[keycloak-dev] can't figure this out

Thu Mar 26 11:41:50 EDT 2015

I think it would need some tweak in the JavaScript adapter.

On Thu, Mar 26, 2015 at 12:25 PM Stian Thorgersen <stian at redhat.com> wrote:

> Great, so we just need to tweak the Facebook provider to strip that off
> before redirecting to the app
>
> ----- Original Message -----
> > From: "Leonardo Loch Zanivan" <leonardo.zanivan at gmail.com>
> > To: "Stian Thorgersen" <stian at redhat.com>, "Bill Burke" <
> bburke at redhat.com>
> > Cc: keycloak-dev at lists.jboss.org
> > Sent: Thursday, 26 March, 2015 4:21:49 PM
> > Subject: Re: [keycloak-dev] can't figure this out
> >
> > Ops, you need to remove after keycloak success. Here is an example:
> >
> > keycloakAuth.init({
> >     onLoad: 'login-required'
> > }).success(function(authenticated) {
> >     //fix facebook oauth
> >     if (window.location.hash === '#_=_') {
> >         window.location.hash = '';
> >     }
> > });
> >
> >
> > On Thu, Mar 26, 2015 at 12:19 PM Leonardo Loch Zanivan <
> > leonardo.zanivan at gmail.com> wrote:
> >
> > > Facebook adds "#_=_" at the end of redirect URL for "security
> reasons", so
> > > SPA apps won't work unless you remove it.
> > >
> > > In Angular apps you should remove before call keycloak:
> > >
> > > if (window.location.hash === '#_=_') {
> > >     window.location.hash = '';
> > > }
> > >
> > > On Thu, Mar 26, 2015 at 12:14 PM Stian Thorgersen <stian at redhat.com>
> > > wrote:
> > >
> > >> AFAIK Facebook is OAuth2 + custom weird stuff that looks like but
> isn't
> > >> OpenID Connect
> > >>
> > >> ----- Original Message -----
> > >> > From: "Stian Thorgersen" <stian at redhat.com>
> > >> > To: "Bill Burke" <bburke at redhat.com>
> > >> > Cc: keycloak-dev at lists.jboss.org
> > >> > Sent: Thursday, 26 March, 2015 4:11:11 PM
> > >> > Subject: Re: [keycloak-dev] can't figure this out
> > >> >
> > >> > I remember seeing the '#_=_' crap a while ago, I believe that was
> before
> > >> > Pedro started brokering.
> > >> >
> > >> > ----- Original Message -----
> > >> > > From: "Bill Burke" <bburke at redhat.com>
> > >> > > To: keycloak-dev at lists.jboss.org
> > >> > > Sent: Thursday, 26 March, 2015 2:54:27 PM
> > >> > > Subject: [keycloak-dev] can't figure this out
> > >> > >
> > >> > > I'm going crazy...  I'm testing facebook login with the admin
> console
> > >> as
> > >> > > the test app.
> > >> > >
> > >> > > 1. Facebook auth succeeds
> > >> > > 2. Redirect back to admin console
> > >> > > 3. For some reason admin console doesn't like the redirect URL and
> > >> does
> > >> > > a redirect back to keycloak login with a fragment of #_=_
> > >> > > 4. I'm already logged in, so redirect back
> > >> > > 5. Success, but the fragment is #_=_
> > >> > >
> > >> > > Login works for github though...I'm freakin stumped.  The initial
> > >> > > redirect back to the admin console is the same exact redirect uri
> for
> > >> > > both github and facebook.
> > >> > >
> > >> > > Has anybody seen this before?
> > >> > >
> > >> > > --
> > >> > > Bill Burke
> > >> > > JBoss, a division of Red Hat
> > >> > > http://bill.burkecentral.com
> > >> > > _______________________________________________
> > >> > > keycloak-dev mailing list
> > >> > > keycloak-dev at lists.jboss.org
> > >> > > https://lists.jboss.org/mailman/listinfo/keycloak-dev
> > >> > >
> > >> > _______________________________________________
> > >> > keycloak-dev mailing list
> > >> > keycloak-dev at lists.jboss.org
> > >> > https://lists.jboss.org/mailman/listinfo/keycloak-dev
> > >> >
> > >> _______________________________________________
> > >> keycloak-dev mailing list
> > >> keycloak-dev at lists.jboss.org
> > >> https://lists.jboss.org/mailman/listinfo/keycloak-dev
> > >>
> > >
> >
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.jboss.org/pipermail/keycloak-dev/attachments/20150326/9aa63bd0/attachment.html 