From 8560e4a392962f6b1bdd40f444f091f6a36cdbd4 Mon Sep 17 00:00:00 2001 From: Jacek Kowalski <Jacek@jacekk.info> Date: Fri, 24 Nov 2023 15:24:58 +0000 Subject: [PATCH] CASLoginProtocol: close Response resource in backchannelLogout --- src/main/java/org/keycloak/protocol/cas/endpoints/AbstractValidateEndpoint.java | 18 ++++++------------ 1 files changed, 6 insertions(+), 12 deletions(-) diff --git a/src/main/java/org/keycloak/protocol/cas/endpoints/AbstractValidateEndpoint.java b/src/main/java/org/keycloak/protocol/cas/endpoints/AbstractValidateEndpoint.java index e60b4e7..2620eb3 100644 --- a/src/main/java/org/keycloak/protocol/cas/endpoints/AbstractValidateEndpoint.java +++ b/src/main/java/org/keycloak/protocol/cas/endpoints/AbstractValidateEndpoint.java @@ -1,5 +1,8 @@ package org.keycloak.protocol.cas.endpoints; +import jakarta.ws.rs.core.Context; +import jakarta.ws.rs.core.HttpHeaders; +import jakarta.ws.rs.core.Response; import org.jboss.logging.Logger; import org.jboss.resteasy.spi.HttpRequest; import org.keycloak.common.ClientConnection; @@ -17,9 +20,6 @@ import org.keycloak.services.managers.AuthenticationManager; import org.keycloak.services.util.DefaultClientSessionContext; -import javax.ws.rs.core.Context; -import javax.ws.rs.core.HttpHeaders; -import javax.ws.rs.core.Response; import java.util.HashMap; import java.util.Map; import java.util.Set; @@ -27,26 +27,20 @@ public abstract class AbstractValidateEndpoint { protected final Logger logger = Logger.getLogger(getClass()); - @Context protected KeycloakSession session; - @Context - protected ClientConnection clientConnection; - @Context - protected HttpRequest request; - @Context - protected HttpHeaders headers; protected RealmModel realm; protected EventBuilder event; protected ClientModel client; protected AuthenticatedClientSessionModel clientSession; - public AbstractValidateEndpoint(RealmModel realm, EventBuilder event) { + public AbstractValidateEndpoint(KeycloakSession session, RealmModel realm, EventBuilder event) { + this.session = session; this.realm = realm; this.event = event; } protected void checkSsl() { - if (!session.getContext().getUri().getBaseUri().getScheme().equals("https") && realm.getSslRequired().isRequired(clientConnection)) { + if (!session.getContext().getUri().getBaseUri().getScheme().equals("https") && realm.getSslRequired().isRequired(session.getContext().getConnection())) { throw new CASValidationException(CASErrorCode.INVALID_REQUEST, "HTTPS required", Response.Status.FORBIDDEN); } } -- Gitblit v1.9.1