIR_KEY = "keycloak.theme.dir";
+ public static final String JBOSS_SERVER_CONFIG_DIR_KEY = "jboss.server.config.dir";
+
+ public static String getAdminRealm() {
+ return System.getProperty(ADMIN_REALM_KEY, ADMIN_REALM_DEFAULT);
+ }
+
+ public static void setAdminRealm(String realm) {
+ System.setProperty(ADMIN_REALM_KEY, realm);
+ }
+
+ public static String getModelProvider() {
+ return System.getProperty(MODEL_PROVIDER_KEY);
+ }
+
+ public static void setModelProvider(String provider) {
+ System.setProperty(MODEL_PROVIDER_KEY, provider);
+ }
+
+ public static String getThemeDir() {
+ String themeDir = System.getProperty(THEME_DIR_KEY);
+ if (themeDir == null && System.getProperties().containsKey(JBOSS_SERVER_CONFIG_DIR_KEY)) {
+ themeDir = System.getProperty(JBOSS_SERVER_CONFIG_DIR_KEY) + File.separator + "themes";
+ }
+ return themeDir;
+ }
+
+ public static void setThemeDir(String dir) {
+ System.setProperty(THEME_DIR_KEY, dir);
+ }
+
+ public static String getThemeBase() {
+ return System.getProperty(THEME_BASE_KEY, THEME_BASE_DEFAULT);
+ }
+
+ public static void setThemeBase(String baseTheme) {
+ System.setProperty(THEME_BASE_KEY, baseTheme);
+ }
+
+ public static String getThemeDefault() {
+ return System.getProperty(THEME_DEFAULT_KEY, THEME_DEFAULT_DEFAULT);
+ }
+
+ public static void setThemeDefault(String defaultTheme) {
+ System.setProperty(THEME_DEFAULT_KEY, defaultTheme);
+ }
+
+}
diff --git a/model/api/src/main/java/org/keycloak/models/Constants.java b/model/api/src/main/java/org/keycloak/models/Constants.java
index 0630397..545f56c 100755
--- a/model/api/src/main/java/org/keycloak/models/Constants.java
+++ b/model/api/src/main/java/org/keycloak/models/Constants.java
@@ -5,7 +5,6 @@ package org.keycloak.models;
* @version $Revision: 1 $
*/
public interface Constants {
- String ADMIN_REALM = "keycloak-admin";
String ADMIN_CONSOLE_APPLICATION = "admin-console";
String INTERNAL_ROLE = "KEYCLOAK_";
@@ -13,4 +12,5 @@ public interface Constants {
String ACCOUNT_MANAGEMENT_APP = "account";
String INSTALLED_APP_URN = "urn:ietf:wg:oauth:2.0:oob";
+ String INSTALLED_APP_URL = "http://localhost";
}
diff --git a/model/api/src/main/java/org/keycloak/models/utils/ModelProviderUtils.java b/model/api/src/main/java/org/keycloak/models/utils/ModelProviderUtils.java
index e4f64cc..8ddedab 100644
--- a/model/api/src/main/java/org/keycloak/models/utils/ModelProviderUtils.java
+++ b/model/api/src/main/java/org/keycloak/models/utils/ModelProviderUtils.java
@@ -2,6 +2,7 @@ package org.keycloak.models.utils;
import java.util.ServiceLoader;
+import org.keycloak.models.Config;
import org.keycloak.models.ModelProvider;
/**
@@ -9,7 +10,6 @@ import org.keycloak.models.ModelProvider;
*/
public class ModelProviderUtils {
- public static final String MODEL_PROVIDER = "keycloak.model";
public static final String DEFAULT_MODEL_PROVIDER = "jpa";
public static Iterable<ModelProvider> getRegisteredProviders() {
@@ -17,7 +17,7 @@ public class ModelProviderUtils {
}
public static ModelProvider getConfiguredModelProvider(Iterable<ModelProvider> providers) {
- String configuredProvider = System.getProperty(MODEL_PROVIDER);
+ String configuredProvider = Config.getModelProvider();
ModelProvider provider = null;
if (configuredProvider != null) {
@@ -46,5 +46,4 @@ public class ModelProviderUtils {
return getConfiguredModelProvider(getRegisteredProviders());
}
-
}
diff --git a/server/src/main/java/org/keycloak/server/KeycloakServerApplication.java b/server/src/main/java/org/keycloak/server/KeycloakServerApplication.java
