This is an automated email from the ASF dual-hosted git repository. jungm pushed a commit to branch issue/TOMEE-4584 in repository https://gitbox.apache.org/repos/asf/tomee.git
commit 1965f1c2edb30a2fe9b2e42c5aef0181426457b7 Author: Markus Jung <[email protected]> AuthorDate: Thu Feb 19 08:49:10 2026 +0100 TOMEE-4584 - OpenIdAuthenticationMechanism store parameterMap --- .../java/org/superbiz/openid/SecuredServlet.java | 5 +++ .../org/superbiz/openid/SecuredServletTest.java | 6 ++-- .../apache/tomee/security/http/SavedRequest.java | 41 ++++++++++++++++++---- .../tomee/security/http/SavedRequestTest.java | 12 +++++-- 4 files changed, 51 insertions(+), 13 deletions(-) diff --git a/examples/security-openid/src/main/java/org/superbiz/openid/SecuredServlet.java b/examples/security-openid/src/main/java/org/superbiz/openid/SecuredServlet.java index 03d671984a..9d1d869ea6 100644 --- a/examples/security-openid/src/main/java/org/superbiz/openid/SecuredServlet.java +++ b/examples/security-openid/src/main/java/org/superbiz/openid/SecuredServlet.java @@ -26,6 +26,7 @@ import jakarta.servlet.http.HttpServletRequest; import jakarta.servlet.http.HttpServletResponse; import java.io.IOException; +import java.util.stream.Collectors; @OpenIdAuthenticationMechanismDefinition( providerURI = "#{openIdConfig.providerUri}", @@ -44,5 +45,9 @@ public class SecuredServlet extends HttpServlet { if (req.isUserInRole("admin")) { resp.getWriter().print("\nYou're an admin!"); } + + resp.getWriter().print("\nRequest parameters: " + req.getParameterMap().entrySet().stream() + .map(e -> e.getKey() + "=" + String.join(",", e.getValue())) + .collect(Collectors.joining(";"))); } } diff --git a/examples/security-openid/src/test/java/org/superbiz/openid/SecuredServletTest.java b/examples/security-openid/src/test/java/org/superbiz/openid/SecuredServletTest.java index c12f05869b..7dd3e96ac7 100644 --- a/examples/security-openid/src/test/java/org/superbiz/openid/SecuredServletTest.java +++ b/examples/security-openid/src/test/java/org/superbiz/openid/SecuredServletTest.java @@ -64,7 +64,7 @@ public class SecuredServletTest { @RunAsClient public void test() throws Exception { try (WebClient webClient = new WebClient()) { - HtmlPage htmlPage = webClient.getPage(url + "/secured"); + HtmlPage htmlPage = webClient.getPage(url + "/secured?foo=bar"); assertTrue(htmlPage.getUrl().toString().startsWith(KEYCLOAK_CONTAINER.getAuthServerUrl() + "/realms/tomee/protocol/openid-connect/auth")); HtmlForm loginForm = htmlPage.getForms().get(0); @@ -72,7 +72,7 @@ public class SecuredServletTest { loginForm.getInputByName("password").setValue("tomee"); TextPage securedServletPage = loginForm.getButtonByName("login").click(); - assertEquals("Hello, tomee-user", securedServletPage.getContent()); + assertEquals("Hello, tomee-user\nRequest parameters: foo=bar", securedServletPage.getContent()); } } @@ -88,7 +88,7 @@ public class SecuredServletTest { loginForm.getInputByName("password").setValue("tomee"); TextPage securedServletPage = loginForm.getButtonByName("login").click(); - assertEquals("Hello, tomee-admin\nYou're an admin!", securedServletPage.getContent()); + assertEquals("Hello, tomee-admin\nYou're an admin!\nRequest parameters: ", securedServletPage.getContent()); } } } diff --git a/tomee/tomee-security/src/main/java/org/apache/tomee/security/http/SavedRequest.java b/tomee/tomee-security/src/main/java/org/apache/tomee/security/http/SavedRequest.java index 2461014be8..f6451e4349 100644 --- a/tomee/tomee-security/src/main/java/org/apache/tomee/security/http/SavedRequest.java +++ b/tomee/tomee-security/src/main/java/org/apache/tomee/security/http/SavedRequest.java @@ -56,9 +56,9 @@ public class SavedRequest implements Serializable { private String method; private String url; private String queryString; + private Map<String, String[]> parameterMap; public static SavedRequest fromRequest(HttpServletRequest request) { - Cookie[] cookies = request.getCookies(); Map<String, List<String>> headers = new HashMap<>(); Enumeration<String> headerNames = request.getHeaderNames(); while (headerNames.hasMoreElements()) { @@ -66,15 +66,13 @@ public class SavedRequest implements Serializable { headers.put(name, Collections.list(request.getHeaders(name))); } - String method = request.getMethod(); - String queryString = request.getQueryString(); - SavedRequest result = new