From 13e92cdb35d84cb2663a36bf4775134a05f1a429 Mon Sep 17 00:00:00 2001 From: Pedro Igor Date: Mon, 23 Jan 2017 21:27:14 -0200 Subject: [PATCH] [KEYCLOAK-3261] - Properly handle apps deployed at the ROOT context --- .../adapters/authorization/AbstractPolicyEnforcer.java | 3 +-- .../src/main/java/org/keycloak/jaxrs/JaxrsHttpFacade.java | 5 +++++ .../main/java/org/keycloak/servlet/ServletOAuthClient.java | 5 +++++ .../springsecurity/facade/WrappedHttpServletRequest.java | 5 +++++ .../main/java/org/keycloak/adapters/spi/HttpFacade.java | 7 +++++++ .../org/keycloak/adapters/jetty/spi/JettyHttpFacade.java | 5 +++++ .../org/keycloak/adapters/servlet/ServletHttpFacade.java | 5 +++++ .../org/keycloak/adapters/tomcat/CatalinaHttpFacade.java | 5 +++++ .../org/keycloak/adapters/undertow/UndertowHttpFacade.java | 5 +++++ .../org/keycloak/example/OfflineAccessPortalServlet.java | 5 +++++ 10 files changed, 48 insertions(+), 2 deletions(-) diff --git a/adapters/oidc/adapter-core/src/main/java/org/keycloak/adapters/authorization/AbstractPolicyEnforcer.java b/adapters/oidc/adapter-core/src/main/java/org/keycloak/adapters/authorization/AbstractPolicyEnforcer.java index 1673aa603498..18a93a7410ca 100644 --- a/adapters/oidc/adapter-core/src/main/java/org/keycloak/adapters/authorization/AbstractPolicyEnforcer.java +++ b/adapters/oidc/adapter-core/src/main/java/org/keycloak/adapters/authorization/AbstractPolicyEnforcer.java @@ -253,8 +253,7 @@ private PathConfig resolvePathConfig(PathConfig originalConfig, Request request) } private String getPath(Request request) { - String pathInfo = URI.create(request.getURI()).getPath().substring(1); - return pathInfo.substring(pathInfo.indexOf('/'), pathInfo.length()); + return request.getRelativePath(); } private Set getRequiredScopes(PathConfig pathConfig, Request request) { diff --git a/adapters/oidc/jaxrs-oauth-client/src/main/java/org/keycloak/jaxrs/JaxrsHttpFacade.java b/adapters/oidc/jaxrs-oauth-client/src/main/java/org/keycloak/jaxrs/JaxrsHttpFacade.java index 82ecc0b30810..1a0eb9c87490 100755 --- a/adapters/oidc/jaxrs-oauth-client/src/main/java/org/keycloak/jaxrs/JaxrsHttpFacade.java +++ b/adapters/oidc/jaxrs-oauth-client/src/main/java/org/keycloak/jaxrs/JaxrsHttpFacade.java @@ -66,6 +66,11 @@ public String getURI() { return requestContext.getUriInfo().getRequestUri().toString(); } + @Override + public String getRelativePath() { + return requestContext.getUriInfo().getPath(); + } + @Override public boolean isSecure() { return securityContext.isSecure(); diff --git a/adapters/oidc/servlet-oauth-client/src/main/java/org/keycloak/servlet/ServletOAuthClient.java b/adapters/oidc/servlet-oauth-client/src/main/java/org/keycloak/servlet/ServletOAuthClient.java index 966006204e6f..9e4fa0ad8f81 100755 --- a/adapters/oidc/servlet-oauth-client/src/main/java/org/keycloak/servlet/ServletOAuthClient.java +++ b/adapters/oidc/servlet-oauth-client/src/main/java/org/keycloak/servlet/ServletOAuthClient.java @@ -218,6 +218,11 @@ public String getURI() { return servletRequest.getRequestURL().toString(); } + @Override + public String getRelativePath() { + return servletRequest.getServletPath(); + } + @Override public boolean isSecure() { return servletRequest.isSecure(); diff --git a/adapters/oidc/spring-security/src/main/java/org/keycloak/adapters/springsecurity/facade/WrappedHttpServletRequest.java b/adapters/oidc/spring-security/src/main/java/org/keycloak/adapters/springsecurity/facade/WrappedHttpServletRequest.java index e0cfd69fdec5..848ca459f78e 100755 --- a/adapters/oidc/spring-security/src/main/java/org/keycloak/adapters/springsecurity/facade/WrappedHttpServletRequest.java +++ b/adapters/oidc/spring-security/src/main/java/org/keycloak/adapters/springsecurity/facade/WrappedHttpServletRequest.java @@ -70,6 +70,11 @@ public String getURI() { return buf.toString(); } + @Override + public String getRelativePath() { + return request.getServletPath(); + } + @Override public boolean isSecure() { return request.isSecure(); diff --git a/adapters/spi/adapter-spi/src/main/java/org/keycloak/adapters/spi/HttpFacade.java