index fc9331a..1da9807 100755
--- a/server/src/main/java/org/keycloak/server/KeycloakServerApplication.java
+++ b/server/src/main/java/org/keycloak/server/KeycloakServerApplication.java
@@ -1,6 +1,7 @@
package org.keycloak.server;
import org.jboss.resteasy.logging.Logger;
+import org.keycloak.models.Config;
import org.keycloak.models.KeycloakSession;
import org.keycloak.models.RealmModel;
import org.keycloak.representations.idm.RealmRepresentation;
@@ -30,15 +31,6 @@ public class KeycloakServerApplication extends KeycloakApplication {
RealmRepresentation rep = loadJson(new FileInputStream(importRealm), RealmRepresentation.class);
importRealm(session, rep);
}
-
- String themeDir = System.getProperty("keycloak.theme.dir");
- if (themeDir == null) {
- String jbossConfigDir = System.getProperty("jboss.server.config.dir");
- if (jbossConfigDir != null) {
- themeDir = jbossConfigDir + File.separator + "themes";
- System.setProperty("keycloak.theme.dir", themeDir);
- }
- }
}
public void importRealm(KeycloakSession session, RealmRepresentation rep) {
diff --git a/services/src/main/java/org/keycloak/services/managers/ApplianceBootstrap.java b/services/src/main/java/org/keycloak/services/managers/ApplianceBootstrap.java
index 9aca67a..54d2f1f 100755
--- a/services/src/main/java/org/keycloak/services/managers/ApplianceBootstrap.java
+++ b/services/src/main/java/org/keycloak/services/managers/ApplianceBootstrap.java
@@ -3,6 +3,7 @@ package org.keycloak.services.managers;
import org.jboss.resteasy.logging.Logger;
import org.keycloak.models.AdminRoles;
import org.keycloak.models.ApplicationModel;
+import org.keycloak.models.Config;
import org.keycloak.models.Constants;
import org.keycloak.models.KeycloakSession;
import org.keycloak.models.KeycloakSessionFactory;
@@ -34,15 +35,17 @@ public class ApplianceBootstrap {
}
public void bootstrap(KeycloakSession session) {
- if (session.getRealm(Constants.ADMIN_REALM) != null) {
+ if (session.getRealm(Config.getAdminRealm()) != null) {
return;
}
- logger.info("Initializing " + Constants.ADMIN_REALM + " realm");
+ String adminRealmName = Config.getAdminRealm();
+
+ logger.info("Initializing " + adminRealmName + " realm");
RealmManager manager = new RealmManager(session);
- RealmModel realm = manager.createRealm(Constants.ADMIN_REALM, Constants.ADMIN_REALM);
- realm.setName(Constants.ADMIN_REALM);
+ RealmModel realm = manager.createRealm(adminRealmName, adminRealmName);
+ realm.setName(adminRealmName);
realm.setEnabled(true);
realm.addRequiredCredential(CredentialRepresentation.PASSWORD);
realm.setCentralLoginLifespan(3000);
@@ -54,9 +57,6 @@ public class ApplianceBootstrap {
realm.setRegistrationAllowed(false);
manager.generateRealmKeys(realm);
- realm.setLoginTheme("keycloak");
- realm.setAccountTheme("keycloak");
-
ApplicationModel adminConsole = new ApplicationManager(manager).createApplication(realm, Constants.ADMIN_CONSOLE_APPLICATION);
adminConsole.setBaseUrl("/auth/admin/index.html");
adminConsole.setEnabled(true);
diff --git a/services/src/main/java/org/keycloak/services/managers/RealmManager.java b/services/src/main/java/org/keycloak/services/managers/RealmManager.java
index 53e3c0b..dae9ae3 100755
--- a/services/src/main/java/org/keycloak/services/managers/RealmManager.java
+++ b/services/src/main/java/org/keycloak/services/managers/RealmManager.java
@@ -5,6 +5,7 @@ import org.keycloak.models.AccountRoles;
