Details
diff --git a/forms/account-freemarker/src/main/java/org/keycloak/account/freemarker/model/SessionsBean.java b/forms/account-freemarker/src/main/java/org/keycloak/account/freemarker/model/SessionsBean.java
index 173414e..194b983 100755
--- a/forms/account-freemarker/src/main/java/org/keycloak/account/freemarker/model/SessionsBean.java
+++ b/forms/account-freemarker/src/main/java/org/keycloak/account/freemarker/model/SessionsBean.java
@@ -1,9 +1,13 @@
package org.keycloak.account.freemarker.model;
+import org.keycloak.models.ApplicationModel;
+import org.keycloak.models.ClientModel;
+import org.keycloak.models.OAuthClientModel;
import org.keycloak.models.RealmModel;
import org.keycloak.models.UserSessionModel;
import org.keycloak.util.Time;
+import java.util.ArrayList;
import java.util.Date;
import java.util.LinkedList;
import java.util.List;
@@ -50,6 +54,21 @@ public class SessionsBean {
return Time.toDate(max);
}
+ public List<String> getApplications() {
+ List<String> apps = new ArrayList<String>();
+ for (ClientModel client : session.getClientAssociations()) {
+ if (client instanceof ApplicationModel) apps.add(client.getClientId());
+ }
+ return apps;
+ }
+ public List<String> getClients() {
+ List<String> apps = new ArrayList<String>();
+ for (ClientModel client : session.getClientAssociations()) {
+ if (client instanceof OAuthClientModel) apps.add(client.getClientId());
+ }
+ return apps;
+ }
+
}
}
diff --git a/forms/common-themes/src/main/resources/theme/account/base/sessions.ftl b/forms/common-themes/src/main/resources/theme/account/base/sessions.ftl
old mode 100644
new mode 100755
index e424e51..5c9879b
--- a/forms/common-themes/src/main/resources/theme/account/base/sessions.ftl
+++ b/forms/common-themes/src/main/resources/theme/account/base/sessions.ftl
@@ -13,6 +13,8 @@
<td>IP</td>
<td>Started</td>
<td>Expires</td>
+ <td>Applications</td>
+ <td>Clients</td>
</tr>
</thead>
@@ -22,6 +24,20 @@
<td>${session.ipAddress}</td>
<td>${session.started?datetime}</td>
<td>${session.expires?datetime}</td>
+ <td>
+ <ul style="list-style: none; ">
+ <#list session.applications as app>
+ <li>${app}</li>
+ </#list>
+ </ul>
+ </td>
+ <td>
+ <ul style="list-style: none; ">
+ <#list session.clients as client>
+ <li>${client}</li>
+ </#list>
+ </ul>
+ </td>
</tr>
</#list>
</tbody>
diff --git a/services/src/main/java/org/keycloak/services/managers/AppAuthManager.java b/services/src/main/java/org/keycloak/services/managers/AppAuthManager.java
index f67357e..2b2aa08 100755
--- a/services/src/main/java/org/keycloak/services/managers/AppAuthManager.java
+++ b/services/src/main/java/org/keycloak/services/managers/AppAuthManager.java
@@ -21,7 +21,7 @@ public class AppAuthManager extends AuthenticationManager {
super(providerSession);
}
- public UserModel authenticateRequest(RealmModel realm, UriInfo uriInfo, HttpHeaders headers) {
+ public AuthResult authenticateRequest(RealmModel realm, UriInfo uriInfo, HttpHeaders headers) {
AuthResult authResult = authenticateIdentityCookie(realm, uriInfo, headers);
if (authResult != null) {
Cookie remember = headers.getCookies().get(AuthenticationManager.KEYCLOAK_REMEMBER_ME);
@@ -29,7 +29,7 @@ public class AppAuthManager extends AuthenticationManager {
// refresh the cookies!
createLoginCookie(realm, authResult.getUser(), authResult.getSession(), uriInfo, rememberMe);
if (rememberMe) createRememberMeCookie(realm, uriInfo);
- return authResult.getUser();
+ return authResult;
} else {
return authenticateBearerToken(realm, uriInfo, headers);
}
@@ -47,11 +47,11 @@ public class AppAuthManager extends AuthenticationManager {
return tokenString;
}
- public UserModel authenticateBearerToken(RealmModel realm, UriInfo uriInfo, HttpHeaders headers) {
+ public AuthResult authenticateBearerToken(RealmModel realm, UriInfo uriInfo, HttpHeaders headers) {
String tokenString = extractAuthorizationHeaderToken(headers);
if (tokenString == null) return null;
AuthResult authResult = verifyIdentityToken(realm, uriInfo, true, tokenString);
- return authResult != null ? authResult.getUser() : null;
+ return authResult;
}
}
diff --git a/services/src/main/java/org/keycloak/services/managers/RealmManager.java b/services/src/main/java/org/keycloak/services/managers/RealmManager.java
index 19c441f..6ea351a 100755
--- a/services/src/main/java/org/keycloak/services/managers/RealmManager.java
+++ b/services/src/main/java/org/keycloak/services/managers/RealmManager.java
@@ -279,6 +279,8 @@ public class RealmManager {
if (application == null) {
application = new ApplicationManager(this).createApplication(realm, Constants.ACCOUNT_MANAGEMENT_APP);
application.setEnabled(true);
+ String redirectUri = contextPath + "/realms/" + realm.getName() + "/account/*";
+ application.addRedirectUri(redirectUri);
for (String role : AccountRoles.ALL) {
application.addDefaultRole(role);
diff --git a/services/src/main/java/org/keycloak/services/resources/AccountService.java b/services/src/main/java/org/keycloak/services/resources/AccountService.java
