Re: [keycloak-dev] Remove kcinit and text-based authentication flows

https://issues.jboss.org/browse/KEYCLOAK-11490 On Wed, 18 Sep 2019 at 19:15, Stian Thorgersen <sthorger(a)redhat.com <mailto:sthorger@redhat.com>> wrote: It may be a bit of work to actually get rid of this though. A few things that needs removing at least: * There's both a Java and a Go kcinit * Tests - I think they even checkout and build the kcinit go library * Auth flow stuff, including all the duplicated code/classes for the text mode * KeycloakInstalled * Probably other things as well.... It does make a lot of sense to get this done though in relation to the auth work. On Wed, 18 Sep 2019, 19:12 Stian Thorgersen, <sthorger(a)redhat.com <mailto:sthorger@redhat.com>> wrote: kc-init was never released or documented. It never got beyond a prototype. As such it can be removed without any deprecation period. We never used it in OpenShift integration, and have no plans of doing so. On Wed, 18 Sep 2019, 16:10 Stefan Guilhen, <sguilhen(a)redhat.com <mailto:sguilhen@redhat.com>> wrote: Stian has sent an e-mail to kc-user about a week ago, no replies so far. On Wed, Sep 18, 2019 at 10:50 AM Hynek Mlnarik <hmlnarik(a)redhat.com <mailto:hmlnarik@redhat.com>> wrote: +1 from dev perspective. I believe it is worth checking with keycloak-user as well. I guess deprecation period would be needed. IIRC, this was added with OSIN replacement in mind [1]. Is this plan obsoleted? [1] https://github.com/keycloak/openshift-integration/blob/master/README.md On Wed, Sep 18, 2019 at 2:30 PM Marek Posolda <mposolda(a)redhat.com <mailto:mposolda@redhat.com>> wrote: > +1 > > Do we have a chance to do it now or is some "deprecation period" needed? > It may help to save some work with refactoring of authentication flows, > which will be required for multi-token and step-up authentication support. > > Marek > > On 06. 09. 19 11:54, Bruno Oliveira wrote: > > +1 > > > > On Fri, Sep 6, 2019 at 6:48 AM Stian Thorgersen <sthorger(a)redhat.com <mailto:sthorger@redhat.com>> > wrote: > >> kcinit and it's associated text-based authentication flows adds quite a > bit > >> of complexity. It was never fully completed and we don't have capacity > to > >> complete it. > >> > >> Text-based authentication flows are also not really all that useful. > There > >> are other better approaches to authenticate devices without a web > browser, > >> and when there is a web browser that should be used rather than cli. > >> > >> I propose we remove both kcinit as well as the text-based authentication > >> flows. We also need to revert KeycloakInstalled to how it was prior to > this > >> was added as it is currently fairly broken. > >> _______________________________________________ > >> keycloak-dev mailing list > >> keycloak-dev(a)lists.jboss.org <mailto:keycloak-dev@lists.jboss.org> > >> https://lists.jboss.org/mailman/listinfo/keycloak-dev > > > > > > _______________________________________________ > keycloak-dev mailing list > keycloak-dev(a)lists.jboss.org <mailto:keycloak-dev@lists.jboss.org> > https://lists.jboss.org/mailman/listinfo/keycloak-dev > _______________________________________________ keycloak-dev mailing list keycloak-dev(a)lists.jboss.org <mailto:keycloak-dev@lists.jboss.org> https://lists.jboss.org/mailman/listinfo/keycloak-dev -- Stefan Guilhen Principal Software Engineer Red Hat<https://www.redhat.com/> sguilhen(a)redhat.com <mailto:sguilhen@redhat.com> IM: sguilhen @RedHat <https://twitter.com/redhat> Red Hat <https://www.linkedin.com/company/red-hat> Red Hat <https://www.facebook.com/RedHatInc> <https://www.redhat.com/>