import org.keycloak.models.AdminRoles;
import org.keycloak.models.ApplicationModel;
import org.keycloak.models.ClientModel;
+import org.keycloak.models.Config;
import org.keycloak.models.Constants;
import org.keycloak.models.KeycloakSession;
import org.keycloak.models.OAuthClientModel;
@@ -51,7 +52,7 @@ public class RealmManager {
}
public RealmModel getKeycloakAdminstrationRealm() {
- return getRealm(Constants.ADMIN_REALM);
+ return getRealm(Config.getAdminRealm());
}
public RealmModel getRealm(String id) {
@@ -153,7 +154,7 @@ public class RealmManager {
RealmModel adminRealm;
RoleModel adminRole;
- if (realm.getName().equals(Constants.ADMIN_REALM)) {
+ if (realm.getName().equals(Config.getAdminRealm())) {
adminRealm = realm;
adminRole = realm.addRole(AdminRoles.ADMIN);
@@ -161,7 +162,7 @@ public class RealmManager {
RoleModel createRealmRole = realm.addRole(AdminRoles.CREATE_REALM);
adminRole.addCompositeRole(createRealmRole);
} else {
- adminRealm = identitySession.getRealmByName(Constants.ADMIN_REALM);
+ adminRealm = identitySession.getRealmByName(Config.getAdminRealm());
adminRole = adminRealm.getRole(AdminRoles.ADMIN);
}
diff --git a/services/src/main/java/org/keycloak/services/resources/AccountService.java b/services/src/main/java/org/keycloak/services/resources/AccountService.java
index 3814691..5b654b7 100755
--- a/services/src/main/java/org/keycloak/services/resources/AccountService.java
+++ b/services/src/main/java/org/keycloak/services/resources/AccountService.java
@@ -51,8 +51,6 @@ public class AccountService {
private static final Logger logger = Logger.getLogger(AccountService.class);
- public static final String ACCOUNT_IDENTITY_COOKIE = "KEYCLOAK_ACCOUNT_IDENTITY";
-
private RealmModel realm;
@Context
diff --git a/services/src/main/java/org/keycloak/services/resources/admin/AdminService.java b/services/src/main/java/org/keycloak/services/resources/admin/AdminService.java
index afe2317..c5cc177 100755
--- a/services/src/main/java/org/keycloak/services/resources/admin/AdminService.java
+++ b/services/src/main/java/org/keycloak/services/resources/admin/AdminService.java
@@ -8,6 +8,7 @@ import org.jboss.resteasy.spi.HttpResponse;
import org.keycloak.jaxrs.JaxrsOAuthClient;
import org.keycloak.models.AdminRoles;
import org.keycloak.models.ApplicationModel;
+import org.keycloak.models.Config;
import org.keycloak.models.Constants;
import org.keycloak.models.KeycloakSession;
import org.keycloak.models.RealmModel;
@@ -84,6 +85,7 @@ public class AdminService {
public static class WhoAmI {
protected String userId;
+ protected String realm;
protected String displayName;
@JsonProperty("createRealm")
@@ -94,8 +96,9 @@ public class AdminService {
public WhoAmI() {
}
- public WhoAmI(String userId, String displayName, boolean createRealm, Map<String, Set<String>> realmAccess) {
+ public WhoAmI(String userId, String realm, String displayName, boolean createRealm, Map<String, Set<String>> realmAccess) {
this.userId = userId;
+ this.realm = realm;
this.displayName = displayName;
this.createRealm = createRealm;
this.realmAccess = realmAccess;
@@ -109,6 +112,14 @@ public class AdminService {
this.userId = userId;
}
+ public String getRealm() {
+ return realm;
+ }
+
+ public void setRealm(String realm) {
+ this.realm = realm;
+ }
+
public String getDisplayName() {
return displayName;
}
@@ -185,7 +196,7 @@ public class AdminService {
Map<String, Set<String>> realmAccess = new HashMap<String, Set<String>>();