index 980ce58..85a1461 100755
--- a/services/src/main/java/org/keycloak/services/resources/AccountService.java
+++ b/services/src/main/java/org/keycloak/services/resources/AccountService.java
@@ -49,6 +49,7 @@ import org.keycloak.provider.ProviderSession;
import org.keycloak.services.ForbiddenException;
import org.keycloak.services.managers.AppAuthManager;
import org.keycloak.services.managers.Auth;
+import org.keycloak.services.managers.AuthenticationManager;
import org.keycloak.services.managers.ModelToRepresentation;
import org.keycloak.services.managers.SocialRequestManager;
import org.keycloak.services.managers.TokenManager;
@@ -148,9 +149,12 @@ public class AccountService {
account = AccountLoader.load().createAccount(uriInfo).setRealm(realm);
boolean passwordUpdateSupported = false;
- UserModel user = authManager.authenticateRequest(realm, uriInfo, headers);
- if (user != null) {
- auth = new Auth(realm, user, application);
+ AuthenticationManager.AuthResult authResult = authManager.authenticateRequest(realm, uriInfo, headers);
+ if (authResult != null) {
+ auth = new Auth(realm, authResult.getUser(), application);
+ if (authResult.getSession() != null) {
+ authResult.getSession().associateClient(application);
+ }
account.setUser(auth.getUser());
AuthenticationLinkModel authLinkModel = realm.getAuthenticationLink(auth.getUser());
diff --git a/services/src/main/java/org/keycloak/services/resources/admin/AdminConsole.java b/services/src/main/java/org/keycloak/services/resources/admin/AdminConsole.java
index ad5cd03..eaf7666 100755
--- a/services/src/main/java/org/keycloak/services/resources/admin/AdminConsole.java
+++ b/services/src/main/java/org/keycloak/services/resources/admin/AdminConsole.java
@@ -18,6 +18,7 @@ import org.keycloak.models.UserModel;
import org.keycloak.provider.ProviderSession;
import org.keycloak.services.managers.AppAuthManager;
import org.keycloak.services.managers.ApplicationManager;
+import org.keycloak.services.managers.AuthenticationManager;
import org.keycloak.services.managers.RealmManager;
import org.keycloak.services.resources.KeycloakApplication;
import org.keycloak.services.resources.TokenService;
@@ -164,10 +165,11 @@ public class AdminConsole {
@NoCache
public Response whoAmI(final @Context HttpHeaders headers) {
RealmManager realmManager = new RealmManager(session);
- UserModel user = authManager.authenticateBearerToken(realm, uriInfo, headers);
- if (user == null) {
+ AuthenticationManager.AuthResult authResult = authManager.authenticateBearerToken(realm, uriInfo, headers);
+ if (authResult == null) {
return Response.status(401).build();
}
+ UserModel user= authResult.getUser();
String displayName;
if ((user.getFirstName() != null && !user.getFirstName().trim().equals("")) || (user.getLastName() != null && !user.getLastName().trim().equals(""))) {
displayName = user.getFirstName();
diff --git a/services/src/main/java/org/keycloak/services/resources/admin/AdminRoot.java b/services/src/main/java/org/keycloak/services/resources/admin/AdminRoot.java
index 88b4be3..8b623a6 100755
--- a/services/src/main/java/org/keycloak/services/resources/admin/AdminRoot.java
+++ b/services/src/main/java/org/keycloak/services/resources/admin/AdminRoot.java
@@ -14,6 +14,7 @@ import org.keycloak.provider.ProviderSession;
import org.keycloak.representations.AccessToken;
import org.keycloak.services.managers.AppAuthManager;
import org.keycloak.services.managers.Auth;
+import org.keycloak.services.managers.AuthenticationManager;
import org.keycloak.services.managers.RealmManager;
import org.keycloak.services.managers.TokenManager;
@@ -116,8 +117,8 @@ public class AdminRoot {
if (realm == null) {
throw new UnauthorizedException("Unknown realm in token");
}
- UserModel user = authManager.authenticateBearerToken(realm, uriInfo, headers);
- if (user == null) {
+ AuthenticationManager.AuthResult authResult = authManager.authenticateBearerToken(realm, uriInfo, headers);
+ if (authResult == null) {
logger.debug("Token not valid");
throw new UnauthorizedException("Bearer");
}
@@ -126,7 +127,7 @@ public class AdminRoot {
if (consoleApp == null) {
throw new NotFoundException("Could not find admin console application");
}
- Auth auth = new Auth(realm, user, consoleApp);
+ Auth auth = new Auth(realm, authResult.getUser(), consoleApp);
return auth;
diff --git a/testsuite/integration/src/main/java/org/keycloak/testutils/KeycloakServer.java b/testsuite/integration/src/main/java/org/keycloak/testutils/KeycloakServer.java
index da3dc68..8fb61dc 100755
--- a/testsuite/integration/src/main/java/org/keycloak/testutils/KeycloakServer.java
+++ b/testsuite/integration/src/main/java/org/keycloak/testutils/KeycloakServer.java
@@ -201,7 +201,7 @@ public class KeycloakServer {
info("Not importing realm " + rep.getRealm() + " realm already exists");
return;
}
-
+ manager.setContextPath("/auth");
RealmModel realm = manager.createRealm(rep.getId(), rep.getRealm());
manager.importRealm(rep, realm);
