keycloak-aplcache
Changes
examples/demo-template/admin-access-app/src/main/java/org/keycloak/example/AdminClient.java 9(+7 -2)
examples/demo-template/customer-app/src/main/java/org/keycloak/example/CustomerDatabaseClient.java 29(+10 -19)
examples/demo-template/product-app/src/main/java/org/keycloak/example/oauth/ProductDatabaseClient.java 8(+2 -6)
Details
diff --git a/core/src/main/java/org/keycloak/enums/RelativeUrlsUsed.java b/core/src/main/java/org/keycloak/enums/RelativeUrlsUsed.java
index 333986a..cadeb14 100644
--- a/core/src/main/java/org/keycloak/enums/RelativeUrlsUsed.java
+++ b/core/src/main/java/org/keycloak/enums/RelativeUrlsUsed.java
@@ -21,14 +21,14 @@ public enum RelativeUrlsUsed {
*/
NEVER;
- public boolean useRelative(boolean browserReq) {
+ public boolean useRelative(boolean isBrowserReq) {
switch (this) {
case ALL_REQUESTS:
return true;
case NEVER:
return false;
case BROWSER_ONLY:
- return browserReq;
+ return isBrowserReq;
default:
return true;
}
diff --git a/core/src/main/java/org/keycloak/util/UriUtils.java b/core/src/main/java/org/keycloak/util/UriUtils.java
index 5f13756..60418ea 100644
--- a/core/src/main/java/org/keycloak/util/UriUtils.java
+++ b/core/src/main/java/org/keycloak/util/UriUtils.java
@@ -18,22 +18,6 @@ public class UriUtils {
return u.substring(0, u.indexOf('/', 8));
}
- /**
- * Get origin based on current hostname
- *
- * @param scheme
- * @param port
- * @return Address like "http://myHost:8080"
- */
- public static String getLocalOrigin(String scheme, Integer port) {
- String hostname = getHostName();
- StringBuilder sb = new StringBuilder(scheme + "://" + hostname);
- if (port != null && port != -1) {
- sb.append(":").append(port);
- }
- return sb.toString();
- }
-
public static String getHostName() {
try {
return InetAddress.getLocalHost().getHostName();
diff --git a/examples/demo-template/admin-access-app/src/main/java/org/keycloak/example/AdminClient.java b/examples/demo-template/admin-access-app/src/main/java/org/keycloak/example/AdminClient.java
index d97e285..2a83775 100755
--- a/examples/demo-template/admin-access-app/src/main/java/org/keycloak/example/AdminClient.java
+++ b/examples/demo-template/admin-access-app/src/main/java/org/keycloak/example/AdminClient.java
@@ -15,6 +15,7 @@ import org.keycloak.representations.AccessTokenResponse;
import org.keycloak.representations.idm.RoleRepresentation;
import org.keycloak.util.JsonSerialization;
import org.keycloak.util.KeycloakUriBuilder;
+import org.keycloak.util.UriUtils;
import javax.servlet.http.HttpServletRequest;
import java.io.ByteArrayOutputStream;
@@ -158,8 +159,12 @@ public class AdminClient {
}
public static String getBaseUrl(HttpServletRequest request) {
- String url = request.getRequestURL().toString();
- return url.substring(0, url.indexOf('/', 8));
+ String useHostname = request.getServletContext().getInitParameter("useHostname");
+ if (useHostname != null && "true".equalsIgnoreCase(useHostname)) {
+ return "http://" + UriUtils.getHostName() + ":8080";
+ } else {
+ return UriUtils.getOrigin(request.getRequestURL().toString());
+ }
}
}
diff --git a/examples/demo-template/admin-access-app/src/main/webapp/WEB-INF/web.xml b/examples/demo-template/admin-access-app/src/main/webapp/WEB-INF/web.xml
index 1c496ce..89fe10e 100755
--- a/examples/demo-template/admin-access-app/src/main/webapp/WEB-INF/web.xml
+++ b/examples/demo-template/admin-access-app/src/main/webapp/WEB-INF/web.xml
@@ -6,4 +6,9 @@
<module-name>admin-access</module-name>
+ <context-param>
+ <param-name>useHostname</param-name>
+ <param-value>false</param-value>
+ </context-param>
+
</web-app>
diff --git a/examples/demo-template/customer-app/src/main/java/org/keycloak/example/AdminClient.java b/examples/demo-template/customer-app/src/main/java/org/keycloak/example/AdminClient.java
index 8bf9d59..611292b 100755