addRealmAdminAccess(realmAccess, auth.getRealm().getRoleMappings(auth.getUser()));
- return Response.ok(new WhoAmI(user.getId(), displayName, createRealm, realmAccess)).build();
+ return Response.ok(new WhoAmI(user.getId(), Config.getAdminRealm(), displayName, createRealm, realmAccess)).build();
}
private void addRealmAdminAccess(Map<String, Set<String>> realmAdminAccess, Set<RoleModel> roles) {
@@ -283,7 +294,7 @@ public class AdminService {
expireCookie();
JaxrsOAuthClient oauth = new JaxrsOAuthClient();
- String authUrl = TokenService.loginPageUrl(uriInfo).build(Constants.ADMIN_REALM).toString();
+ String authUrl = TokenService.loginPageUrl(uriInfo).build(Config.getAdminRealm()).toString();
logger.debug("authUrl: {0}", authUrl);
oauth.setAuthUrl(authUrl);
oauth.setClientId(Constants.ADMIN_CONSOLE_APPLICATION);
@@ -309,7 +320,7 @@ public class AdminService {
protected Response redirectOnLoginError(String message) {
URI uri = uriInfo.getBaseUriBuilder().path(AdminService.class).path(AdminService.class, "errorOnLoginRedirect").queryParam("error", message).build();
- URI logout = TokenService.logoutUrl(uriInfo).queryParam("redirect_uri", uri.toString()).build(Constants.ADMIN_REALM);
+ URI logout = TokenService.logoutUrl(uriInfo).queryParam("redirect_uri", uri.toString()).build(Config.getAdminRealm());
return Response.status(302).location(logout).build();
}
diff --git a/services/src/main/java/org/keycloak/services/resources/TokenService.java b/services/src/main/java/org/keycloak/services/resources/TokenService.java
index 0cae7c2..1cbdf5f 100755
--- a/services/src/main/java/org/keycloak/services/resources/TokenService.java
+++ b/services/src/main/java/org/keycloak/services/resources/TokenService.java
@@ -8,6 +8,7 @@ import org.keycloak.OAuthErrorException;
import org.keycloak.jose.jws.JWSInput;
import org.keycloak.jose.jws.crypto.RSAProvider;
import org.keycloak.models.ClientModel;
+import org.keycloak.models.Constants;
import org.keycloak.models.KeycloakSession;
import org.keycloak.models.KeycloakTransaction;
import org.keycloak.models.RealmModel;
@@ -619,7 +620,26 @@ public class TokenService {
return redirectUri;
} else {
String r = redirectUri.indexOf('?') != -1 ? redirectUri.substring(0, redirectUri.indexOf('?')) : redirectUri;
- return client.getRedirectUris().contains(r) ? redirectUri : null;
+
+ boolean valid = client.getRedirectUris().contains(r);
+
+ if (!valid && r.startsWith(Constants.INSTALLED_APP_URL) && r.indexOf(':', Constants.INSTALLED_APP_URL.length()) >= 0) {
+ int i = r.indexOf(':', Constants.INSTALLED_APP_URL.length());
+
+ StringBuilder sb = new StringBuilder();
+ sb.append(r.substring(0, i));
+
+ i = r.indexOf('/', i);
+ if (i >= 0) {
+ sb.append(r.substring(i));
+ }
+
+ r = sb.toString();
+
+ valid = client.getRedirectUris().contains(r);
+ }
+
+ return valid ? redirectUri : null;
}
}
diff --git a/testsuite/integration/src/main/java/org/keycloak/testutils/KeycloakServer.java b/testsuite/integration/src/main/java/org/keycloak/testutils/KeycloakServer.java
index cfcd1f3..68d6c5e 100755
--- a/testsuite/integration/src/main/java/org/keycloak/testutils/KeycloakServer.java
+++ b/testsuite/integration/src/main/java/org/keycloak/testutils/KeycloakServer.java
@@ -37,6 +37,7 @@ import io.undertow.servlet.api.ServletInfo;
import org.jboss.resteasy.logging.Logger;
import org.jboss.resteasy.plugins.server.undertow.UndertowJaxrsServer;
import org.jboss.resteasy.spi.ResteasyDeployment;
+import org.keycloak.models.Config;
