[keycloak-dev] Support for installed applications added (including example)
Bill Burke
bburke at redhat.com
Fri Mar 7 08:26:50 EST 2014
Couuldn't a lot of the example be pulled into an adapter library and
reused? Also, is there any security hole you've introduced with being
able to cut/paste the access token from the browser? If there is a
public client, can a hacker now get an access token?
Another thing, Android and iOS native apps can redirect to the browser
(and vice versa), wouldn't that approach be used in mobile over this?
On 3/6/2014 7:15 AM, Stian Thorgersen wrote:
> Support for installed applications in form of two special redirect uris (urn:ietf:wg:oauth:2.0:oob and http://localhost) has been added.
>
> There's also a basic example. To try it out start the server as normal, create an app for it (mark it as public). Download the keycloak.json file. Then run:
>
> # mvn -pl examples/demo-template/customer-app-cli install exec:java -Dexec.args="<path to keycloak.json>"
>
> You can then run different commands to try it out. It has two different ways to login the user:
>
> * login-desktop: this opens a ServerSocket on a local port, opens the login url in the browser, after login the ServerSocket is used to retrieve the code
> * login-manual: this uses the 'urn:ietf:wg:oauth:2.0:oob' redirect to display the code in the browser and the user has to manually copy/paste this into the application
> _______________________________________________
> keycloak-dev mailing list
> keycloak-dev at lists.jboss.org
> https://lists.jboss.org/mailman/listinfo/keycloak-dev
>
--
Bill Burke
JBoss, a division of Red Hat
http://bill.burkecentral.com
More information about the keycloak-dev
mailing list