--- a/examples/demo-template/customer-app/src/main/java/org/keycloak/example/AdminClient.java
+++ b/examples/demo-template/customer-app/src/main/java/org/keycloak/example/AdminClient.java
@@ -5,6 +5,7 @@ import org.apache.http.HttpResponse;
import org.apache.http.client.HttpClient;
import org.apache.http.client.methods.HttpGet;
import org.keycloak.KeycloakSecurityContext;
+import org.keycloak.adapters.AdapterUtils;
import org.keycloak.adapters.HttpClientBuilder;
import org.keycloak.representations.idm.RoleRepresentation;
import org.keycloak.util.JsonSerialization;
@@ -42,7 +43,7 @@ public class AdminClient {
HttpClient client = new HttpClientBuilder()
.disableTrustManager().build();
try {
- HttpGet get = new HttpGet(CustomerDatabaseClient.getBaseUrl(req, session) + "/auth/admin/realms/demo/roles");
+ HttpGet get = new HttpGet(AdapterUtils.getBaseUrl(req.getRequestURL().toString(), session) + "/auth/admin/realms/demo/roles");
get.addHeader("Authorization", "Bearer " + session.getTokenString());
try {
HttpResponse response = client.execute(get);
diff --git a/examples/demo-template/customer-app/src/main/java/org/keycloak/example/CustomerDatabaseClient.java b/examples/demo-template/customer-app/src/main/java/org/keycloak/example/CustomerDatabaseClient.java
index 8468a48..7e3d74c 100755
--- a/examples/demo-template/customer-app/src/main/java/org/keycloak/example/CustomerDatabaseClient.java
+++ b/examples/demo-template/customer-app/src/main/java/org/keycloak/example/CustomerDatabaseClient.java
@@ -5,6 +5,7 @@ import org.apache.http.HttpResponse;
import org.apache.http.client.HttpClient;
import org.apache.http.client.methods.HttpGet;
import org.keycloak.KeycloakSecurityContext;
+import org.keycloak.adapters.AdapterUtils;
import org.keycloak.adapters.HttpClientBuilder;
import org.keycloak.adapters.KeycloakDeployment;
import org.keycloak.adapters.RefreshableKeycloakSecurityContext;
@@ -14,6 +15,8 @@ import org.keycloak.util.JsonSerialization;
import org.keycloak.util.UriUtils;
import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpSession;
+
import java.io.IOException;
import java.io.InputStream;
import java.util.ArrayList;
@@ -52,7 +55,7 @@ public class CustomerDatabaseClient {
HttpClient client = new HttpClientBuilder()
.disableTrustManager().build();
try {
- HttpGet get = new HttpGet(getBaseUrl(req, session) + "/database/customers");
+ HttpGet get = new HttpGet(AdapterUtils.getBaseUrl(req.getRequestURL().toString(), session) + "/database/customers");
get.addHeader("Authorization", "Bearer " + session.getTokenString());
try {
HttpResponse response = client.execute(get);
@@ -74,23 +77,11 @@ public class CustomerDatabaseClient {
}
}
- public static String getBaseUrl(HttpServletRequest request, KeycloakSecurityContext session) {
- if (session instanceof RefreshableKeycloakSecurityContext) {
- KeycloakDeployment deployment = ((RefreshableKeycloakSecurityContext)session).getDeployment();
- switch (deployment.getRelativeUrls()) {
- case ALL_REQUESTS:
- // Resolve baseURI from the request
- return UriUtils.getOrigin(request.getRequestURL().toString());
- case BROWSER_ONLY:
- // Resolve baseURI from the codeURL (This is already non-relative and based on our hostname)
- return UriUtils.getOrigin(deployment.getCodeUrl());
- case NEVER:
- return "";
- default:
- return "";
- }
- } else {
- return UriUtils.getOrigin(request.getRequestURL().toString());
- }
+ public static String increaseAndGetCounter(HttpServletRequest req) {
+ HttpSession session = req.getSession();
+ Integer counter = (Integer)session.getAttribute("counter");
+ counter = (counter == null) ? 1 : counter + 1;
+ session.setAttribute("counter", counter);
+ return String.valueOf(counter);
}
}
diff --git a/examples/demo-template/customer-app/src/main/webapp/customers/session.jsp b/examples/demo-template/customer-app/src/main/webapp/customers/session.jsp
