From 281a7ed1c82d92bbf09c18ca1bbdff19d1bc0e05 Mon Sep 17 00:00:00 2001
From: Mateusz Małek <ieg3lwut8aippmr7tzhqyznn@noreply.damisa.net>
Date: Tue, 08 Nov 2022 09:07:44 +0000
Subject: [PATCH] Match Apereo CAS behavior with regard to single log-out

---
 src/main/java/org/keycloak/protocol/cas/endpoints/AbstractValidateEndpoint.java |    4 ++--
 1 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/src/main/java/org/keycloak/protocol/cas/endpoints/AbstractValidateEndpoint.java b/src/main/java/org/keycloak/protocol/cas/endpoints/AbstractValidateEndpoint.java
index dd6e1b3..b480679 100644
--- a/src/main/java/org/keycloak/protocol/cas/endpoints/AbstractValidateEndpoint.java
+++ b/src/main/java/org/keycloak/protocol/cas/endpoints/AbstractValidateEndpoint.java
@@ -63,7 +63,7 @@
 
         client = realm.getClients().stream()
                 .filter(c -> CASLoginProtocol.LOGIN_PROTOCOL.equals(c.getProtocol()))
-                .filter(c -> RedirectUtils.verifyRedirectUri(session.getContext().getUri(), service, realm, c) != null)
+                .filter(c -> RedirectUtils.verifyRedirectUri(session, service, c) != null)
                 .findFirst().orElse(null);
         if (client == null) {
             event.error(Errors.CLIENT_NOT_FOUND);
@@ -153,7 +153,7 @@
     protected Map<String, Object> getUserAttributes() {
         UserSessionModel userSession = clientSession.getUserSession();
         // CAS protocol does not support scopes, so pass null scopeParam
-        ClientSessionContext clientSessionCtx = DefaultClientSessionContext.fromClientSessionAndScopeParameter(clientSession, null);
+        ClientSessionContext clientSessionCtx = DefaultClientSessionContext.fromClientSessionAndScopeParameter(clientSession, null, session);
 
         Set<ProtocolMapperModel> mappings = clientSessionCtx.getProtocolMappers();
         KeycloakSessionFactory sessionFactory = session.getKeycloakSessionFactory();

--
Gitblit v1.9.1