Details
diff --git a/core/src/main/java/org/keycloak/representations/SkeletonKeyToken.java b/core/src/main/java/org/keycloak/representations/SkeletonKeyToken.java
index 817c9f5..2d2641c 100755
--- a/core/src/main/java/org/keycloak/representations/SkeletonKeyToken.java
+++ b/core/src/main/java/org/keycloak/representations/SkeletonKeyToken.java
@@ -55,7 +55,7 @@ public class SkeletonKeyToken extends JsonWebToken {
protected Set<String> trustedCertificates;
@JsonProperty("allowed-origins")
- protected List<String> allowsOrigins;
+ protected List<String> allowedOrigins;
@JsonProperty("realm_access")
protected Access realmAccess;
@@ -143,12 +143,12 @@ public class SkeletonKeyToken extends JsonWebToken {
return (SkeletonKeyToken) super.type(type);
}
- public List<String> getAllowsOrigins() {
- return allowsOrigins;
+ public List<String> getAllowedOrigins() {
+ return allowedOrigins;
}
- public void setAllowsOrigins(List<String> allowsOrigins) {
- this.allowsOrigins = allowsOrigins;
+ public void setAllowedOrigins(List<String> allowedOrigins) {
+ this.allowedOrigins = allowedOrigins;
}
public Access getRealmAccess() {
diff --git a/services/src/main/java/org/keycloak/services/managers/TokenManager.java b/services/src/main/java/org/keycloak/services/managers/TokenManager.java
index e3012b6..c8048c4 100755
--- a/services/src/main/java/org/keycloak/services/managers/TokenManager.java
+++ b/services/src/main/java/org/keycloak/services/managers/TokenManager.java
@@ -11,6 +11,7 @@ import org.keycloak.representations.SkeletonKeyToken;
import javax.ws.rs.core.MultivaluedMap;
import java.io.IOException;
import java.io.UnsupportedEncodingException;
+import java.util.ArrayList;
import java.util.List;
import java.util.Map;
import java.util.Set;
@@ -117,6 +118,12 @@ public class TokenManager {
if (realm.getTokenLifespan() > 0) {
token.expiration((System.currentTimeMillis() / 1000) + realm.getTokenLifespan());
}
+ Set<String> allowedOrigins = client.getWebOrigins();
+ if (allowedOrigins != null && allowedOrigins.size() > 0) {
+ List<String> allowed = new ArrayList<String>();
+ allowed.addAll(allowedOrigins);
+ token.setAllowedOrigins(allowed);
+ }
return token;
}
diff --git a/services/src/main/java/org/keycloak/services/resources/SaasService.java b/services/src/main/java/org/keycloak/services/resources/SaasService.java
index 38a4991..9fc861f 100755
--- a/services/src/main/java/org/keycloak/services/resources/SaasService.java
+++ b/services/src/main/java/org/keycloak/services/resources/SaasService.java
@@ -95,6 +95,17 @@ public class SaasService {
}
}
+ /** test code for screwing around with CORS
+
+ @Path("set-cookie")
+ @GET
+ @NoCache
+ @Produces("text/plain")
+ public Response cookie(@Context HttpHeaders headers) {
+ return Response.ok("cookie set", MediaType.TEXT_PLAIN_TYPE).cookie(new NewCookie("testcookie", "value")).build();
+ }
+
+
@Path("ping")
@GET
@NoCache
@@ -102,7 +113,11 @@ public class SaasService {
public String ping(@Context HttpHeaders headers) {
logger.info("************** GET PING");
for (String header : headers.getRequestHeaders().keySet()) {
- logger.info(" " + header + ": " + headers.getHeaderString(header));
+ logger.info(" header --- " + header + ": " + headers.getHeaderString(header));
+ }
+ for (String cookieName : headers.getCookies().keySet()) {
+ logger.info(" cookie --- " + cookieName);
+
}
return "ping";
}
@@ -116,10 +131,17 @@ public class SaasService {
for (String header : headers.getRequestHeaders().keySet()) {
logger.info(" " + header + ": " + headers.getHeaderString(header));
}
+ for (String cookieName : headers.getCookies().keySet()) {
+ logger.info(" cookie --- " + cookieName);
+
+ }
return Response.ok()
.header("Access-Control-Allow-Origin", "*")
- .header("Access-Control-Allow-Headers", HttpHeaders.AUTHORIZATION).build();
+ .header("Access-Control-Allow-Headers", HttpHeaders.AUTHORIZATION)
+ .header("Access-Control-Allow-Credentials", "true")
+ .build();
}
+ */
@Path("keepalive")
