From b1c0c9d40edcf1877698afb865f46c7f498ce7d7 Mon Sep 17 00:00:00 2001
From: Jacek Kowalski <Jacek@jacekk.info>
Date: Thu, 27 Apr 2023 20:49:29 +0000
Subject: [PATCH] GitHub Actions: limit permissions of GITHUB_TOKEN
---
src/main/java/org/keycloak/protocol/cas/endpoints/SamlValidateEndpoint.java | 6 +++---
1 files changed, 3 insertions(+), 3 deletions(-)
diff --git a/src/main/java/org/keycloak/protocol/cas/endpoints/SamlValidateEndpoint.java b/src/main/java/org/keycloak/protocol/cas/endpoints/SamlValidateEndpoint.java
index 3d7f3c3..74730ee 100644
--- a/src/main/java/org/keycloak/protocol/cas/endpoints/SamlValidateEndpoint.java
+++ b/src/main/java/org/keycloak/protocol/cas/endpoints/SamlValidateEndpoint.java
@@ -36,9 +36,9 @@
@Consumes("text/xml;charset=utf-8")
@Produces("text/xml;charset=utf-8")
public Response validate(String input) {
- MultivaluedMap<String, String> queryParams = request.getUri().getQueryParameters();
+ MultivaluedMap<String, String> queryParams = session.getContext().getUri().getQueryParameters();
try {
- String soapAction = Optional.ofNullable(request.getHttpHeaders().getHeaderString("SOAPAction")).map(s -> s.trim().replace("\"", "")).orElse("");
+ String soapAction = Optional.ofNullable(session.getContext().getRequestHeaders().getHeaderString("SOAPAction")).map(s -> s.trim().replace("\"", "")).orElse("");
if (!soapAction.equals("http://www.oasis-open.org/committees/security")) {
throw new CASValidationException(CASErrorCode.INTERNAL_ERROR, "Not a validation request", Response.Status.BAD_REQUEST);
}
@@ -49,7 +49,7 @@
checkRealm();
checkSsl();
checkClient(service);
- String issuer = Urls.realmIssuer(request.getUri().getBaseUri(), realm.getName());
+ String issuer = Urls.realmIssuer(session.getContext().getUri().getBaseUri(), realm.getName());
String ticket = getTicket(input);
checkTicket(ticket, renew);
--
Gitblit v1.9.1