On 8/12/2013 4:19 PM, Gabriel Cardoso wrote:
Hi Bill,
I have some doubts with regards to the issues:
- Issue 16 <
https://issues.jboss.org/browse/KEYCLOAK-16>: When the user
is asked to give permissions, won't they see the pop ups from Facebook
or Google? Or will them see a popup with Keycloak style inside Keycloak?
If so, will they probably have to authorize different permissions of
different social providers, do they?
They will see the popup form FB/Google *AND* if configured, they will
see it from Keycloak as well. Facebook and Google may not have the
notion of the permissions that are requested by the OAuth client.
- Issue 17 <
https://issues.jboss.org/browse/KEYCLOAK-17>: With
regards
to the OAuth grants, same doubt, is not this made in Google?
Only for information provided by Google applications, AFAIK, i.e. Email,
contacts, etc. For example,
event-announcer.com may want permission to
view your events on
event-juggler.com. Google doesn't know anything
about this. It only knows about google applications.
- Issue 24 <
https://issues.jboss.org/browse/KEYCLOAK-24>: I
guess it is
related to 17 and 16.
While you wouldn't manage credentials within a social Account management
page, you might want to revoke keycloak-specific grants you've given in
Issue 16 and 17. You might want to unregister here too.
--
Bill Burke
JBoss, a division of Red Hat
http://bill.burkecentral.com