b/adapters/spi/adapter-spi/src/main/java/org/keycloak/adapters/spi/HttpFacade.java index a01182407fc7..24292868f495 100755 --- a/adapters/spi/adapter-spi/src/main/java/org/keycloak/adapters/spi/HttpFacade.java +++ b/adapters/spi/adapter-spi/src/main/java/org/keycloak/adapters/spi/HttpFacade.java @@ -43,6 +43,13 @@ interface Request { */ String getURI(); + /** + * Get the request relative path. + * + * @return the request relative path + */ + String getRelativePath(); + /** * HTTPS? * diff --git a/adapters/spi/jetty-adapter-spi/src/main/java/org/keycloak/adapters/jetty/spi/JettyHttpFacade.java b/adapters/spi/jetty-adapter-spi/src/main/java/org/keycloak/adapters/jetty/spi/JettyHttpFacade.java index 2fc525e5dde1..dac79736dc43 100755 --- a/adapters/spi/jetty-adapter-spi/src/main/java/org/keycloak/adapters/jetty/spi/JettyHttpFacade.java +++ b/adapters/spi/jetty-adapter-spi/src/main/java/org/keycloak/adapters/jetty/spi/JettyHttpFacade.java @@ -78,6 +78,11 @@ public String getURI() { return buf.toString(); } + @Override + public String getRelativePath() { + return request.getServletPath(); + } + @Override public String getFirstParam(String param) { return request.getParameter(param); diff --git a/adapters/spi/servlet-adapter-spi/src/main/java/org/keycloak/adapters/servlet/ServletHttpFacade.java b/adapters/spi/servlet-adapter-spi/src/main/java/org/keycloak/adapters/servlet/ServletHttpFacade.java index 43349ab6415b..6d99560bfaee 100755 --- a/adapters/spi/servlet-adapter-spi/src/main/java/org/keycloak/adapters/servlet/ServletHttpFacade.java +++ b/adapters/spi/servlet-adapter-spi/src/main/java/org/keycloak/adapters/servlet/ServletHttpFacade.java @@ -65,6 +65,11 @@ public String getURI() { return buf.toString(); } + @Override + public String getRelativePath() { + return request.getServletPath(); + } + @Override public boolean isSecure() { return request.isSecure(); diff --git a/adapters/spi/tomcat-adapter-spi/src/main/java/org/keycloak/adapters/tomcat/CatalinaHttpFacade.java b/adapters/spi/tomcat-adapter-spi/src/main/java/org/keycloak/adapters/tomcat/CatalinaHttpFacade.java index 315635deb5ce..c47256491454 100755 --- a/adapters/spi/tomcat-adapter-spi/src/main/java/org/keycloak/adapters/tomcat/CatalinaHttpFacade.java +++ b/adapters/spi/tomcat-adapter-spi/src/main/java/org/keycloak/adapters/tomcat/CatalinaHttpFacade.java @@ -78,6 +78,11 @@ public String getURI() { return buf.toString(); } + @Override + public String getRelativePath() { + return request.getServletPath(); + } + @Override public boolean isSecure() { return request.isSecure(); diff --git a/adapters/spi/undertow-adapter-spi/src/main/java/org/keycloak/adapters/undertow/UndertowHttpFacade.java b/adapters/spi/undertow-adapter-spi/src/main/java/org/keycloak/adapters/undertow/UndertowHttpFacade.java index a14e0b79ce83..21102f1224be 100755 --- a/adapters/spi/undertow-adapter-spi/src/main/java/org/keycloak/adapters/undertow/UndertowHttpFacade.java +++ b/adapters/spi/undertow-adapter-spi/src/main/java/org/keycloak/adapters/undertow/UndertowHttpFacade.java @@ -83,6 +83,11 @@ public String getURI() { return uriBuilder.build().toString(); } + @Override + public String getRelativePath() { + return exchange.getRelativePath(); + } + @Override public boolean isSecure() { String protocol = exchange.getRequestScheme(); diff --git a/examples/demo-template/offline-access-app/src/main/java/org/keycloak/example/OfflineAccessPortalServlet.java b/examples/demo-template/offline-access-app/src/main/java/org/keycloak/example/OfflineAccessPortalServlet.java index 3783c1248c77..cd912d7c1aaf 100755 --- a/examples/demo-template/offline-access-app/src/main/java/org/keycloak/example/OfflineAccessPortalServlet.java +++ b/examples/demo-template/offline-access-app/src/main/java/org/keycloak/example/OfflineAccessPortalServlet.java @@ -181,6 +181,11 @@ public String getURI() { return servletRequest.getRequestURL().toString(); } + @Override + public String getRelativePath() { + return servletRequest.getServletPath(); + } + @Override public boolean isSecure() { return servletRequest.isSecure();