Details
diff --git a/examples/cors/angular-product-app/src/main/webapp/index.html b/examples/cors/angular-product-app/src/main/webapp/index.html
index 54bb9d6..6cef8b9 100755
--- a/examples/cors/angular-product-app/src/main/webapp/index.html
+++ b/examples/cors/angular-product-app/src/main/webapp/index.html
@@ -34,6 +34,7 @@
</tbody>
</table>
</div>
+ <hr />
<div>
<h2><span>Realm Roles</span></h2>
<button type="submit" data-ng-click="loadRoles()">load Roles</button>
@@ -52,6 +53,7 @@
</tbody>
</table>
</div>
+ <hr />
<div>
<h2><span>Social providers</span></h2>
<button type="submit" data-ng-click="loadServerInfo()">load available social providers</button>
@@ -67,7 +69,18 @@
</tr>
</tbody>
</table>
- </div>
+ </div>
+ <hr />
+ <div>
+ <h2><span>Realm info</span></h2>
+ <button type="submit" data-ng-click="loadPublicRealmInfo()">Load public realm info</button>
+
+ <div data-ng-show="realm">
+ Realm name: {{realm.realm}} <br/>
+ Public key: {{realm.public_key}} <br/>
+ </div>
+ </div>
+ <hr />
</div>
</body>
</html>
diff --git a/examples/cors/angular-product-app/src/main/webapp/js/app.js b/examples/cors/angular-product-app/src/main/webapp/js/app.js
index 402ab84..699644e 100755
--- a/examples/cors/angular-product-app/src/main/webapp/js/app.js
+++ b/examples/cors/angular-product-app/src/main/webapp/js/app.js
@@ -66,6 +66,12 @@ module.controller('GlobalCtrl', function($scope, $http) {
};
+ $scope.loadPublicRealmInfo = function() {
+ $http.get("http://localhost-auth:8080/auth/realms/cors").success(function(data) {
+ $scope.realm = angular.fromJson(data);
+ });
+ };
+
$scope.logout = logout;
});
diff --git a/services/src/main/java/org/keycloak/services/resources/Cors.java b/services/src/main/java/org/keycloak/services/resources/Cors.java
index b0512ff..68ac2cc 100755
--- a/services/src/main/java/org/keycloak/services/resources/Cors.java
+++ b/services/src/main/java/org/keycloak/services/resources/Cors.java
@@ -34,6 +34,8 @@ public class Cors {
public static final String ACCESS_CONTROL_ALLOW_CREDENTIALS = "Access-Control-Allow-Credentials";
public static final String ACCESS_CONTROL_MAX_AGE = "Access-Control-Max-Age";
+ public static final String ACCESS_CONTROL_ALLOW_ORIGIN_WILDCARD = "*";
+
private HttpRequest request;
private ResponseBuilder builder;
@@ -85,6 +87,13 @@ public class Cors {
return this;
}
+ public Cors allowedOrigins(String... allowedOrigins) {
+ if (allowedOrigins != null && allowedOrigins.length > 0) {
+ this.allowedOrigins = new HashSet<String>(Arrays.asList(allowedOrigins));
+ }
+ return this;
+ }
+
public Cors allowedMethods(String... allowedMethods) {
this.allowedMethods = new HashSet<String>(Arrays.asList(allowedMethods));
return this;
@@ -101,7 +110,7 @@ public class Cors {
return builder.build();
}
- if (!preflight && (allowedOrigins == null || !allowedOrigins.contains(origin))) {
+ if (!preflight && (allowedOrigins == null || (!allowedOrigins.contains(origin) && !allowedOrigins.contains(ACCESS_CONTROL_ALLOW_ORIGIN_WILDCARD)))) {
return builder.build();
}
@@ -135,7 +144,7 @@ public class Cors {
return;
}
- if (!preflight && (allowedOrigins == null || !allowedOrigins.contains(origin))) {
+ if (!preflight && (allowedOrigins == null || (!allowedOrigins.contains(origin) && !allowedOrigins.contains(ACCESS_CONTROL_ALLOW_ORIGIN_WILDCARD)))) {
logger.debug("!preflight and no origin");
return;
}
diff --git a/services/src/main/java/org/keycloak/services/resources/PublicRealmResource.java b/services/src/main/java/org/keycloak/services/resources/PublicRealmResource.java
index 565303c..49b5ec5 100755
--- a/services/src/main/java/org/keycloak/services/resources/PublicRealmResource.java
+++ b/services/src/main/java/org/keycloak/services/resources/PublicRealmResource.java
@@ -2,13 +2,18 @@ package org.keycloak.services.resources;
import org.jboss.logging.Logger;
import org.jboss.resteasy.annotations.cache.NoCache;
+import org.jboss.resteasy.spi.HttpRequest;
+import org.jboss.resteasy.spi.HttpResponse;
import org.keycloak.models.RealmModel;
import org.keycloak.representations.idm.PublishedRealmRepresentation;
import org.keycloak.services.resources.admin.AdminRoot;
import javax.ws.rs.GET;
+import javax.ws.rs.OPTIONS;
+import javax.ws.rs.Path;
import javax.ws.rs.Produces;
import javax.ws.rs.core.Context;
+import javax.ws.rs.core.Response;
import javax.ws.rs.core.UriInfo;
/**
@@ -23,6 +28,12 @@ public class PublicRealmResource {
@Context
protected UriInfo uriInfo;
+ @Context
+ protected HttpRequest request;
+
+ @Context
+ protected HttpResponse response;
+
protected RealmModel realm;
public PublicRealmResource(RealmModel realm) {
@@ -30,6 +41,17 @@ public class PublicRealmResource {
}
/**
+ * CORS preflight
+ *
+ * @return
+ */
+ @Path("/")
+ @OPTIONS
+ public Response accountPreflight() {
+ return Cors.add(request, Response.ok()).auth().preflight().build();
+ }
+
+ /**
* Public information about the realm.
*
* @return
@@ -38,6 +60,7 @@ public class PublicRealmResource {
@NoCache
@Produces("application/json")
public PublishedRealmRepresentation getRealm() {
+ Cors.add(request).allowedOrigins(Cors.ACCESS_CONTROL_ALLOW_ORIGIN_WILDCARD).auth().build(response);
return realmRep(realm, uriInfo);
}
