Merge pull request #407 from Thisara-Welmilla/improve-settting-paths-…

…in-cookies Fix issue in setting root path for cookies when tenant qualified url enabled
wso2-extensions · Oct 19, 2023 · ac09822 · ac09822
2 parents 8939076 + 36245be
commit ac09822
Show file tree

Hide file tree

Showing 2 changed files with 23 additions and 7 deletions.
diff --git a/....saml/src/main/java/org/wso2/carbon/identity/sso/saml/servlet/SAMLSSOProviderServlet.java b/....saml/src/main/java/org/wso2/carbon/identity/sso/saml/servlet/SAMLSSOProviderServlet.java
@@ -1503,11 +1503,21 @@ private void storeTokenIdCookie(String sessionId, HttpServletRequest req, HttpSe
  if (IdentityTenantUtil.isTenantedSessionsEnabled() &&
  sessionId.endsWith(SAMLSSOConstants.TENANT_QUALIFIED_TOKEN_ID_COOKIE_SUFFIX)) {
  if (loggedInTenantDomain != null) {
- samlssoTokenIdCookie.setPath(FrameworkConstants.TENANT_CONTEXT_PREFIX + loggedInTenantDomain +
- SAMLSSOConstants.COOKIE_ROOT_PATH);
+ if (!IdentityTenantUtil.isSuperTenantRequiredInUrl() &&
+ MultitenantConstants.SUPER_TENANT_DOMAIN_NAME.equals(loggedInTenantDomain)) {
+ samlssoTokenIdCookie.setPath(SAMLSSOConstants.COOKIE_ROOT_PATH);
+ } else {
+ samlssoTokenIdCookie.setPath(FrameworkConstants.TENANT_CONTEXT_PREFIX + loggedInTenantDomain +
+ SAMLSSOConstants.COOKIE_ROOT_PATH);
+ }
  } else {
- samlssoTokenIdCookie.setPath(FrameworkConstants.TENANT_CONTEXT_PREFIX + tenantDomain +
- SAMLSSOConstants.COOKIE_ROOT_PATH);
+ if (!IdentityTenantUtil.isSuperTenantRequiredInUrl() &&
+ MultitenantConstants.SUPER_TENANT_DOMAIN_NAME.equals(tenantDomain)) {
+ samlssoTokenIdCookie.setPath(SAMLSSOConstants.COOKIE_ROOT_PATH);
+ } else {
+ samlssoTokenIdCookie.setPath(FrameworkConstants.TENANT_CONTEXT_PREFIX + tenantDomain +
+ SAMLSSOConstants.COOKIE_ROOT_PATH);
+ }
  }
  isTenantQualifiedCookie = true;
  } else {
@@ -1560,8 +1570,14 @@ public void removeTokenIdCookie(HttpServletRequest req, HttpServletResponse resp
  boolean isTenantQualifiedCookie = false;
  if (IdentityTenantUtil.isTenantedSessionsEnabled() && cookie.getValue() != null &&
  cookie.getValue().endsWith(SAMLSSOConstants.TENANT_QUALIFIED_TOKEN_ID_COOKIE_SUFFIX)) {
- samlSsoTokenIdCookie.setPath(FrameworkConstants.TENANT_CONTEXT_PREFIX + loggedInTenantDomain +
- SAMLSSOConstants.COOKIE_ROOT_PATH);
+
+ if (!IdentityTenantUtil.isSuperTenantRequiredInUrl() &&
+ MultitenantConstants.SUPER_TENANT_DOMAIN_NAME.equals(loggedInTenantDomain)) {
+ samlSsoTokenIdCookie.setPath(SAMLSSOConstants.COOKIE_ROOT_PATH);
+ } else {
+ samlSsoTokenIdCookie.setPath(FrameworkConstants.TENANT_CONTEXT_PREFIX + loggedInTenantDomain
+ + SAMLSSOConstants.COOKIE_ROOT_PATH);
+ }
  isTenantQualifiedCookie = true;
  } else {
  samlSsoTokenIdCookie.setPath(SAMLSSOConstants.COOKIE_ROOT_PATH);

diff --git a/pom.xml b/pom.xml
@@ -457,7 +457,7 @@
  <properties>
  <carbon.kernel.version>4.9.10</carbon.kernel.version>
  <carbon.kernel.feature.version>4.9.0</carbon.kernel.feature.version>
- <carbon.identity.framework.version>5.25.380</carbon.identity.framework.version>
+ <carbon.identity.framework.version>5.25.406</carbon.identity.framework.version>
  <carbon.identity.framework.imp.pkg.version.range>[5.25.260, 7.0.0)
  </carbon.identity.framework.imp.pkg.version.range>
  <carbon.identity.organization.management.core.version>1.0.0</carbon.identity.organization.management.core.version>