keycloak-aplcache
Changes
adapters/oidc/spring-security/src/main/java/org/keycloak/adapters/springsecurity/authentication/HttpHeaderInspectingApiRequestMatcher.java 6(+1 -5)
Details
diff --git a/adapters/oidc/spring-security/src/main/java/org/keycloak/adapters/springsecurity/authentication/HttpHeaderInspectingApiRequestMatcher.java b/adapters/oidc/spring-security/src/main/java/org/keycloak/adapters/springsecurity/authentication/HttpHeaderInspectingApiRequestMatcher.java
index bf89c38..3f18a8b 100644
--- a/adapters/oidc/spring-security/src/main/java/org/keycloak/adapters/springsecurity/authentication/HttpHeaderInspectingApiRequestMatcher.java
+++ b/adapters/oidc/spring-security/src/main/java/org/keycloak/adapters/springsecurity/authentication/HttpHeaderInspectingApiRequestMatcher.java
@@ -45,11 +45,7 @@ public class HttpHeaderInspectingApiRequestMatcher implements RequestMatcher {
*/
@Override
public boolean matches(HttpServletRequest request) {
- boolean ajax = X_REQUESTED_WITH_HEADER_AJAX_VALUE.equals(request.getHeader(X_REQUESTED_WITH_HEADER));
- boolean html = request.getHeader(HttpHeaders.ACCEPT) != null && request.getHeader(HttpHeaders.ACCEPT).contains(
- MediaType.TEXT_HTML_VALUE);
-
- return ajax || !html;
+ return X_REQUESTED_WITH_HEADER_AJAX_VALUE.equals(request.getHeader(X_REQUESTED_WITH_HEADER));
}
}
diff --git a/adapters/oidc/spring-security/src/test/java/org/keycloak/adapters/springsecurity/authentication/HttpHeaderInspectingApiRequestMatcherTest.java b/adapters/oidc/spring-security/src/test/java/org/keycloak/adapters/springsecurity/authentication/HttpHeaderInspectingApiRequestMatcherTest.java
index 8e6ab80..d050eb5 100644
--- a/adapters/oidc/spring-security/src/test/java/org/keycloak/adapters/springsecurity/authentication/HttpHeaderInspectingApiRequestMatcherTest.java
+++ b/adapters/oidc/spring-security/src/test/java/org/keycloak/adapters/springsecurity/authentication/HttpHeaderInspectingApiRequestMatcherTest.java
@@ -40,13 +40,8 @@ public class HttpHeaderInspectingApiRequestMatcherTest {
}
@Test
- public void testMatches() throws Exception {
- assertTrue(apiRequestMatcher.matches(request));
- }
-
- @Test
public void testMatchesBrowserRequest() throws Exception {
- request.addHeader(HttpHeaders.ACCEPT, "text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8");
+ request.addHeader(HttpHeaders.ACCEPT, "application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8");
assertFalse(apiRequestMatcher.matches(request));
}
@@ -55,7 +50,7 @@ public class HttpHeaderInspectingApiRequestMatcherTest {
request.addHeader(
HttpHeaderInspectingApiRequestMatcher.X_REQUESTED_WITH_HEADER,
HttpHeaderInspectingApiRequestMatcher.X_REQUESTED_WITH_HEADER_AJAX_VALUE);
+
assertTrue(apiRequestMatcher.matches(request));
}
-
}
diff --git a/adapters/oidc/spring-security/src/test/java/org/keycloak/adapters/springsecurity/authentication/KeycloakAuthenticationEntryPointTest.java b/adapters/oidc/spring-security/src/test/java/org/keycloak/adapters/springsecurity/authentication/KeycloakAuthenticationEntryPointTest.java
index ba9fb81..e90d753 100644
--- a/adapters/oidc/spring-security/src/test/java/org/keycloak/adapters/springsecurity/authentication/KeycloakAuthenticationEntryPointTest.java
+++ b/adapters/oidc/spring-security/src/test/java/org/keycloak/adapters/springsecurity/authentication/KeycloakAuthenticationEntryPointTest.java
@@ -24,6 +24,7 @@ import org.springframework.http.HttpStatus;
import org.springframework.mock.web.MockHttpServletRequest;
import org.springframework.mock.web.MockHttpServletResponse;
+import static junit.framework.TestCase.assertNull;
import static org.junit.Assert.assertEquals;
import static org.junit.Assert.assertNotNull;
import org.keycloak.adapters.AdapterDeploymentContext;
@@ -86,8 +87,8 @@ public class KeycloakAuthenticationEntryPointTest {
public void testCommenceWithUnauthorizedWithAccept() throws Exception {
request.addHeader(HttpHeaders.ACCEPT, "application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8");
authenticationEntryPoint.commence(request, response, null);
- assertEquals(HttpStatus.UNAUTHORIZED.value(), response.getStatus());
- assertNotNull(response.getHeader(HttpHeaders.WWW_AUTHENTICATE));
+ assertEquals(HttpStatus.FOUND.value(), response.getStatus());
+ assertNull(response.getHeader(HttpHeaders.WWW_AUTHENTICATE));
}
@Test