On Thu, 28 Nov 2019 at 13:44, Armin Roșu <armin.rosu(a)gmail.com> wrote:
On Tue, Nov 26, 2019 at 4:15 PM Stian Thorgersen <sthorger at
redhat.com>
wrote:
> With regards to a new version of keycloak.js the question comes up if
> AppAuth-JS [1] can be used instead.
>
> [1]
https://github.com/openid/AppAuth-JS
This sounds like a good approach long-term. Less code to maintain.
Interestingly, AppAuth-JS is 10x less installed than Keycloak-JS:
-
https://www.npmjs.com/package/@openid/appauth
-
https://www.npmjs.com/package/keycloak-js
What do you think about oidc-client-js, the official openID-connect JS
client?
oidc-client-js is not the official OIDC JS client, but rather a JS library
from IdentityServer which is OIDC certified.
AppAuth is actually hosted in OpenID repositories, so I would imagine that
is more the official client.
However, the impact would be large. Tests, examples and UIs need to be
updated and I don't see how that can be done progressively.
Do you have an idea how we can break this down? e.g. Implement AppAuth
in the admin console first, then deprecate keycloak-js and update the
tests?
We should also consider the impact to keycloak-js users. This will be
a major breaking change and adoption will be slow, unless there are
clear benefits.
I think we should clear up if a public client would suit us better
than keycloak-js before addressing the repository & rewrite
discussion.
What do you think?
_______________________________________________
keycloak-dev mailing list
keycloak-dev(a)lists.jboss.org
https://lists.jboss.org/mailman/listinfo/keycloak-dev