keycloak-aplcache
Changes
integration/adapter-core/src/main/java/org/keycloak/adapters/OAuthRequestAuthenticator.java 3(+2 -1)
Details
diff --git a/integration/adapter-core/src/main/java/org/keycloak/adapters/OAuthRequestAuthenticator.java b/integration/adapter-core/src/main/java/org/keycloak/adapters/OAuthRequestAuthenticator.java
index c7ec9fc..b13b3cb 100755
--- a/integration/adapter-core/src/main/java/org/keycloak/adapters/OAuthRequestAuthenticator.java
+++ b/integration/adapter-core/src/main/java/org/keycloak/adapters/OAuthRequestAuthenticator.java
@@ -242,7 +242,8 @@ public abstract class OAuthRequestAuthenticator {
protected AuthChallenge resolveCode(String code) {
// abort if not HTTPS
if (deployment.isSslRequired() && !isRequestSecure()) {
- log.error("SSL is required");
+
+ log.error("Adapter requires SSL. Request: " + facade.getRequest().getURI());
return challenge(403);
}
diff --git a/integration/undertow/src/main/java/org/keycloak/adapters/undertow/ServletKeycloakAuthMech.java b/integration/undertow/src/main/java/org/keycloak/adapters/undertow/ServletKeycloakAuthMech.java
index d35b752..26a735f 100755
--- a/integration/undertow/src/main/java/org/keycloak/adapters/undertow/ServletKeycloakAuthMech.java
+++ b/integration/undertow/src/main/java/org/keycloak/adapters/undertow/ServletKeycloakAuthMech.java
@@ -51,12 +51,22 @@ public class ServletKeycloakAuthMech implements AuthenticationMechanism {
}
protected ServletRequestAuthenticator createRequestAuthenticator(KeycloakDeployment deployment, HttpServerExchange exchange, SecurityContext securityContext, UndertowHttpFacade facade) {
- int confidentialPort = 8443;
- if (portManager != null) confidentialPort = portManager.getConfidentialPort(exchange);
+
+ int confidentialPort = getConfidentilPort(exchange);
return new ServletRequestAuthenticator(facade, deployment,
confidentialPort, securityContext, exchange, userSessionManagement);
}
+ protected int getConfidentilPort(HttpServerExchange exchange) {
+ int confidentialPort = 8443;
+ if (exchange.getRequestScheme().equalsIgnoreCase("HTTPS")) {
+ confidentialPort = exchange.getHostPort();
+ } else if (portManager != null) {
+ confidentialPort = portManager.getConfidentialPort(exchange);
+ }
+ return confidentialPort;
+ }
+
@Override
public ChallengeResult sendChallenge(HttpServerExchange exchange, SecurityContext securityContext) {
AuthChallenge challenge = exchange.getAttachment(KEYCLOAK_CHALLENGE_ATTACHMENT_KEY);
diff --git a/integration/undertow/src/main/java/org/keycloak/adapters/undertow/UndertowHttpFacade.java b/integration/undertow/src/main/java/org/keycloak/adapters/undertow/UndertowHttpFacade.java
index f610443..9426128 100755
--- a/integration/undertow/src/main/java/org/keycloak/adapters/undertow/UndertowHttpFacade.java
+++ b/integration/undertow/src/main/java/org/keycloak/adapters/undertow/UndertowHttpFacade.java
@@ -6,6 +6,7 @@ import io.undertow.server.handlers.CookieImpl;
import io.undertow.util.AttachmentKey;
import io.undertow.util.Headers;
import io.undertow.util.HttpString;
+import org.jboss.logging.Logger;
import org.keycloak.KeycloakSecurityContext;
import org.keycloak.adapters.AuthChallenge;
import org.keycloak.adapters.HttpFacade;
@@ -24,6 +25,7 @@ import java.util.Map;
* @version $Revision: 1 $
*/
public class UndertowHttpFacade implements HttpFacade {
+ private static final Logger log = Logger.getLogger(UndertowHttpFacade.class);
public static final AttachmentKey<KeycloakSecurityContext> KEYCLOAK_SECURITY_CONTEXT_KEY = AttachmentKey.create(KeycloakSecurityContext.class);
protected HttpServerExchange exchange;
@@ -41,7 +43,8 @@ public class UndertowHttpFacade implements HttpFacade {
@Override
public boolean isSecure() {
- return exchange.getProtocol().toString().equalsIgnoreCase("https");
+ String protocol = exchange.getRequestScheme();
+ return protocol.equalsIgnoreCase("https");
}
@Override
diff --git a/integration/wildfly-adapter/src/main/java/org/keycloak/adapters/wildfly/WildflyAuthenticationMechanism.java b/integration/wildfly-adapter/src/main/java/org/keycloak/adapters/wildfly/WildflyAuthenticationMechanism.java
index 58639df..4963c0a 100755
--- a/integration/wildfly-adapter/src/main/java/org/keycloak/adapters/wildfly/WildflyAuthenticationMechanism.java
+++ b/integration/wildfly-adapter/src/main/java/org/keycloak/adapters/wildfly/WildflyAuthenticationMechanism.java
@@ -24,7 +24,8 @@ public class WildflyAuthenticationMechanism extends ServletKeycloakAuthMech {
@Override
protected ServletRequestAuthenticator createRequestAuthenticator(KeycloakDeployment deployment, HttpServerExchange exchange, SecurityContext securityContext, UndertowHttpFacade facade) {
+ int confidentialPort = getConfidentilPort(exchange);
return new WildflyRequestAuthenticator(facade, deployment,
- portManager.getConfidentialPort(exchange), securityContext, exchange, userSessionManagement);
+ confidentialPort, securityContext, exchange, userSessionManagement);
}
}