import org.keycloak.theme.DefaultLoginThemeProvider;
import org.keycloak.services.tmp.TmpAdminRedirectServlet;
import org.keycloak.util.JsonSerialization;
@@ -136,9 +137,9 @@ public class KeycloakServer {
throw new RuntimeException("Invalid resources directory");
}
- if (!System.getProperties().containsKey("keycloak.theme.dir")) {
+ if (Config.getThemeDir() == null) {
System.setProperty(DefaultLoginThemeProvider.class.getName() + ".disabled", "");
- System.setProperty("keycloak.theme.dir", file(dir.getAbsolutePath(), "forms", "common-themes", "src", "main", "resources", "theme").getAbsolutePath());
+ Config.setThemeDir(file(dir.getAbsolutePath(), "forms", "common-themes", "src", "main", "resources", "theme").getAbsolutePath());
}
config.setResourcesHome(dir.getAbsolutePath());
diff --git a/testsuite/integration/src/test/java/org/keycloak/testsuite/oauth/AuthorizationCodeTest.java b/testsuite/integration/src/test/java/org/keycloak/testsuite/oauth/AuthorizationCodeTest.java
index 4e1f043..932c777 100755
--- a/testsuite/integration/src/test/java/org/keycloak/testsuite/oauth/AuthorizationCodeTest.java
+++ b/testsuite/integration/src/test/java/org/keycloak/testsuite/oauth/AuthorizationCodeTest.java
@@ -96,11 +96,7 @@ public class AuthorizationCodeTest {
keycloakRule.configure(new KeycloakRule.KeycloakSetup() {
@Override
public void config(RealmManager manager, RealmModel adminstrationRealm, RealmModel appRealm) {
- for (ApplicationModel app : appRealm.getApplications()) {
- if (app.getName().equals("test-app")) {
- app.addRedirectUri(oauth.getRedirectUri());
- }
- }
+ appRealm.getApplicationByName("test-app").addRedirectUri(oauth.getRedirectUri());
}
});
diff --git a/testsuite/integration/src/test/java/org/keycloak/testsuite/oauth/OAuthRedirectUriTest.java b/testsuite/integration/src/test/java/org/keycloak/testsuite/oauth/OAuthRedirectUriTest.java
index 55f66fc..0152868 100755
--- a/testsuite/integration/src/test/java/org/keycloak/testsuite/oauth/OAuthRedirectUriTest.java
+++ b/testsuite/integration/src/test/java/org/keycloak/testsuite/oauth/OAuthRedirectUriTest.java
@@ -26,6 +26,7 @@ import org.junit.ClassRule;
import org.junit.Rule;
import org.junit.Test;
import org.keycloak.models.ApplicationModel;
+import org.keycloak.models.Constants;
import org.keycloak.models.RealmModel;
import org.keycloak.services.managers.RealmManager;
import org.keycloak.testsuite.OAuthClient;
@@ -49,6 +50,15 @@ public class OAuthRedirectUriTest {
public void config(RealmManager manager, RealmModel adminstrationRealm, RealmModel appRealm) {
ApplicationModel app = appRealm.getApplicationNameMap().get("test-app");
app.addRedirectUri("http://localhost:8081/app");
+
+ ApplicationModel installedApp = appRealm.addApplication("test-installed");
+ installedApp.setEnabled(true);
+ installedApp.addRedirectUri(Constants.INSTALLED_APP_URN);
+ installedApp.addRedirectUri(Constants.INSTALLED_APP_URL);
+
+ ApplicationModel installedApp2 = appRealm.addApplication("test-installed2");
+ installedApp2.setEnabled(true);
+ installedApp2.addRedirectUri(Constants.INSTALLED_APP_URL + "/myapp");
}
});
@@ -151,6 +161,15 @@ public class OAuthRedirectUriTest {
}
@Test
+ public void testValid() throws IOException {
+ oauth.redirectUri("http://localhost:8081/app");
+ OAuthClient.AuthorizationCodeResponse response = oauth.doLogin("test-user@localhost", "password");
+
+ Assert.assertNotNull(response.getCode());
+ Assert.assertTrue(driver.getCurrentUrl().startsWith("http://localhost:8081/app?code="));
