I don't think we remove KeycloakInstalled. We may just need to revert to
the state before kcinit was introduced.
Marek
On 19. 09. 19 9:59, Thomas Darimont wrote:
Hello,
The KeycloakInstalled is part of the keycloak-installed-adapter which
is used by some folks to authenticate Desktop Apps (via a browser
based flow).
Do you really want to remove KeycloakInstalled completely or just the
CLI based interaction logic?
Cheers,
Thomas
On Thu, 19 Sep 2019 at 09:53, Marek Posolda <mposolda(a)redhat.com
<mailto:mposolda@redhat.com>> wrote:
It seems that CloudTrust team already made kcinit tests passing in
their
prototype for Multi-factor authentication. So removing this now
may not
be so urgent from this perspective - it likely won't help the work
regarding WebAuthn and authentication flows to be finished earlier...
But will be good to doublecheck.
Marek
On 19. 09. 19 9:31, Stian Thorgersen wrote:
>
https://issues.jboss.org/browse/KEYCLOAK-11490
>
> On Wed, 18 Sep 2019 at 19:15, Stian Thorgersen
<sthorger(a)redhat.com <mailto:sthorger@redhat.com>
> <mailto:sthorger@redhat.com <mailto:sthorger@redhat.com>>>
wrote:
>
> It may be a bit of work to actually get rid of this though.
A few
> things that needs removing at least:
>
> * There's both a Java and a Go kcinit
> * Tests - I think they even checkout and build the kcinit go
library
> * Auth flow stuff, including all the duplicated code/classes for
> the text mode
> * KeycloakInstalled
> * Probably other things as well....
>
> It does make a lot of sense to get this done though in
relation to
> the auth work.
>
> On Wed, 18 Sep 2019, 19:12 Stian Thorgersen,
<sthorger(a)redhat.com <mailto:sthorger@redhat.com>
> <mailto:sthorger@redhat.com <mailto:sthorger@redhat.com>>>
wrote:
>
> kc-init was never released or documented. It never got
beyond
> a prototype. As such it can be removed without any
deprecation
> period.
>
> We never used it in OpenShift integration, and have no plans
> of doing so.
>
>
> On Wed, 18 Sep 2019, 16:10 Stefan Guilhen,
> <sguilhen(a)redhat.com <mailto:sguilhen@redhat.com>
<mailto:sguilhen@redhat.com <mailto:sguilhen@redhat.com>>> wrote:
>
> Stian has sent an e-mail to kc-user about a week ago, no
> replies so far.
>
> On Wed, Sep 18, 2019 at 10:50 AM Hynek Mlnarik
> <hmlnarik(a)redhat.com <mailto:hmlnarik@redhat.com>
<mailto:hmlnarik@redhat.com <mailto:hmlnarik@redhat.com>>> wrote:
>
> +1 from dev perspective. I believe it is worth
> checking with keycloak-user
> as well.
>
> I guess deprecation period would be needed.
IIRC, this
> was added with OSIN
> replacement in mind [1]. Is this plan obsoleted?
>
> [1]
>
https://github.com/keycloak/openshift-integration/blob/master/README.md
>
> On Wed, Sep 18, 2019 at 2:30 PM Marek Posolda
> <mposolda(a)redhat.com
<mailto:mposolda@redhat.com> <mailto:mposolda@redhat.com
<mailto:mposolda@redhat.com>>> wrote:
>
> > +1
> >
> > Do we have a chance to do it now or is some
> "deprecation period" needed?
> > It may help to save some work with refactoring of
> authentication flows,
> > which will be required for multi-token and step-up
> authentication support.
> >
> > Marek
> >
> > On 06. 09. 19 11:54, Bruno Oliveira wrote:
> > > +1
> > >
> > > On Fri, Sep 6, 2019 at 6:48 AM Stian Thorgersen
> <sthorger(a)redhat.com
<mailto:sthorger@redhat.com> <mailto:sthorger@redhat.com
<mailto:sthorger@redhat.com>>>
> > wrote:
> > >> kcinit and it's associated text-based
> authentication flows adds quite a
> > bit
> > >> of complexity. It was never fully completed and
> we don't have capacity
> > to
> > >> complete it.
> > >>
> > >> Text-based authentication flows are also not
> really all that useful.
> > There
> > >> are other better approaches to authenticate
> devices without a web
> > browser,
> > >> and when there is a web browser that should be
> used rather than cli.
> > >>
> > >> I propose we remove both kcinit as well as the
> text-based authentication
> > >> flows. We also need to revert KeycloakInstalled
> to how it was prior to
> > this
> > >> was added as it is currently fairly broken.
> > >> _______________________________________________
> > >> keycloak-dev mailing list
> > >> keycloak-dev(a)lists.jboss.org
<mailto:keycloak-dev@lists.jboss.org>
> <mailto:keycloak-dev@lists.jboss.org
<mailto:keycloak-dev@lists.jboss.org>>
> > >>
https://lists.jboss.org/mailman/listinfo/keycloak-dev
> > >
> > >
> >
> > _______________________________________________
> > keycloak-dev mailing list
> > keycloak-dev(a)lists.jboss.org
<mailto:keycloak-dev@lists.jboss.org>
> <mailto:keycloak-dev@lists.jboss.org
<mailto:keycloak-dev@lists.jboss.org>>
> >
https://lists.jboss.org/mailman/listinfo/keycloak-dev
> >
> _______________________________________________
> keycloak-dev mailing list
> keycloak-dev(a)lists.jboss.org <mailto:keycloak-dev@lists.jboss.org>
> <mailto:keycloak-dev@lists.jboss.org
<mailto:keycloak-dev@lists.jboss.org>>
>
https://lists.jboss.org/mailman/listinfo/keycloak-dev
>
>
>
> --
>
> Stefan Guilhen
>
> Principal Software Engineer
>
> Red
Hat<https://www.redhat.com/>
>
> sguilhen(a)redhat.com <mailto:sguilhen@redhat.com>
<mailto:sguilhen@redhat.com <mailto:sguilhen@redhat.com>> IM: sguilhen
>
> @RedHat <
https://twitter.com/redhat> Red Hat
> <https://www.linkedin.com/company/red-hat> Red Hat
> <https://www.facebook.com/RedHatInc>
> <https://www.redhat.com/>
>
_______________________________________________
keycloak-dev mailing list
keycloak-dev(a)lists.jboss.org <mailto:keycloak-dev@lists.jboss.org>
https://lists.jboss.org/mailman/listinfo/keycloak-dev