mirror of https://github.com/jacekkow/keycloak-protocol-cas
src/main/java/org/keycloak/protocol/cas/endpoints/AbstractValidateEndpoint.java
@@ -1,11 +1,7 @@ package org.keycloak.protocol.cas.endpoints; import jakarta.ws.rs.core.Context; import jakarta.ws.rs.core.HttpHeaders; import jakarta.ws.rs.core.Response; import org.jboss.logging.Logger; import org.jboss.resteasy.spi.HttpRequest; import org.keycloak.common.ClientConnection; import org.keycloak.events.Details; import org.keycloak.events.Errors; import org.keycloak.events.EventBuilder; @@ -27,26 +23,20 @@ public abstract class AbstractValidateEndpoint { protected final Logger logger = Logger.getLogger(getClass()); @Context protected KeycloakSession session; @Context protected ClientConnection clientConnection; @Context protected HttpRequest request; @Context protected HttpHeaders headers; protected RealmModel realm; protected EventBuilder event; protected ClientModel client; protected AuthenticatedClientSessionModel clientSession; public AbstractValidateEndpoint(RealmModel realm, EventBuilder event) { public AbstractValidateEndpoint(KeycloakSession session, RealmModel realm, EventBuilder event) { this.session = session; this.realm = realm; this.event = event; } protected void checkSsl() { if (!session.getContext().getUri().getBaseUri().getScheme().equals("https") && realm.getSslRequired().isRequired(clientConnection)) { if (!session.getContext().getUri().getBaseUri().getScheme().equals("https") && realm.getSslRequired().isRequired(session.getContext().getConnection())) { throw new CASValidationException(CASErrorCode.INVALID_REQUEST, "HTTPS required", Response.Status.FORBIDDEN); } }
