Skip to content

Commit

Permalink
Fix appending of user_code query parameter.
Browse files Browse the repository at this point in the history
  • Loading branch information
karelmaxa committed Jun 22, 2023
1 parent e86e111 commit f4ecc7c
Showing 1 changed file with 33 additions and 21 deletions.
Original file line number Diff line number Diff line change
Expand Up @@ -12,26 +12,31 @@
* information: "Portions copyright [year] [name of copyright owner]".
*
* Copyright 2014-2016 ForgeRock AS.
* Portions Copyright 2023 Wren Security.
*/

package org.forgerock.oauth2.core;

import static com.sun.identity.shared.DateUtils.stringToDate;
import static org.forgerock.oauth2.core.Utils.isEmpty;
import static org.forgerock.oauth2.core.Utils.splitResponseType;
import static org.forgerock.openam.oauth2.OAuth2Constants.Custom.*;
import static org.forgerock.openam.oauth2.OAuth2Constants.Custom.GOTO;
import static org.forgerock.openam.oauth2.OAuth2Constants.Custom.LOCALE;
import static org.forgerock.openam.oauth2.OAuth2Constants.Custom.MODULE;
import static org.forgerock.openam.oauth2.OAuth2Constants.Custom.PROMPT;
import static org.forgerock.openam.oauth2.OAuth2Constants.Custom.SERVICE;
import static org.forgerock.openam.oauth2.OAuth2Constants.Custom.UI_LOCALES;
import static org.forgerock.openam.oauth2.OAuth2Constants.DeviceCode.USER_CODE;
import static org.forgerock.openam.oauth2.OAuth2Constants.Params.*;
import static org.forgerock.openam.oauth2.OAuth2Constants.Params.ACR_VALUES;
import static org.forgerock.openam.oauth2.OAuth2Constants.Params.GRANT_TYPE;
import static org.forgerock.openam.oauth2.OAuth2Constants.Params.MAX_AGE;
import static org.forgerock.openam.oauth2.OAuth2Constants.Params.RESPONSE_TYPE;
import static org.forgerock.openam.oauth2.OAuth2Constants.UrlLocation.FRAGMENT;
import static org.forgerock.openam.oauth2.OAuth2Constants.UrlLocation.QUERY;
import static org.forgerock.openam.utils.Time.currentTimeMillis;
import static org.forgerock.openidconnect.Client.CONFIRMED_MAX_AGE;
import static org.forgerock.openidconnect.Client.MIN_DEFAULT_MAX_AGE;

import javax.inject.Inject;
import javax.inject.Singleton;
import javax.servlet.http.HttpServletRequest;

import java.io.IOException;
import java.io.StringWriter;
import java.io.UnsupportedEncodingException;
Expand All @@ -48,19 +53,11 @@
import java.util.Set;
import java.util.concurrent.TimeUnit;

import com.iplanet.sso.SSOException;
import com.iplanet.sso.SSOToken;
import com.iplanet.sso.SSOTokenManager;
import com.sun.identity.authentication.util.ISAuthConstants;
import com.sun.identity.idm.AMIdentity;
import com.sun.identity.idm.IdUtils;
import com.sun.identity.security.AdminTokenAction;
import com.sun.identity.shared.Constants;
import com.sun.identity.shared.debug.Debug;

import freemarker.template.Template;
import freemarker.template.TemplateException;
import javax.inject.Inject;
import javax.inject.Singleton;
import javax.servlet.http.HttpServletRequest;

import org.apache.http.client.utils.URIBuilder;
import org.forgerock.oauth2.core.exceptions.AccessDeniedException;
import org.forgerock.oauth2.core.exceptions.BadRequestException;
import org.forgerock.oauth2.core.exceptions.InteractionRequiredException;
Expand Down Expand Up @@ -90,6 +87,19 @@
import org.restlet.data.Reference;
import org.restlet.ext.servlet.ServletUtils;

import com.iplanet.sso.SSOException;
import com.iplanet.sso.SSOToken;
import com.iplanet.sso.SSOTokenManager;
import com.sun.identity.authentication.util.ISAuthConstants;
import com.sun.identity.idm.AMIdentity;
import com.sun.identity.idm.IdUtils;
import com.sun.identity.security.AdminTokenAction;
import com.sun.identity.shared.Constants;
import com.sun.identity.shared.debug.Debug;

import freemarker.template.Template;
import freemarker.template.TemplateException;

/**
* Validates whether a resource owner has a current authenticated session.
*
Expand Down Expand Up @@ -349,11 +359,13 @@ private ResourceOwnerAuthenticationRequired authenticationRequired(OAuth2Request
OAuth2ProviderSettings providerSettings = providerSettingsFactory.get(request);
Template loginUrlTemplate = providerSettings.getCustomLoginUrlTemplate();

removeLoginPrompt(request.<Request>getRequest());
removeLoginPrompt(request.getRequest());

String gotoUrl = request.<Request>getRequest().getResourceRef().toString();
String gotoUrl = request.getRequest().getResourceRef().toString();
if (request.getParameter(USER_CODE) != null) {
gotoUrl += (gotoUrl.indexOf('?') > -1 ? "&" : "?") + USER_CODE + "=" + request.getParameter(USER_CODE);
URIBuilder uriBuilder = new URIBuilder(gotoUrl);
uriBuilder.setParameter(USER_CODE, request.getParameter(USER_CODE));
gotoUrl = uriBuilder.toString();
}
String acrValues = request.getParameter(ACR_VALUES);
String realm = request.getParameter(OAuth2Constants.Custom.REALM);
Expand Down

0 comments on commit f4ecc7c

Please sign in to comment.