I was about to say... Red Hat customer portal and a number of other apps
we have are running the 7.2 version in production just fine. Although,
it remains a fork until we can get #3271[0] in the upstream :(
[0]
Sorry, nevermind...you have to add allowed origins to client or a
"+"
to add redirects.
On Sun, Apr 8, 2018 at 9:09 PM, Bill Burke <bburke(a)redhat.com> wrote:
> Maybe its just a firefox thing? The preflight sets the
> ACCESS_CONTROL_ALLOW_ORIGIN, but I think firefox doesn't remember this
> and expects the same header for the POST response to code to token.
>
> On Sun, Apr 8, 2018 at 9:04 PM, Bill Burke <bburke(a)redhat.com> wrote:
>> Does our javascript adapter use code to token flow by default? Is
>> that the preferred mechanism? I don't think anybody is using it and
>> has never used it if so, because...its broken.
>>
>> I'm integrating with a non-keycloak html5 app that is using code to
>> token and the code to token request is failing with a CORS error.
>> This is because we do not set allowed origins in TokenEndpoint:
>>
>>
https://github.com/keycloak/keycloak/blob/master/services/src/main/java/o...
>>
>> Embarrassing? Or am i missing something?
>>
>> --
>> Bill Burke
>> Red Hat
>
>
>
> --
> Bill Burke
> Red Hat