Prosoft Git

keycloak-aplcache

KEYCLOAK-5352 Basic Auth fails if password contains a ':'

11/8/2017 1:24:09 AM
Xiaojian Liu

Xiaojian Liu

Commit: 9ff22f5

Tree: b87f09c

Parents: e1af9f1

Changes

adapters/oidc/adapter-core/src/main/java/org/keycloak/adapters/BasicAuthRequestAuthenticator.java 4(+2 -2)

services/src/main/java/org/keycloak/protocol/saml/profile/ecp/authenticator/HttpBasicAuthenticator.java 6(+3 -3)

Details

adapters/oidc/adapter-core/src/main/java/org/keycloak/adapters/BasicAuthRequestAuthenticator.java 4(+2 -2) 

diff --git a/adapters/oidc/adapter-core/src/main/java/org/keycloak/adapters/BasicAuthRequestAuthenticator.java b/adapters/oidc/adapter-core/src/main/java/org/keycloak/adapters/BasicAuthRequestAuthenticator.java
index a787eaa..0cbdca9 100755
--- a/adapters/oidc/adapter-core/src/main/java/org/keycloak/adapters/BasicAuthRequestAuthenticator.java
+++ b/adapters/oidc/adapter-core/src/main/java/org/keycloak/adapters/BasicAuthRequestAuthenticator.java
@@ -71,11 +71,11 @@ public class BasicAuthRequestAuthenticator extends BearerTokenRequestAuthenticat
         AccessTokenResponse atr=null;        
         try {
             String userpw=new String(Base64.decode(tokenString));
+            log.debug("Username and password string for basic auth is: " + userpw);
             int seperatorIndex = userpw.indexOf(":");
             String user = userpw.substring(0, seperatorIndex);
             String pw = userpw.substring(seperatorIndex + 1);
-            log.debug("user: " + user);
-            log.debug("pw: " + pw);
+            log.debug("Username for token  is: " + user + ", password is: " + pw);
             atr = getToken(user, pw);
             tokenString = atr.getToken();
         } catch (Exception e) {

services/src/main/java/org/keycloak/protocol/saml/profile/ecp/authenticator/HttpBasicAuthenticator.java 6(+3 -3) 

diff --git a/services/src/main/java/org/keycloak/protocol/saml/profile/ecp/authenticator/HttpBasicAuthenticator.java b/services/src/main/java/org/keycloak/protocol/saml/profile/ecp/authenticator/HttpBasicAuthenticator.java
index 85be04f..c0dd43f 100644
--- a/services/src/main/java/org/keycloak/protocol/saml/profile/ecp/authenticator/HttpBasicAuthenticator.java
+++ b/services/src/main/java/org/keycloak/protocol/saml/profile/ecp/authenticator/HttpBasicAuthenticator.java
@@ -98,12 +98,12 @@ public class HttpBasicAuthenticator implements Authenticator {
 
         try {
             String val = new String(Base64.decode(credentials));
+            log.debug("Username and password string is: " + val);
             int seperatorIndex = val.indexOf(":");
-            if(seperatorIndex == -1) return null;
+            if(seperatorIndex == -1) return new String[]{val};
             String user = val.substring(0, seperatorIndex);
             String pw = val.substring(seperatorIndex + 1);
-            log.debug("user: " + user);
-            log.debug("pw: " + pw);
+            log.debug("Resolved username is: " + user + ", password is: " + pw);
             return new String[]{user,pw};
         } catch (final IOException e) {
             throw new RuntimeException("Failed to parse credentials.", e);

Bonobo Git Server (6.3.0.632) © 2015 Jakub Chodounský · Official Page · Github