mirror/keycloak
1
0
Fork 0
mirror of https://github.com/keycloak/keycloak.git synced 2025-12-16 20:15:46 -06:00
Code Issues Packages Projects Releases Wiki Activity

Fixing encoding of forwarded parameters

Browse Source 
Closes #44125

Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>
This commit is contained in:
Pedro Igor
2025-11-14 11:33:05 -03:00
parent fd99aa6244
commit d4f9a09236
2 changed files with 20 additions and 13 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/broker/KcOidcBrokerParameterForwardTest.java
View File

@@ -51,11 +51,11 @@ public class KcOidcBrokerParameterForwardTest extends AbstractBrokerTest {
oauth.clientId("broker-app");
loginPage.open(bc.consumerRealmName());
String claimsValue = "{\"userinfo\":{\"http://itsme.services/v2/claim/BENationalNumber\":null}}";
String claimsValue = "{\"userinfo\":{\"http://itsme.services/v2/claim/BENationalNumber\":null,\"spaced_value\":\"with space\"}}";
String urlEncodedClaims = URLEncoder.encode(claimsValue, StandardCharsets.UTF_8);
String forwardedEncodedParam = "forwarded_encoded";
String forwardedEncodedParamValue = "encoded value";
String forwardedEncodedParamvalueEncoded = URLEncoder.encode(forwardedEncodedParamValue, StandardCharsets.UTF_8);
String forwardedEncodedParamValueEncoded = URLEncoder.encode(forwardedEncodedParamValue, StandardCharsets.UTF_8);
String queryString = "&" + FORWARDED_PARAMETER + "=" + FORWARDED_PARAMETER_VALUE + "&" + PARAMETER_NOT_FORWARDED + "=" + "value"
+ "&" + OAuth2Constants.ACR_VALUES + "=" + "phr"
+ "&" + OIDCLoginProtocol.CLAIMS_PARAM + "=" + urlEncodedClaims
@@ -77,7 +77,7 @@ public class KcOidcBrokerParameterForwardTest extends AbstractBrokerTest {
assertThat(OIDCLoginProtocol.CLAIMS_PARAM + "=" + urlEncodedClaims + " should be part of the url",
driver.getCurrentUrl(), containsString(OIDCLoginProtocol.CLAIMS_PARAM + "=" + urlEncodedClaims));
assertThat(forwardedEncodedParam + "=" + forwardedEncodedParamValue + "should be part of the url",
driver.getCurrentUrl(), containsString(forwardedEncodedParam + "=" + URLEncoder.encode(forwardedEncodedParamvalueEncoded, StandardCharsets.UTF_8)));
driver.getCurrentUrl(), containsString(forwardedEncodedParam + "=" + forwardedEncodedParamValueEncoded));
assertThat("\"" + PARAMETER_NOT_SET + "\"" + " should NOT be part of the url",
driver.getCurrentUrl(), not(containsString(PARAMETER_NOT_SET)));