<html>

  <head>

    <meta content="text/html; charset=windows-1252"

      http-equiv="Content-Type">

  </head>

  <body text="#000000" bgcolor="#FFFFFF">

    <div class="moz-cite-prefix">Funny, OIDC specs itself also has one

      place when it uses "bearer" . See the example:

      <a class="moz-txt-link-freetext" href="http://openid.net/specs/openid-connect-core-1_0.html#ImplicitAuthResponse">http://openid.net/specs/openid-connect-core-1_0.html#ImplicitAuthResponse</a>

      .<br>

      <br>

      Feel free to create JIRA and we can change to "Bearer" . Still, it

      looks to me more like a bug in django-oidc, which should ignore

      cases.<br>

      <br>

      Marek<br>

      <br>

      On 16/09/15 18:21, Iván Perdomo wrote:<br>

    </div>

    <blockquote cite="mid:55F99721.5080007@akvo.org" type="cite">

      <pre wrap="">Hi,

We're trying to integrate a Python/Django application using the

following module <a class="moz-txt-link-freetext" href="https://github.com/marcanpilami/django-oidc">https://github.com/marcanpilami/django-oidc</a> and

Keycloak 1.4.0.Final

After a successful user login the process fails because a simple check

in python:

    if token.token_type == "Bearer" and method == "GET":

Right now Keycloak is returning `token_type` as "bearer" and not "Bearer"

Reading the OpenID Connect spec in the section "3.1.3.3. Successful

Token Response"

(<a class="moz-txt-link-freetext" href="https://openid.net/specs/openid-connect-core-1_0.html#TokenResponse">https://openid.net/specs/openid-connect-core-1_0.html#TokenResponse</a>)

</pre>

      <blockquote type="cite">

        <pre wrap="">The OAuth 2.0 token_type response parameter value MUST be Bearer, as &gt;

</pre>

      </blockquote>

      <pre wrap="">specified in OAuth 2.0 Bearer Token Usage [RFC6750], unless another

</pre>

      <blockquote type="cite">

        <pre wrap="">Token Type has been negotiated with the Client.

</pre>

      </blockquote>

      <pre wrap="">

I checked and the code sets token_type manually,

<a class="moz-txt-link-freetext" href="https://github.com/keycloak/keycloak/blob/master/services/src/main/java/org/keycloak/protocol/oidc/TokenManager.java#L472">https://github.com/keycloak/keycloak/blob/master/services/src/main/java/org/keycloak/protocol/oidc/TokenManager.java#L472</a>

Can this be considered a bug?

Thanks,

</pre>

      <br>

      <fieldset class="mimeAttachmentHeader"></fieldset>

      <br>

      <pre wrap="">_______________________________________________

keycloak-user mailing list

<a class="moz-txt-link-abbreviated" href="mailto:keycloak-user@lists.jboss.org">keycloak-user@lists.jboss.org</a>

<a class="moz-txt-link-freetext" href="https://lists.jboss.org/mailman/listinfo/keycloak-user">https://lists.jboss.org/mailman/listinfo/keycloak-user</a></pre>

    </blockquote>

    <br>

  </body>

</html>