h6. What
We should verify that the access token was signed using the Keycloak realm that it originated from to prevent tampering on the client side.
h6. Why
To prevent the possibility of a malicious user tampering with the access token to add additional roles to attempt to bypass some access control checks in the mobile app.
h6. How
This should be called before carrying out access control decisions within the app (It can probably be part of the getRoles function in [AGDROID-684|https://issues.jboss.org/browse/AGDROID-684]). This function should confirm that the Access token was signed using the realm that the client interact's with. The public key of the realm can probably be hard coded in the application and used for digital signature checks.
*Note*: This probably doesn't need to be exposed by the SDK. Its probably just an additional check to perform.
|
|
