From 3882f0eb56e0b699c071f77bb914b6739b163deb Mon Sep 17 00:00:00 2001
From: Jacek Kowalski <Jacek@jacekk.info>
Date: Mon, 19 Oct 2020 22:26:27 +0000
Subject: [PATCH] Fix CAS gateway option handling

---
 src/main/java/org/keycloak/protocol/cas/CASLoginProtocol.java |    8 +++++++-
 1 files changed, 7 insertions(+), 1 deletions(-)

diff --git a/src/main/java/org/keycloak/protocol/cas/CASLoginProtocol.java b/src/main/java/org/keycloak/protocol/cas/CASLoginProtocol.java
index 4557c7a..53f0a32 100644
--- a/src/main/java/org/keycloak/protocol/cas/CASLoginProtocol.java
+++ b/src/main/java/org/keycloak/protocol/cas/CASLoginProtocol.java
@@ -12,6 +12,7 @@
 import org.keycloak.protocol.cas.utils.LogoutHelper;
 import org.keycloak.protocol.oidc.utils.OAuth2Code;
 import org.keycloak.protocol.oidc.utils.OAuth2CodeParser;
+import org.keycloak.services.ErrorPage;
 import org.keycloak.services.managers.ResourceAdminManager;
 import org.keycloak.sessions.AuthenticationSessionModel;
 
@@ -111,7 +112,12 @@
 
     @Override
     public Response sendError(AuthenticationSessionModel authSession, Error error) {
-        return Response.serverError().entity(error).build();
+        if (authSession.getClientNotes().containsKey(CASLoginProtocol.GATEWAY_PARAM)) {
+            if (error == Error.PASSIVE_INTERACTION_REQUIRED || error == Error.PASSIVE_LOGIN_REQUIRED) {
+                return Response.status(302).location(URI.create(authSession.getRedirectUri())).build();
+            }
+        }
+        return ErrorPage.error(session, authSession, Response.Status.INTERNAL_SERVER_ERROR, error.name());
     }
 
     @Override

--
Gitblit v1.9.1