Details
diff --git a/core/src/main/java/org/keycloak/constants/AdapterConstants.java b/core/src/main/java/org/keycloak/constants/AdapterConstants.java
index 18f21a8..df302b2 100755
--- a/core/src/main/java/org/keycloak/constants/AdapterConstants.java
+++ b/core/src/main/java/org/keycloak/constants/AdapterConstants.java
@@ -31,5 +31,5 @@ public interface AdapterConstants {
public static final String KEYCLOAK_ADAPTER_STATE_COOKIE = "KEYCLOAK_ADAPTER_STATE";
// Request parameter used to specify the identifier of the identity provider that should be used to authenticate an user
- String K_IDP_HINT = "k_idp_hint";
+ String KC_IDP_HINT = "kc_idp_hint";
}
diff --git a/docbook/reference/en/en-US/modules/identity-broker.xml b/docbook/reference/en/en-US/modules/identity-broker.xml
index 233afed..673f00a 100755
--- a/docbook/reference/en/en-US/modules/identity-broker.xml
+++ b/docbook/reference/en/en-US/modules/identity-broker.xml
@@ -1008,9 +1008,9 @@ Authorization: Bearer {keycloak_access_token}]]></programlisting>
Keycloak supports a specific HTTP query parameter that you can use as a hint to tell the server which identity provider should be used to authenticate the user.
</para>
<para>
- For that, you can append the <literal>k_idp_hint</literal> as a query parameter to your application url, as follows:
+ For that, you can append the <literal>kc_idp_hint</literal> as a query parameter to your application url, as follows:
</para>
- <programlisting language="JAVA"><![CDATA[GET /myapplication.com?k_idp_hint=facebook HTTP/1.1
+ <programlisting language="JAVA"><![CDATA[GET /myapplication.com?kc_idp_hint=facebook HTTP/1.1
Host: localhost:8080]]></programlisting>
<para>
In this case, is expected that your realm has an identity provider with an alias <literal>facebook</literal>.
diff --git a/integration/adapter-core/src/main/java/org/keycloak/adapters/OAuthRequestAuthenticator.java b/integration/adapter-core/src/main/java/org/keycloak/adapters/OAuthRequestAuthenticator.java
index 90a2204..bd2012f 100755
--- a/integration/adapter-core/src/main/java/org/keycloak/adapters/OAuthRequestAuthenticator.java
+++ b/integration/adapter-core/src/main/java/org/keycloak/adapters/OAuthRequestAuthenticator.java
@@ -4,6 +4,7 @@ import org.jboss.logging.Logger;
import org.keycloak.OAuth2Constants;
import org.keycloak.RSATokenVerifier;
import org.keycloak.VerificationException;
+import org.keycloak.constants.AdapterConstants;
import org.keycloak.enums.TokenStore;
import org.keycloak.jose.jws.JWSInput;
import org.keycloak.representations.AccessToken;
@@ -16,7 +17,6 @@ import java.io.IOException;
import java.util.UUID;
import java.util.concurrent.atomic.AtomicLong;
-import static org.keycloak.constants.AdapterConstants.K_IDP_HINT;
/**
* @author <a href="mailto:bill@burkecentral.com">Bill Burke</a>
@@ -132,8 +132,8 @@ public class OAuthRequestAuthenticator {
String loginHint = getQueryParamValue("login_hint");
url = UriUtils.stripQueryParam(url,"login_hint");
- String idpHint = getQueryParamValue(K_IDP_HINT);
- url = UriUtils.stripQueryParam(url, K_IDP_HINT);
+ String idpHint = getQueryParamValue(AdapterConstants.KC_IDP_HINT);
+ url = UriUtils.stripQueryParam(url, AdapterConstants.KC_IDP_HINT);
KeycloakUriBuilder redirectUriBuilder = deployment.getAuthUrl().clone()
.queryParam(OAuth2Constants.RESPONSE_TYPE, OAuth2Constants.CODE)
@@ -145,7 +145,7 @@ public class OAuthRequestAuthenticator {
redirectUriBuilder.queryParam("login_hint",loginHint);
}
if (idpHint != null && idpHint.length() > 0) {
- redirectUriBuilder.queryParam(K_IDP_HINT,idpHint);
+ redirectUriBuilder.queryParam(AdapterConstants.KC_IDP_HINT,idpHint);
}
return redirectUriBuilder.build().toString();
diff --git a/integration/js/src/main/resources/keycloak.js b/integration/js/src/main/resources/keycloak.js
index 34118c2..9921e1b 100755
--- a/integration/js/src/main/resources/keycloak.js