+ }
+
+ @Test
public void testInvalid() throws IOException {
oauth.redirectUri("http://localhost:8081/app2");
oauth.openLoginForm();
@@ -168,4 +187,40 @@ public class OAuthRedirectUriTest {
Assert.assertTrue(driver.getCurrentUrl().startsWith("http://localhost:8081/app?key=value&code="));
}
+
+ @Test
+ public void testLocalhost() throws IOException {
+ oauth.clientId("test-installed");
+
+ checkRedirectUri("urn:ietf:wg:oauth:2.0:oob", true);
+ checkRedirectUri("http://localhost", true);
+
+ checkRedirectUri("http://localhost:8081", true);
+
+ checkRedirectUri("http://localhosts", false);
+ checkRedirectUri("http://localhost/myapp", false);
+ checkRedirectUri("http://localhost:8081/myapp", false);
+
+ oauth.clientId("test-installed2");
+
+ checkRedirectUri("http://localhost/myapp", true);
+ checkRedirectUri("http://localhost:8081/myapp", true);
+
+ checkRedirectUri("http://localhosts/myapp", false);
+ checkRedirectUri("http://localhost", false);
+ checkRedirectUri("http://localhost/myapp2", false);
+ }
+
+ private void checkRedirectUri(String redirectUri, boolean expectValid) {
+ oauth.redirectUri(redirectUri);
+ oauth.openLoginForm();
+
+ if (expectValid) {
+ Assert.assertTrue(loginPage.isCurrent());
+ } else {
+ Assert.assertTrue(errorPage.isCurrent());
+ Assert.assertEquals("Invalid redirect_uri.", errorPage.getError());
+ }
+ }
+
}
diff --git a/testsuite/integration/src/test/java/org/keycloak/testsuite/rule/AbstractKeycloakRule.java b/testsuite/integration/src/test/java/org/keycloak/testsuite/rule/AbstractKeycloakRule.java
index a595694..5a65315 100755
--- a/testsuite/integration/src/test/java/org/keycloak/testsuite/rule/AbstractKeycloakRule.java
+++ b/testsuite/integration/src/test/java/org/keycloak/testsuite/rule/AbstractKeycloakRule.java
@@ -3,6 +3,7 @@ package org.keycloak.testsuite.rule;
import io.undertow.servlet.api.DeploymentInfo;
import io.undertow.servlet.api.ServletInfo;
import org.junit.rules.ExternalResource;
+import org.keycloak.models.Config;
import org.keycloak.models.Constants;
import org.keycloak.models.KeycloakSession;
import org.keycloak.models.RealmModel;
@@ -58,7 +59,7 @@ public abstract class AbstractKeycloakRule extends ExternalResource {
try {
RealmManager manager = new RealmManager(session);
- RealmModel adminstrationRealm = manager.getRealm(Constants.ADMIN_REALM);
+ RealmModel adminstrationRealm = manager.getRealm(Config.getAdminRealm());
configure(manager, adminstrationRealm);
diff --git a/testsuite/integration/src/test/java/org/keycloak/testsuite/rule/KeycloakRule.java b/testsuite/integration/src/test/java/org/keycloak/testsuite/rule/KeycloakRule.java
index 8540683..3e6e7af 100755
--- a/testsuite/integration/src/test/java/org/keycloak/testsuite/rule/KeycloakRule.java
+++ b/testsuite/integration/src/test/java/org/keycloak/testsuite/rule/KeycloakRule.java
@@ -21,6 +21,7 @@
*/
package org.keycloak.testsuite.rule;
+import org.keycloak.models.Config;
import org.keycloak.models.Constants;
import org.keycloak.models.KeycloakSession;
import org.keycloak.models.RealmModel;
@@ -66,7 +67,7 @@ public class KeycloakRule extends AbstractKeycloakRule {
try {
RealmManager manager = new RealmManager(session);
- RealmModel adminstrationRealm = manager.getRealm(Constants.ADMIN_REALM);
+ RealmModel adminstrationRealm = manager.getRealm(Config.getAdminRealm());
RealmModel appRealm = manager.getRealm("test");
configurer.config(manager, adminstrationRealm, appRealm);