keycloak-aplcache

[KEYCLOAK-3629] - Some Adapters do not work with SSL Redirect

11/17/2017 5:51:49 PM

pedroigor

Commit: 6587cfa

Tree: ec3978c

Parents: 6a528a3

Changes

adapters/oidc/adapter-core/src/main/java/org/keycloak/adapters/AdapterDeploymentContext.java 10(+10 -0)

adapters/oidc/adapter-core/src/main/java/org/keycloak/adapters/KeycloakDeployment.java 9(+9 -0)

adapters/oidc/adapter-core/src/main/java/org/keycloak/adapters/KeycloakDeploymentBuilder.java 5(+5 -0)

adapters/oidc/adapter-core/src/main/java/org/keycloak/adapters/OAuthRequestAuthenticator.java 2(+1 -1)

core/src/main/java/org/keycloak/representations/adapters/config/BaseRealmConfig.java 10(+10 -0)

Details

adapters/oidc/adapter-core/src/main/java/org/keycloak/adapters/AdapterDeploymentContext.java 10(+10 -0)

diff --git a/adapters/oidc/adapter-core/src/main/java/org/keycloak/adapters/AdapterDeploymentContext.java b/adapters/oidc/adapter-core/src/main/java/org/keycloak/adapters/AdapterDeploymentContext.java
index dd0d39b..5625c60 100755
--- a/adapters/oidc/adapter-core/src/main/java/org/keycloak/adapters/AdapterDeploymentContext.java
+++ b/adapters/oidc/adapter-core/src/main/java/org/keycloak/adapters/AdapterDeploymentContext.java
@@ -278,6 +278,16 @@ public class AdapterDeploymentContext {
         }
 
         @Override
+        public int getConfidentialPort() {
+            return delegate.getConfidentialPort();
+        }
+
+        @Override
+        public void setConfidentialPort(int confidentialPort) {
+            delegate.setConfidentialPort(confidentialPort);
+        }
+
+        @Override
         public TokenStore getTokenStore() {
             return delegate.getTokenStore();
         }

adapters/oidc/adapter-core/src/main/java/org/keycloak/adapters/KeycloakDeployment.java 9(+9 -0)

diff --git a/adapters/oidc/adapter-core/src/main/java/org/keycloak/adapters/KeycloakDeployment.java b/adapters/oidc/adapter-core/src/main/java/org/keycloak/adapters/KeycloakDeployment.java
index 707b882..a8452f0 100755
--- a/adapters/oidc/adapter-core/src/main/java/org/keycloak/adapters/KeycloakDeployment.java
+++ b/adapters/oidc/adapter-core/src/main/java/org/keycloak/adapters/KeycloakDeployment.java
@@ -68,6 +68,7 @@ public class KeycloakDeployment {
 
     protected String scope;
     protected SslRequired sslRequired = SslRequired.ALL;
+    protected int confidentialPort = -1;
     protected TokenStore tokenStore = TokenStore.SESSION;
     protected String stateCookieName = "OAuth_Token_Request_State";
     protected boolean useResourceRoleMappings;
@@ -277,6 +278,14 @@ public class KeycloakDeployment {
         this.sslRequired = sslRequired;
     }
 
+    public int getConfidentialPort() {
+        return confidentialPort;
+    }
+
+    public void setConfidentialPort(int confidentialPort) {
+        this.confidentialPort = confidentialPort;
+    }
+
     public TokenStore getTokenStore() {
         return tokenStore;
     }

adapters/oidc/adapter-core/src/main/java/org/keycloak/adapters/KeycloakDeploymentBuilder.java 5(+5 -0)

diff --git a/adapters/oidc/adapter-core/src/main/java/org/keycloak/adapters/KeycloakDeploymentBuilder.java b/adapters/oidc/adapter-core/src/main/java/org/keycloak/adapters/KeycloakDeploymentBuilder.java
index 7fca1f1..fa7da95 100755
--- a/adapters/oidc/adapter-core/src/main/java/org/keycloak/adapters/KeycloakDeploymentBuilder.java
+++ b/adapters/oidc/adapter-core/src/main/java/org/keycloak/adapters/KeycloakDeploymentBuilder.java
@@ -78,6 +78,11 @@ public class KeycloakDeploymentBuilder {
         } else {
             deployment.setSslRequired(SslRequired.EXTERNAL);
         }
+
+        if (adapterConfig.getConfidentialPort() != -1) {
+            deployment.setConfidentialPort(adapterConfig.getConfidentialPort());
+        }
+
         if (adapterConfig.getTokenStore() != null) {
             deployment.setTokenStore(TokenStore.valueOf(adapterConfig.getTokenStore().toUpperCase()));
         } else {

adapters/oidc/adapter-core/src/main/java/org/keycloak/adapters/OAuthRequestAuthenticator.java 2(+1 -1)

diff --git a/adapters/oidc/adapter-core/src/main/java/org/keycloak/adapters/OAuthRequestAuthenticator.java b/adapters/oidc/adapter-core/src/main/java/org/keycloak/adapters/OAuthRequestAuthenticator.java
index 7b0ee80..e7c9071 100755
--- a/adapters/oidc/adapter-core/src/main/java/org/keycloak/adapters/OAuthRequestAuthenticator.java
+++ b/adapters/oidc/adapter-core/src/main/java/org/keycloak/adapters/OAuthRequestAuthenticator.java
@@ -66,7 +66,7 @@ public class OAuthRequestAuthenticator {
         this.reqAuthenticator = requestAuthenticator;
         this.facade = facade;
         this.deployment = deployment;
-        this.sslRedirectPort = sslRedirectPort;
+        this.sslRedirectPort = deployment.getConfidentialPort() != -1 ? deployment.getConfidentialPort() : sslRedirectPort;
         this.tokenStore = tokenStore;
     }

core/src/main/java/org/keycloak/representations/adapters/config/BaseRealmConfig.java 10(+10 -0)

diff --git a/core/src/main/java/org/keycloak/representations/adapters/config/BaseRealmConfig.java b/core/src/main/java/org/keycloak/representations/adapters/config/BaseRealmConfig.java
index e94dfa9..cfb687d 100755
--- a/core/src/main/java/org/keycloak/representations/adapters/config/BaseRealmConfig.java
+++ b/core/src/main/java/org/keycloak/representations/adapters/config/BaseRealmConfig.java
@@ -36,6 +36,8 @@ public class BaseRealmConfig {
     protected String authServerUrl;
     @JsonProperty("ssl-required")
     protected String sslRequired;
+    @JsonProperty("confidential-port")
+    protected int confidentialPort;
 
     public String getSslRequired() {
         return sslRequired;
@@ -68,4 +70,12 @@ public class BaseRealmConfig {
     public void setAuthServerUrl(String authServerUrl) {
         this.authServerUrl = authServerUrl;
     }
+
+    public int getConfidentialPort() {
+        return confidentialPort;
+    }
+
+    public void setConfidentialPort(int confidentialPort) {
+        this.confidentialPort = confidentialPort;
+    }
 }