new file mode 100644
index 0000000..07f99a1
--- /dev/null
+++ b/examples/demo-template/customer-app/src/main/webapp/customers/session.jsp
@@ -0,0 +1,17 @@
+<%@ page language="java" contentType="text/html; charset=ISO-8859-1"
+ pageEncoding="ISO-8859-1" %>
+<%@ page import="org.keycloak.ServiceUrlConstants" %>
+<%@ page import="org.keycloak.example.CustomerDatabaseClient" %>
+<%@ page import="org.keycloak.representations.IDToken" %>
+<%@ page import="org.keycloak.util.UriUtils" %>
+<html>
+ <head>
+ <title>Customer Session Page</title>
+ </head>
+ <body bgcolor="#E3F6CE">
+ <p>Your hostname: <%= UriUtils.getHostName() %></p>
+ <p>Your session ID: <%= request.getSession().getId() %></p>
+ <p>You visited this page <b><%= CustomerDatabaseClient.increaseAndGetCounter(request) %></b> times.</p>
+ <br><br>
+ </body>
+</html>
\ No newline at end of file
diff --git a/examples/demo-template/customer-app/src/main/webapp/index.html b/examples/demo-template/customer-app/src/main/webapp/index.html
index 1da03e4..8eb0c32 100755
--- a/examples/demo-template/customer-app/src/main/webapp/index.html
+++ b/examples/demo-template/customer-app/src/main/webapp/index.html
@@ -11,5 +11,8 @@
<p><a href="admin/admin.jsp">Customer Admin Interface</a></p>
+<p><a href="customers/session.jsp">Customer Session</a></p>
+
+
</body>
</html>
\ No newline at end of file
diff --git a/examples/demo-template/product-app/src/main/java/org/keycloak/example/oauth/ProductDatabaseClient.java b/examples/demo-template/product-app/src/main/java/org/keycloak/example/oauth/ProductDatabaseClient.java
index 79827b3..9557f28 100755
--- a/examples/demo-template/product-app/src/main/java/org/keycloak/example/oauth/ProductDatabaseClient.java
+++ b/examples/demo-template/product-app/src/main/java/org/keycloak/example/oauth/ProductDatabaseClient.java
@@ -5,6 +5,7 @@ import org.apache.http.HttpResponse;
import org.apache.http.client.HttpClient;
import org.apache.http.client.methods.HttpGet;
import org.keycloak.KeycloakSecurityContext;
+import org.keycloak.adapters.AdapterUtils;
import org.keycloak.adapters.HttpClientBuilder;
import org.keycloak.util.JsonSerialization;
@@ -39,7 +40,7 @@ public class ProductDatabaseClient
HttpClient client = new HttpClientBuilder()
.disableTrustManager().build();
try {
- HttpGet get = new HttpGet(getBaseUrl(req) + "/database/products");
+ HttpGet get = new HttpGet(AdapterUtils.getBaseUrl(req.getRequestURL().toString(), session) + "/database/products");
get.addHeader("Authorization", "Bearer " + session.getTokenString());
try {
HttpResponse response = client.execute(get);
@@ -61,9 +62,4 @@ public class ProductDatabaseClient
}
}
- public static String getBaseUrl(HttpServletRequest request) {
- String url = request.getRequestURL().toString();
- return url.substring(0, url.indexOf('/', 8));
- }
-
}
diff --git a/examples/demo-template/product-app/src/main/webapp/WEB-INF/keycloak.json b/examples/demo-template/product-app/src/main/webapp/WEB-INF/keycloak.json
index fb07e7f..c1ae517 100755
--- a/examples/demo-template/product-app/src/main/webapp/WEB-INF/keycloak.json
+++ b/examples/demo-template/product-app/src/main/webapp/WEB-INF/keycloak.json
@@ -6,5 +6,6 @@
"ssl-required" : "external",
"credentials" : {
"secret": "password"
- }
+ },
+ "use-hostname-for-local-requests": false
}
diff --git a/examples/demo-template/third-party-cdi/src/main/java/org/keycloak/example/oauth/DatabaseClient.java b/examples/demo-template/third-party-cdi/src/main/java/org/keycloak/example/oauth/DatabaseClient.java
index d76c55c..e642605 100755
--- a/examples/demo-template/third-party-cdi/src/main/java/org/keycloak/example/oauth/DatabaseClient.java
+++ b/examples/demo-template/third-party-cdi/src/main/java/org/keycloak/example/oauth/DatabaseClient.java
@@ -7,6 +7,7 @@ import org.apache.http.client.methods.HttpGet;
