之前写过基于keycloak11.0.3版的微信认证的实现,而在升级到keycloak14.0.0之后,这个认证出现了问题,原因是因为人家keycloak内部源码又变了。
- 影响类文件
server-spi-private/src/main/java/org/keycloak/broker/provider/BrokeredIdentityContext.java - github地址:https://github.com/keycloak/keycloak/commit/41dc94fead4c20560e0dd96c3efbd7bd10a484b6
- 修改的地方:去掉了code字段,相应的setCode,getCode也去了,在认证后回调的地方也进行了调整
AuthenticationSessionModel authSession = this.callback.getAndVerifyAuthenticationSession(state);
session.getContext().setAuthenticationSession(authSession);
federatedIdentity.setIdpConfig(getConfig());
federatedIdentity.setIdp(AbstractOAuth2IdentityProvider.this);
federatedIdentity.setAuthenticationSession(authSession);
上面源代码的调整直接影响了我们的微信认证的集成,我们也需要进行调整Endpoint类中的authResponse方法,也相应的修改即可
BrokeredIdentityContext federatedIdentity = null;
if (authorizationCode != null) {
String response = generateTokenRequest(authorizationCode, wechatFlag).asString();
logger.info("authResponse.response=" + response);
federatedIdentity = getFederatedIdentity(response, wechatFlag);
if (getConfig().isStoreToken()) {
if (federatedIdentity.getToken() == null)
federatedIdentity.setToken(response);
}
federatedIdentity.setIdpConfig(getConfig());
federatedIdentity.setIdp(WeiXinIdentityProvider.this);
//11.3.0之后改成这样了,去掉了code字段
AuthenticationSessionModel authSession = this.callback.getAndVerifyAuthenticationSession(state);
session.getContext().setAuthenticationSession(authSession);
federatedIdentity.setAuthenticationSession(authSession);
logger.info("authResponse success" + federatedIdentity);
return callback.authenticated(federatedIdentity);
}
作者:仓储大叔,张占岭,
荣誉:微软MVP