+++ b/integration/js/src/main/resources/keycloak.js
@@ -161,7 +161,7 @@
}
if (options && options.idpHint) {
- url += '&k_idp_hint=' + options.idpHint;
+ url += '&kc_idp_hint=' + options.idpHint;
}
return url;
diff --git a/services/src/main/java/org/keycloak/protocol/oidc/endpoints/AuthorizationEndpoint.java b/services/src/main/java/org/keycloak/protocol/oidc/endpoints/AuthorizationEndpoint.java
index bebf703..824b176 100644
--- a/services/src/main/java/org/keycloak/protocol/oidc/endpoints/AuthorizationEndpoint.java
+++ b/services/src/main/java/org/keycloak/protocol/oidc/endpoints/AuthorizationEndpoint.java
@@ -5,6 +5,7 @@ import org.jboss.resteasy.specimpl.MultivaluedMapImpl;
import org.jboss.resteasy.spi.HttpRequest;
import org.keycloak.ClientConnection;
import org.keycloak.OAuth2Constants;
+import org.keycloak.constants.AdapterConstants;
import org.keycloak.events.Details;
import org.keycloak.events.Errors;
import org.keycloak.events.EventBuilder;
@@ -132,7 +133,7 @@ public class AuthorizationEndpoint {
scope = params.getFirst(OIDCLoginProtocol.SCOPE_PARAM);
loginHint = params.getFirst(OIDCLoginProtocol.LOGIN_HINT_PARAM);
prompt = params.getFirst(OIDCLoginProtocol.REDIRECT_URI_PARAM);
- idpHint = params.getFirst(OIDCLoginProtocol.K_IDP_HINT);
+ idpHint = params.getFirst(AdapterConstants.KC_IDP_HINT);
checkSsl();
checkRealm();
@@ -227,7 +228,7 @@ public class AuthorizationEndpoint {
if (scope != null) clientSession.setNote(OIDCLoginProtocol.SCOPE_PARAM, scope);
if (loginHint != null) clientSession.setNote(OIDCLoginProtocol.LOGIN_HINT_PARAM, loginHint);
if (prompt != null) clientSession.setNote(OIDCLoginProtocol.PROMPT_PARAM, prompt);
- if (idpHint != null) clientSession.setNote(OIDCLoginProtocol.K_IDP_HINT, idpHint);
+ if (idpHint != null) clientSession.setNote(AdapterConstants.KC_IDP_HINT, idpHint);
}
private Response buildAuthorizationCodeAuthorizationResponse() {
diff --git a/services/src/main/java/org/keycloak/protocol/oidc/OIDCLoginProtocol.java b/services/src/main/java/org/keycloak/protocol/oidc/OIDCLoginProtocol.java
index 433acd7..1c473f9 100755
--- a/services/src/main/java/org/keycloak/protocol/oidc/OIDCLoginProtocol.java
+++ b/services/src/main/java/org/keycloak/protocol/oidc/OIDCLoginProtocol.java
@@ -54,7 +54,6 @@ public class OIDCLoginProtocol implements LoginProtocol {
public static final String CLIENT_ID_PARAM = "client_id";
public static final String PROMPT_PARAM = "prompt";
public static final String LOGIN_HINT_PARAM = "login_hint";
- public static final String K_IDP_HINT = "k_idp_hint";
private static final Logger log = Logger.getLogger(OIDCLoginProtocol.class);
diff --git a/testsuite/integration/src/test/java/org/keycloak/testsuite/broker/IdentityProviderHintTest.java b/testsuite/integration/src/test/java/org/keycloak/testsuite/broker/IdentityProviderHintTest.java
index bac23e8..20be993 100755
--- a/testsuite/integration/src/test/java/org/keycloak/testsuite/broker/IdentityProviderHintTest.java
+++ b/testsuite/integration/src/test/java/org/keycloak/testsuite/broker/IdentityProviderHintTest.java
@@ -54,7 +54,7 @@ public class IdentityProviderHintTest {
@Test
public void testSuccessfulRedirect() {
- this.driver.navigate().to("http://localhost:8081/test-app?k_idp_hint=kc-oidc-idp");
+ this.driver.navigate().to("http://localhost:8081/test-app?kc_idp_hint=kc-oidc-idp");
assertTrue(this.driver.getCurrentUrl().startsWith("http://localhost:8082/auth/"));
@@ -72,7 +72,7 @@ public class IdentityProviderHintTest {
@Test
public void testInvalidIdentityProviderHint() {
- this.driver.navigate().to("http://localhost:8081/test-app?k_idp_hint=invalid-idp-id");
+ this.driver.navigate().to("http://localhost:8081/test-app?kc_idp_hint=invalid-idp-id");
assertTrue(this.driver.getCurrentUrl().startsWith("http://localhost:8081/auth/realms/realm-with-broker/protocol/openid-connect/auth"));