import org.jboss.logging.Logger;
import org.keycloak.servlet.ServletOAuthClient;
import org.keycloak.util.JsonSerialization;
+import org.keycloak.util.UriUtils;
import javax.enterprise.context.ApplicationScoped;
import javax.faces.application.FacesMessage;
@@ -102,9 +103,18 @@ public class DatabaseClient {
}
public String getBaseUrl() {
- String url = request.getRequestURL().toString();
- return url.substring(0, url.indexOf('/', 8));
+ switch (oauthClient.getRelativeUrlsUsed()) {
+ case ALL_REQUESTS:
+ // Resolve baseURI from the request
+ return UriUtils.getOrigin(request.getRequestURL().toString());
+ case BROWSER_ONLY:
+ // Resolve baseURI from the codeURL (This is already non-relative and based on our hostname)
+ return UriUtils.getOrigin(oauthClient.getCodeUrl());
+ case NEVER:
+ return "";
+ default:
+ return "";
+ }
}
-
}
diff --git a/examples/demo-template/third-party-cdi/src/main/webapp/WEB-INF/keycloak.json b/examples/demo-template/third-party-cdi/src/main/webapp/WEB-INF/keycloak.json
index 559df05..14bbd79 100755
--- a/examples/demo-template/third-party-cdi/src/main/webapp/WEB-INF/keycloak.json
+++ b/examples/demo-template/third-party-cdi/src/main/webapp/WEB-INF/keycloak.json
@@ -5,5 +5,6 @@
"ssl-required" : "external",
"credentials" : {
"secret": "password"
- }
+ },
+ "use-hostname-for-local-requests": false
}
\ No newline at end of file
diff --git a/integration/adapter-core/src/main/java/org/keycloak/adapters/AdapterUtils.java b/integration/adapter-core/src/main/java/org/keycloak/adapters/AdapterUtils.java
new file mode 100644
index 0000000..0048d6a
--- /dev/null
+++ b/integration/adapter-core/src/main/java/org/keycloak/adapters/AdapterUtils.java
@@ -0,0 +1,30 @@
+package org.keycloak.adapters;
+
+import org.keycloak.KeycloakSecurityContext;
+import org.keycloak.util.UriUtils;
+
+/**
+ * @author <a href="mailto:mposolda@redhat.com">Marek Posolda</a>
+ */
+public class AdapterUtils {
+
+ public static String getBaseUrl(String browserRequestURL, KeycloakSecurityContext session) {
+ if (session instanceof RefreshableKeycloakSecurityContext) {
+ KeycloakDeployment deployment = ((RefreshableKeycloakSecurityContext)session).getDeployment();
+ switch (deployment.getRelativeUrls()) {
+ case ALL_REQUESTS:
+ // Resolve baseURI from the request
+ return UriUtils.getOrigin(browserRequestURL);
+ case BROWSER_ONLY:
+ // Resolve baseURI from the codeURL (This is already non-relative and based on our hostname)
+ return UriUtils.getOrigin(deployment.getCodeUrl());
+ case NEVER:
+ return "";
+ default:
+ return "";
+ }
+ } else {
+ return UriUtils.getOrigin(browserRequestURL);
+ }
+ }
+}
diff --git a/integration/servlet-oauth-client/src/main/java/org/keycloak/servlet/ServletOAuthClient.java b/integration/servlet-oauth-client/src/main/java/org/keycloak/servlet/ServletOAuthClient.java
index 9413d61..0e414ec 100755
--- a/integration/servlet-oauth-client/src/main/java/org/keycloak/servlet/ServletOAuthClient.java
+++ b/integration/servlet-oauth-client/src/main/java/org/keycloak/servlet/ServletOAuthClient.java
@@ -8,6 +8,7 @@ import org.keycloak.jose.jws.JWSInput;
import org.keycloak.representations.AccessTokenResponse;
import org.keycloak.representations.IDToken;
import org.keycloak.util.KeycloakUriBuilder;
+import org.keycloak.util.UriUtils;
import javax.servlet.http.Cookie;
import javax.servlet.http.HttpServletRequest;
@@ -161,8 +162,7 @@ public class ServletOAuthClient extends AbstractOAuthClient {
private String getUrl(HttpServletRequest request, String url, boolean isBrowserRequest) {
if (relativeUrlsUsed.useRelative(isBrowserRequest)) {
- String baseUrl = request.getRequestURL().toString();
- baseUrl = baseUrl.substring(0, baseUrl.indexOf('/', 8));
+ String baseUrl = UriUtils.getOrigin(request.getRequestURL().toString());
return baseUrl + url;
} else {
return url;