SavedRequest(); - result.setCookies(cookies); + result.setCookies(request.getCookies()); result.setHeaders(headers); - result.setMethod(method); + result.setMethod(request.getMethod()); result.setUrl(request.getRequestURL().toString()); - result.setQueryString(queryString); + result.setQueryString(request.getQueryString()); + result.setParameterMap(request.getParameterMap()); return result; } @@ -132,6 +130,27 @@ public class SavedRequest implements Serializable { public String getQueryString() { return queryString; } + + @Override + public Enumeration<String> getParameterNames() { + return Collections.enumeration(parameterMap.keySet()); + } + + @Override + public String[] getParameterValues(String name) { + return parameterMap.get(name); + } + + @Override + public String getParameter(String name) { + String[] values = parameterMap.get(name); + return values == null || values.length == 0 ? null : values[0]; + } + + @Override + public Map<String, String[]> getParameterMap() { + return parameterMap; + } }; } @@ -184,6 +203,14 @@ public class SavedRequest implements Serializable { this.queryString = queryString; } + public Map<String, String[]> getParameterMap() { + return parameterMap; + } + + public void setParameterMap(Map<String, String[]> parameterMap) { + this.parameterMap = parameterMap; + } + @JsonbTransient public String getUrlWithQueryString() { return queryString == null ? url : url + "?" + queryString; diff --git a/tomee/tomee-security/src/test/java/org/apache/tomee/security/http/SavedRequestTest.java b/tomee/tomee-security/src/test/java/org/apache/tomee/security/http/SavedRequestTest.java index 65dd50ac7b..4873536330 100644 --- a/tomee/tomee-security/src/test/java/org/apache/tomee/security/http/SavedRequestTest.java +++ b/tomee/tomee-security/src/test/java/org/apache/tomee/security/http/SavedRequestTest.java @@ -26,6 +26,7 @@ import jakarta.servlet.http.Cookie; import java.io.Serializable; import java.util.LinkedHashMap; import java.util.List; +import java.util.Map; import static org.junit.Assert.assertEquals; import static org.junit.Assert.assertNotNull; @@ -50,13 +51,14 @@ public class SavedRequestTest { request.setMethod("PATCH"); request.setQueryString("foo=bar"); request.setUrl("http://example.com/foo";); + request.setParameterMap(Map.of("foo", new String[] {"bar"})); - assertEquals("{\"cookies\":[{\"name\":\"first\",\"value\":\"val1\",\"attributes\":{}},{\"name\":\"second\",\"value\":\"val2\",\"attributes\":{}}],\"headers\":{\"header1\":[\"h1val1\",\"h1val2\"],\"header2\":[\"h2val1\"]},\"method\":\"PATCH\",\"queryString\":\"foo=bar\",\"url\":\"http://example.com/foo\"}";, request.toJson()); + assertEquals("{\"cookies\":[{\"name\":\"first\",\"value\":\"val1\",\"attributes\":{}},{\"name\":\"second\",\"value\":\"val2\",\"attributes\":{}}],\"headers\":{\"header1\":[\"h1val1\",\"h1val2\"],\"header2\":[\"h2val1\"]},\"method\":\"PATCH\",\"parameterMap\":{\"foo\":[\"bar\"]},\"queryString\":\"foo=bar\",\"url\":\"http://example.com/foo\"}";, request.toJson()); } @Test public void deserialization() throws Exception { - String json = "{\"cookies\":[{\"name\":\"first\",\"value\":\"val1\",\"attributes\":{}},{\"name\":\"second\",\"value\":\"val2\",\"attributes\":{}}],\"headers\":{\"header1\":[\"h1val1\",\"h1val2\"],\"header2\":[\"h2val1\"]},\"method\":\"PATCH\",\"queryString\":\"foo=bar\",\"url\":\"http://example.com/foo\"}";; + String json = "{\"cookies\":[{\"name\":\"first\",\"value\":\"val1\",\"attributes\":{}},{\"name\":\"second\",\"value\":\"val2\",\"attributes\":{}}],\"headers\":{\"header1\":[\"h1val1\",\"h1val2\"],\"header2\":[\"h2val1\"]},\"method\":\"PATCH\",\"parameterMap\":{\"foo\":[\"bar\"]},\"queryString\":\"foo=bar\",\"url\":\"http://example.com/foo\"}";; SavedRequest request = SavedRequest.fromJson(json); assertNotNull(request); @@ -71,6 +73,10 @@ public class SavedRequestTest { assertEquals("PATCH", request.getMethod()); assertEquals("foo=bar", request.getQueryString()); assertEquals("http://example.com/foo";, request.getUrl()); + assertNotNull(request.getParameterMap()); + assertNotNull(request.getParameterMap().get("foo")); + assertEquals(1, request.getParameterMap().get("foo").length); + assertEquals("bar", request.getParameterMap().get("foo")[0]); } @Test @@ -105,4 +111,4 @@ public class SavedRequestTest { assertEquals("/aaa", cookie.getPath()); } } -} \ No newline at end of file +}
