[keycloak-user] Implicit flow test

Mohan.Radhakrishnan at cognizant.com Mohan.Radhakrishnan at cognizant.com
Fri Jul 29 04:26:13 EDT 2016 

Hi,

I am using keycloak-2.0.0.Final standalone server and I have enabled 'Implicit'

http://localhost:8080/auth/realms/Pearson/protocol/openid-connect/auth?response_type=id_token&redirect_uri=http://localhost:8000/keycloak/greeting/&realm=Pearson&client_id=Pearson&scope=user

The URL shown above shows me the login page and redirects after obtaining the id_token and I get the proper output in the  b rowser.

http://localhost:8000/keycloak/greeting/#id_token=eyJhbGciOiJSUzI1NiJ9.eyJqdGkiOiTc3NjM2ZS1lOWI0LTRhOGQtOTZiOS0yNTQ5NDc5ZjZmZWQiLCJleHAiOjE0Njk3ODEwODMsIm5iZiI6MCwiaWF0IjoxNDY5NzgwMTgzLCJpc3MiOiJodHRwOi8vbG9jYWxob3N0OjgwODAvYXV0aC9yZWFsbXMvUGVhcnNvbiIsImF1ZCI6IlBlYXJzb24iLCJzdWIiOiJmMTQ1ZmRhZi00Yzk4LTQ2OGYtYmRkOC0yYTM3ZTFlMzViYjgiLCJ0eXAiOiJJRCIsImF6cCI6IlBlYXJzb24iLCJzZXNzaW9uX3N0YXRlIjoiZmNmNTNiN2ItNDUzNi00MjRhLTk0OWItYmZiZmQ4NzQ2N2FmIiwibmFtZSI6IiIsInByZWZlcnJlZF91c2VybmFtZSI6ImFkbWluIn0.OmtVkjW8gGxMpbkH1LIL6rd97J7BYza5BETp86R4t_hM826rCgOpVbH4O9ZLqJ6TsnYlKOHpsU3N1Nu-vrQuwfI1gTgR3ulDHyg1PJbv-Q9hgycT2nQC-3uLW3i5nzaXEWQDsCVqe1kJHMq-UcwgshGyu7rKSxyLFOZDBRLmLDL1-vOsUk4-bRe6ulC9QL3cCqvNh8X8rzxEtTPc9LihNpphcURYW5-5r7oVFSA2-RaKbhMwsDEtZVZAbPH2HqQM17poPEJFKPwFhmH8RivMuX7x_ThwYc0VimPUSBIi0O4mQ9Kl3kb-wanj01jzelzR8LrTFZbRaMUig8o-FwvhjA&not-before-policy=0

My filter configuration is this.

    @Bean
    public FilterRegistrationBean someFilterRegistration() {

        FilterRegistrationBean registration = new FilterRegistrationBean();
        registration.setFilter(keycloakOIDCFilter());
        registration.addUrlPatterns("/keycloak/*");
        registration.addInitParameter("keycloak.config.file", "D:/OpenIDM/keycloak.json");
        registration.setName("keycloakOIDCFilter");
        registration.setOrder(1);
        return registration;
    }

Is the id_token getting validated by the filter ? How do I know that it is ? Have I misunderstood the validation ? Logging for the filter or keycloak should be enabled. How ?

Thanks,
Mohan
This e-mail and any files transmitted with it are for the sole use of the intended recipient(s) and may contain confidential and privileged information. If you are not the intended recipient(s), please reply to the sender and destroy all copies of the original message. Any unauthorized review, use, disclosure, dissemination, forwarding, printing or copying of this email, and/or any action taken in reliance on the contents of this e-mail is strictly prohibited and may be unlawful. Where permitted by applicable law, this e-mail and other e-mail communications sent to and from Cognizant e-mail addresses may be monitored.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.jboss.org/pipermail/keycloak-user/attachments/20160729/450ef5d1/attachment-0001.html

More information about the keycloak-user mailing list