Re: [keycloak-dev] Token validator endpoint (for humans)
We already have a realm resource provider which adds directly under realm
(/auth/realms/<realm name>/<resource provider id>). See
https://github.com/stianst/keycloak-experimental/blob/master/token-valida...
.
The URL for this thing is: /auth/realms/master/token-validator
Perhaps we could extend the realm resource provider to allow not just
adding directly under realms, but under any arbitrary path? Not sure if
RestEasy allows that though.
On 5 April 2018 at 15:41, Bill Burke <bburke(a)redhat.com> wrote:
+1
Question, how are you adding this endpoint? Under ../protocol/oidc?
The kubernetes integration needs a similar validation endpoint that
outputs a document that kubernetes consumes. What I did is create an
entirely new protocol. Maybe a protocol extension endpoint would be
better?
Object createExtensionEndpoint(String providerId)
The returned Object would be a JAX-RS sub resource.
Then the base endpoint would be .../protocol/oidc/extensions/{provider-id}
On Thu, Apr 5, 2018 at 8:04 AM, Stian Thorgersen <sthorger(a)redhat.com>
wrote:
> I added an example token validator endpoint that I needed for some
> demonstration purposes. Question would this be useful to add directly to
> Keycloak?
>
> It provides a simple form where you can paste in the base64 token. It
will
> then output the header, claims and whether or not the token is valid. It
> uses realm keys to verify the signature so you don't have to paste that
in
> manually (like you do on jwt.io).
>
> For those to lazy to try it out I've attached a screenshot.
>
> _______________________________________________
> keycloak-dev mailing list
> keycloak-dev(a)lists.jboss.org
> https://lists.jboss.org/mailman/listinfo/keycloak-dev
--
Bill Burke
Red Hat