[keycloak-dev] Access code length
Stian Thorgersen
stian at redhat.com
Mon Jul 28 12:14:21 EDT 2014
I've made the changes to access code, but I'm still not happy with the length.
The old access code containing all the details (including access token and id token) was at least 1000 characters long (with more roles and id token details that would have been even bigger!).
The new access code length is 259 characters. I think this is still to big and would like to reduce it. The way I'm currently creating it is taking the ID (UUID.randomUUID() + System.currentTimeMillis()) and using JWSBuilder to add a signature. Example:
eyJhbGciOiJSUzI1NiJ9.MTVhMjFiNWMtNjcxYy00YzYyLWEyOGMtNmFmMzE4YzE0NjkzMTQwNjU2MzMwNzQyMw.djN2v1Egz1Fime-2bVvYyv529KNMChYh3e0rY5UU4TImv53ppwNhrmWaZRNzO0xLULRC8IeixrH6K3nR1cMyHZb9Ef8Vr46YvNmE8Q_qac821GAWMNzEKjYcXt87AhSSz8BY54CcbKIPLfxFC8smI-KDA1Mr5SrJ_Ch-zdLDbdM
I checked Google it's just:
4/YJcHpG7-DcoVcwNH_8D-NDQKcP_Y.MijWXLPgpOwToiIBeO6P2m9c72_7jgI
Suggestions welcome ;)
More information about the keycloak-dev
mailing list