[keycloak-dev] Credentials in javascript adapter
Stan Silvert
ssilvert at redhat.com
Fri Nov 15 08:02:28 EST 2019
On 11/7/2019 7:46 AM, Stian Thorgersen wrote:
> It might be there from the early days when we didn't have public clients.
> I'd probably just keep it in case someone is using it with a confidential
> client as removing it would break it for them. Although strictly speaking
> you shouldn't use a confidential client with a client-side app.
There is something else left over from when we didn't have public
clients. The account console is still a confidential client.
With this latest change in the javascript adapter, the new account
console is broken. (Both old and new account console use the same
client definition)
Does anyone have an issue with changing the (old and new) account
console to a public client?
>
> On Thu, 7 Nov 2019 at 07:42, Michal Hajas <mhajas at redhat.com> wrote:
>
>> Hello,
>>
>> in Javascript adapter we have a possibility to configure a client secret
>> [1] in order to use Basic authorization for requests for token endpoint
>> [2]. I haven't found any information in docs about it and I don't
>> understand why we have it there as public clients don't have secrets. Is
>> this useful in some scenarios or we should remove it?
>>
>> Michal
>>
>> [1]
>>
>> https://github.com/keycloak/keycloak/blob/master/adapters/oidc/js/src/main/resources/keycloak.js#L882
>> &
>> <https://github.com/keycloak/keycloak/blob/master/adapters/oidc/js/src/main/resources/keycloak.js#L882&>
>>
>> https://github.com/keycloak/keycloak/blob/master/adapters/oidc/js/src/main/resources/keycloak.js#L866
>>
>> [2]
>>
>> https://github.com/keycloak/keycloak/blob/master/adapters/oidc/js/src/main/resources/keycloak.js#L617
>> &
>> <https://github.com/keycloak/keycloak/blob/master/adapters/oidc/js/src/main/resources/keycloak.js#L617&>
>>
>> https://github.com/keycloak/keycloak/blob/master/adapters/oidc/js/src/main/resources/keycloak.js#L732
>> _______________________________________________
>> keycloak-dev mailing list
>> keycloak-dev at lists.jboss.org
>> https://lists.jboss.org/mailman/listinfo/keycloak-dev
>>
> _______________________________________________
> keycloak-dev mailing list
> keycloak-dev at lists.jboss.org
> https://lists.jboss.org/mailman/listinfo/keycloak-dev
More information about the keycloak-dev
mailing list