On Tue, Nov 26, 2019 at 4:15 PM Stian Thorgersen <sthorger at redhat.com>
wrote:
With regards to a new version of keycloak.js the question comes up
if
AppAuth-JS [1] can be used instead.
[1]
https://github.com/openid/AppAuth-JS
This sounds like a good approach long-term. Less code to maintain.
Interestingly, AppAuth-JS is 10x less installed than Keycloak-JS:
-
https://www.npmjs.com/package/@openid/appauth
-
https://www.npmjs.com/package/keycloak-js
What do you think about oidc-client-js, the official openID-connect JS client?
However, the impact would be large. Tests, examples and UIs need to be
updated and I don't see how that can be done progressively.
Do you have an idea how we can break this down? e.g. Implement AppAuth
in the admin console first, then deprecate keycloak-js and update the
tests?
We should also consider the impact to keycloak-js users. This will be
a major breaking change and adoption will be slow, unless there are
clear benefits.
I think we should clear up if a public client would suit us better
than keycloak-js before addressing the repository & rewrite
discussion.
What do you think?