From 6fff26d1517dbcec6dfb3f181bda418577ea3b17 Mon Sep 17 00:00:00 2001 From: Jacek Kowalski <Jacek@jacekk.info> Date: Fri, 24 Nov 2023 13:37:32 +0000 Subject: [PATCH] ContextTypeHelper: do account for the "Accept" header (per CAS specs) --- src/main/java/org/keycloak/protocol/cas/endpoints/ServiceValidateEndpoint.java | 2 +- src/main/java/org/keycloak/protocol/cas/utils/ContentTypeHelper.java | 26 ++++++++++---------------- src/test/java/org/keycloak/protocol/cas/ContentTypeHelperTest.java | 32 +++++++------------------------- 3 files changed, 18 insertions(+), 42 deletions(-) diff --git a/src/main/java/org/keycloak/protocol/cas/endpoints/ServiceValidateEndpoint.java b/src/main/java/org/keycloak/protocol/cas/endpoints/ServiceValidateEndpoint.java index 3d04ef1..d6b459d 100644 --- a/src/main/java/org/keycloak/protocol/cas/endpoints/ServiceValidateEndpoint.java +++ b/src/main/java/org/keycloak/protocol/cas/endpoints/ServiceValidateEndpoint.java @@ -37,7 +37,7 @@ } private Response prepare(Response.Status status, CASServiceResponse serviceResponse) { - MediaType responseMediaType = new ContentTypeHelper(request, restRequest, session.getContext().getUri()).selectResponseType(); + MediaType responseMediaType = new ContentTypeHelper(session.getContext().getUri()).selectResponseType(); return ServiceResponseHelper.createResponse(status, responseMediaType, serviceResponse); } } diff --git a/src/main/java/org/keycloak/protocol/cas/utils/ContentTypeHelper.java b/src/main/java/org/keycloak/protocol/cas/utils/ContentTypeHelper.java index 789c8f9..f74b9f5 100644 --- a/src/main/java/org/keycloak/protocol/cas/utils/ContentTypeHelper.java +++ b/src/main/java/org/keycloak/protocol/cas/utils/ContentTypeHelper.java @@ -1,33 +1,27 @@ package org.keycloak.protocol.cas.utils; -import jakarta.ws.rs.BadRequestException; import jakarta.ws.rs.core.*; -import org.jboss.resteasy.spi.HttpRequest; import org.keycloak.protocol.cas.CASLoginProtocol; +import org.keycloak.protocol.cas.representations.CASErrorCode; public class ContentTypeHelper { - private final HttpRequest request; - private final Request restRequest; private final UriInfo uriInfo; - public ContentTypeHelper(HttpRequest request, Request restRequest, UriInfo uriInfo) { - this.request = request; - this.restRequest = restRequest; + public ContentTypeHelper(UriInfo uriInfo) { this.uriInfo = uriInfo; } public MediaType selectResponseType() { String format = uriInfo.getQueryParameters().getFirst(CASLoginProtocol.FORMAT_PARAM); if (format != null && !format.isEmpty()) { - //if parameter is set, it overrides all header values (see spec section 2.5.1) - request.getMutableHeaders().putSingle(HttpHeaders.ACCEPT, "application/" + format.toLowerCase()); + if (format.equalsIgnoreCase("json")) { + return MediaType.APPLICATION_JSON_TYPE; + } else if (format.equalsIgnoreCase("xml")) { + return MediaType.APPLICATION_XML_TYPE; + } else { + throw new CASValidationException(CASErrorCode.INVALID_REQUEST, "Unsupported value of parameter " + CASLoginProtocol.FORMAT_PARAM, Response.Status.BAD_REQUEST); + } } - try { - Variant variant = restRequest.selectVariant(Variant.mediaTypes(MediaType.APPLICATION_XML_TYPE, MediaType.APPLICATION_JSON_TYPE).build()); - return variant == null ? MediaType.APPLICATION_XML_TYPE : variant.getMediaType(); - } catch (BadRequestException e) { - //the default Accept header set by java.net.HttpURLConnection is invalid (cf. RESTEASY-960) - return MediaType.APPLICATION_XML_TYPE; - } + return MediaType.APPLICATION_XML_TYPE; } } diff --git a/src/test/java/org/keycloak/protocol/cas/ContentTypeHelperTest.java b/src/test/java/org/keycloak/protocol/cas/ContentTypeHelperTest.java index 9bca8b9..826213f 100644 --- a/src/test/java/org/keycloak/protocol/cas/ContentTypeHelperTest.java +++ b/src/test/java/org/keycloak/protocol/cas/ContentTypeHelperTest.java @@ -13,33 +13,15 @@ public class ContentTypeHelperTest { @Test public void test() throws Exception { - assertEquals(MediaType.APPLICATION_XML_TYPE, get("http://example.com/", null).selectResponseType()); - assertEquals(MediaType.APPLICATION_JSON_TYPE, get("http://example.com/?format=json", null).selectResponseType()); - assertEquals(MediaType.APPLICATION_XML_TYPE, get("http://example.com/?format=xml", null).selectResponseType()); - assertEquals(MediaType.APPLICATION_JSON_TYPE, get("http://example.com/?format=JSON", null).selectResponseType()); - assertEquals(MediaType.APPLICATION_XML_TYPE, get("http://example.com/?format=XML", null).selectResponseType()); - - assertEquals(MediaType.APPLICATION_XML_TYPE, get("http://example.com/", MediaType.APPLICATION_XML).selectResponseType()); - assertEquals(MediaType.APPLICATION_JSON_TYPE, get("http://example.com/?format=json", MediaType.APPLICATION_XML).selectResponseType()); - assertEquals(MediaType.APPLICATION_XML_TYPE, get("http://example.com/?format=xml", MediaType.APPLICATION_XML).selectResponseType()); - - assertEquals(MediaType.APPLICATION_JSON_TYPE, get("http://example.com/", MediaType.APPLICATION_JSON).selectResponseType()); - assertEquals(MediaType.APPLICATION_JSON_TYPE, get("http://example.com/?format=json", MediaType.APPLICATION_JSON).selectResponseType()); - assertEquals(MediaType.APPLICATION_XML_TYPE, get("http://example.com/?format=xml", MediaType.APPLICATION_JSON).selectResponseType()); - - assertEquals(MediaType.APPLICATION_XML_TYPE, get("http://example.com/", MediaType.TEXT_PLAIN).selectResponseType()); - assertEquals(MediaType.APPLICATION_XML_TYPE, get("http://example.com/", "text/html, image/gif, image/jpeg, *; q=.2, */*; q=.2").selectResponseType()); + assertEquals(MediaType.APPLICATION_XML_TYPE, get("http://example.com/").selectResponseType()); + assertEquals(MediaType.APPLICATION_JSON_TYPE, get("http://example.com/?format=json").selectResponseType()); + assertEquals(MediaType.APPLICATION_XML_TYPE, get("http://example.com/?format=xml").selectResponseType()); + assertEquals(MediaType.APPLICATION_JSON_TYPE, get("http://example.com/?format=JSON").selectResponseType()); + assertEquals(MediaType.APPLICATION_XML_TYPE, get("http://example.com/?format=XML").selectResponseType()); } - private ContentTypeHelper get(String uri, String acceptHeader) throws Exception { + private ContentTypeHelper get(String uri) throws Exception { MockHttpRequest req = MockHttpRequest.get(uri); - MockHttpResponse res = new MockHttpResponse(); - RequestImpl restReq = new RequestImpl(req, res); - - if (acceptHeader != null) { - req = req.header(HttpHeaders.ACCEPT, acceptHeader); - } - - return new ContentTypeHelper(req, restReq, req.getUri()); + return new ContentTypeHelper(req.getUri()); } } -- Gitblit v1.9.1