Prosoft Git

keycloak-uncached

KEYCLOAK-2297

2/2/2016 3:28:50 PM
Bill Burke

Bill Burke

Commit: d0b17a0

Tree: 2b96d60

Parents: e228718

Changes

adapters/oidc/servlet-filter/src/main/java/org/keycloak/adapters/servlet/FilterRequestAuthenticator.java 27(+24 -3)

adapters/oidc/servlet-filter/src/main/java/org/keycloak/adapters/servlet/OIDCFilterSessionStore.java 5(+4 -1)

testsuite/integration/src/test/java/org/keycloak/testsuite/adapter/CustomerDatabaseServlet.java 5(+5 -0)

Details

adapters/oidc/servlet-filter/src/main/java/org/keycloak/adapters/servlet/FilterRequestAuthenticator.java 27(+24 -3) 

diff --git a/adapters/oidc/servlet-filter/src/main/java/org/keycloak/adapters/servlet/FilterRequestAuthenticator.java b/adapters/oidc/servlet-filter/src/main/java/org/keycloak/adapters/servlet/FilterRequestAuthenticator.java
index 4067266..80ec46f 100755
--- a/adapters/oidc/servlet-filter/src/main/java/org/keycloak/adapters/servlet/FilterRequestAuthenticator.java
+++ b/adapters/oidc/servlet-filter/src/main/java/org/keycloak/adapters/servlet/FilterRequestAuthenticator.java
@@ -10,6 +10,7 @@ import org.keycloak.adapters.OIDCHttpFacade;
 import org.keycloak.adapters.OidcKeycloakAccount;
 import org.keycloak.adapters.RefreshableKeycloakSecurityContext;
 import org.keycloak.adapters.RequestAuthenticator;
+import org.keycloak.adapters.spi.KeycloakAccount;
 
 import javax.servlet.http.HttpServletRequest;
 import javax.servlet.http.HttpSession;
@@ -68,13 +69,33 @@ public class FilterRequestAuthenticator extends RequestAuthenticator {
     }
 
     @Override
-    protected void completeBearerAuthentication(KeycloakPrincipal<RefreshableKeycloakSecurityContext> principal, String method) {
-        RefreshableKeycloakSecurityContext securityContext = principal.getKeycloakSecurityContext();
-        Set<String> roles = AdapterUtils.getRolesFromSecurityContext(securityContext);
+    protected void completeBearerAuthentication(final KeycloakPrincipal<RefreshableKeycloakSecurityContext> principal, String method) {
+        final RefreshableKeycloakSecurityContext securityContext = principal.getKeycloakSecurityContext();
+        final Set<String> roles = AdapterUtils.getRolesFromSecurityContext(securityContext);
         if (log.isLoggable(Level.FINE)) {
             log.fine("Completing bearer authentication. Bearer roles: " + roles);
         }
         request.setAttribute(KeycloakSecurityContext.class.getName(), securityContext);
+        OidcKeycloakAccount account = new OidcKeycloakAccount() {
+
+            @Override
+            public Principal getPrincipal() {
+                return principal;
+            }
+
+            @Override
+            public Set<String> getRoles() {
+                return roles;
+            }
+
+            @Override
+            public KeycloakSecurityContext getKeycloakSecurityContext() {
+                return securityContext;
+            }
+
+        };
+        // need this here to obtain UserPrincipal
+        request.setAttribute(KeycloakAccount.class.getName(), account);
     }
 
     @Override

adapters/oidc/servlet-filter/src/main/java/org/keycloak/adapters/servlet/OIDCFilterSessionStore.java 5(+4 -1) 

diff --git a/adapters/oidc/servlet-filter/src/main/java/org/keycloak/adapters/servlet/OIDCFilterSessionStore.java b/adapters/oidc/servlet-filter/src/main/java/org/keycloak/adapters/servlet/OIDCFilterSessionStore.java
index 0fa30dc..1198919 100755
--- a/adapters/oidc/servlet-filter/src/main/java/org/keycloak/adapters/servlet/OIDCFilterSessionStore.java
+++ b/adapters/oidc/servlet-filter/src/main/java/org/keycloak/adapters/servlet/OIDCFilterSessionStore.java
@@ -35,7 +35,10 @@ public class OIDCFilterSessionStore extends FilterSessionStore implements Adapte
 
     public HttpServletRequestWrapper buildWrapper() {
         HttpSession session = request.getSession();
-        KeycloakAccount account = (KeycloakAccount)session.getAttribute((KeycloakAccount.class.getName()));
+        KeycloakAccount account = (KeycloakAccount)session.getAttribute(KeycloakAccount.class.getName());
+        if (account == null) {
+            account = (KeycloakAccount)request.getAttribute(KeycloakAccount.class.getName());
+        }
         return buildWrapper(session, account);
     }

testsuite/integration/src/test/java/org/keycloak/testsuite/adapter/CustomerDatabaseServlet.java 5(+5 -0) 

diff --git a/testsuite/integration/src/test/java/org/keycloak/testsuite/adapter/CustomerDatabaseServlet.java b/testsuite/integration/src/test/java/org/keycloak/testsuite/adapter/CustomerDatabaseServlet.java
index c4bc7e3..a2f8bf4 100755
--- a/testsuite/integration/src/test/java/org/keycloak/testsuite/adapter/CustomerDatabaseServlet.java
+++ b/testsuite/integration/src/test/java/org/keycloak/testsuite/adapter/CustomerDatabaseServlet.java
@@ -1,11 +1,14 @@
 package org.keycloak.testsuite.adapter;
 
+import org.junit.Assert;
+
 import javax.servlet.ServletException;
 import javax.servlet.http.HttpServlet;
 import javax.servlet.http.HttpServletRequest;
 import javax.servlet.http.HttpServletResponse;
 import java.io.IOException;
 import java.io.PrintWriter;
+import java.security.Principal;
 
 /**
  * @author <a href="mailto:bill@burkecentral.com">Bill Burke</a>
@@ -18,6 +21,8 @@ public class CustomerDatabaseServlet extends HttpServlet {
     protected void doGet(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException {
         resp.setContentType("text/html");
         PrintWriter pw = resp.getWriter();
+        Principal principal = req.getUserPrincipal();
+        Assert.assertNotNull(principal);
         pw.printf("<html><head><title>%s</title></head><body>", "Customer Portal");
         pw.println("Stian Thorgersen");
         pw.println("Bill Burke");

Bonobo Git Server (6.3.0.632) © 2015 Jakub Chodounský · Official Page · Github