[keycloak-dev] KeycloakSecurityContext serialization issue

Leonardo Loch Zanivan leonardo.zanivan at gmail.com
Tue Apr 21 11:55:37 EDT 2015 

ISSUE: https://issues.jboss.org/browse/KEYCLOAK-1222
PR: https://github.com/keycloak/keycloak/pull/1167

I provided a fix with a small modification in
BearerTokenRequestAuthenticator.authenticateToken(HttpFacade exchange,
String tokenString).

Please fix for 1.2 Final.

On Tue, Apr 21, 2015 at 12:46 PM Leonardo Loch Zanivan <
leonardo.zanivan at gmail.com> wrote:

> Serialization works fine with BearerRequestAuthentication or
> Bearer/DirectLoginModule. The only problem is
> BasicAuthRequestAuthentication.
>
> In RequestAuthentication.java, RefreshableKeycloakSecurityContext is
> created with Bearer.getTokenString(), but token string has Basic Auth
> credentials instead of access token.
>
> I'll create a JIRA for this.
>
> On Tue, Apr 21, 2015 at 4:17 AM Marek Posolda <mposolda at redhat.com> wrote:
>
>>  That's strange, serialization and deserialization of
>> KeycloakSecurityContext should work fine. KeycloakSecurityContext actually
>> uses java custom serialization (it implements writeObject and readObject
>> methods). So during deserialization it calls readObject and creates
>> AccessToken and IDToken from the base64 encoded token. This works fine in
>> cluster and we also have the test for it:
>> https://github.com/keycloak/keycloak/blob/master/core/src/test/java/org/keycloak/SkeletonKeyTokenTest.java#L58
>> .
>>
>> If you still seeing issues and you think that it's bug, feel free to
>> create JIRA. But please add the exact steps to reproduce to the JIRA.
>>
>> Thanks,
>> Marek
>>
>>
>> On 21.4.2015 00:50, Leonardo Loch Zanivan wrote:
>>
>>   Hi,
>>
>>  I'm facing a problem while deserializing KeycloakSecurityContext of a
>> Basic Auth KeycloakAccount.
>>
>> KeycloakSecurityContext stores Basic Auth base64 token instead of Access
>> Token, so deserialization code fail!
>>
>> *String[] parts = encoded.split("\\."); if (parts.length < 2 ||
>> parts.length > 3) throw new IllegalArgumentException("Parsing error");*
>>
>> https://github.com/keycloak/keycloak/blob/master/core/src/main/java/org/keycloak/KeycloakSecurityContext.java
>>
>>
>> _______________________________________________
>> keycloak-dev mailing listkeycloak-dev at lists.jboss.orghttps://lists.jboss.org/mailman/listinfo/keycloak-dev
>>
>>
>>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.jboss.org/pipermail/keycloak-dev/attachments/20150421/c720b041/attachment.html

More information about the keycloak-dev mailing list