;. Would that be acceptable?
On Thu, Nov 7, 2019 at 1:57 PM Stian Thorgersen <sthorger(a)redhat.com> wrote:
That'd work. As it's not documented we can probably instead
just log a
warning to the console?
On Thu, 7 Nov 2019 at 13:55, Jon Koops <jonkoops(a)gmail.com> wrote:
> We recently also deprecated non-native promises with the intent to remove
> this behavior in the future. Would it not then make sense to deprecate this
> behavior now and remove it eventually? Especially considering this behavior
> is not very secure and just adds extra cruft to the adapter code.
>
> On Thu, Nov 7, 2019 at 1:51 PM Stian Thorgersen <sthorger(a)redhat.com>
> wrote:
>
>> It might be there from the early days when we didn't have public clients.
>> I'd probably just keep it in case someone is using it with a confidential
>> client as removing it would break it for them. Although strictly speaking
>> you shouldn't use a confidential client with a client-side app.
>>
>> On Thu, 7 Nov 2019 at 07:42, Michal Hajas <mhajas(a)redhat.com> wrote:
>>
>> > Hello,
>> >
>> > in Javascript adapter we have a possibility to configure a client
>> secret
>> > [1] in order to use Basic authorization for requests for token endpoint
>> > [2]. I haven't found any information in docs about it and I don't
>> > understand why we have it there as public clients don't have secrets.
>> Is
>> > this useful in some scenarios or we should remove it?
>> >
>> > Michal
>> >
>> > [1]
>> >
>> >
>>
https://github.com/keycloak/keycloak/blob/master/adapters/oidc/js/src/mai...
>> > &
>> > <
>>
https://github.com/keycloak/keycloak/blob/master/adapters/oidc/js/src/mai...
>> >
>> >
>> >
>>
https://github.com/keycloak/keycloak/blob/master/adapters/oidc/js/src/mai...
>> >
>> > [2]
>> >
>> >
>>
https://github.com/keycloak/keycloak/blob/master/adapters/oidc/js/src/mai...
>> > &
>> > <
>>
https://github.com/keycloak/keycloak/blob/master/adapters/oidc/js/src/mai...
>> >
>> >
>> >
>>
https://github.com/keycloak/keycloak/blob/master/adapters/oidc/js/src/mai...
>> > _______________________________________________
>> > keycloak-dev mailing list
>> > keycloak-dev(a)lists.jboss.org
>> >
https://lists.jboss.org/mailman/listinfo/keycloak-dev
>> >
>> _______________________________________________
>> keycloak-dev mailing list
>> keycloak-dev(a)lists.jboss.org
>>
https://lists.jboss.org/mailman/listinfo/keycloak-dev
>>
>