Re: [keycloak-dev] Remove kcinit and text-based authentication flows

It seems that CloudTrust team already made kcinit tests passing in their prototype for Multi-factor authentication. So removing this now may not be so urgent from this perspective - it likely won't help the work regarding WebAuthn and authentication flows to be finished earlier... But will be good to doublecheck. Marek On 19. 09. 19 9:31, Stian Thorgersen wrote: > https://issues.jboss.org/browse/KEYCLOAK-11490 > > On Wed, 18 Sep 2019 at 19:15, Stian Thorgersen <sthorger(a)redhat.com > <mailto:sthorger@redhat.com>> wrote: > > It may be a bit of work to actually get rid of this though. A few > things that needs removing at least: > > * There's both a Java and a Go kcinit > * Tests - I think they even checkout and build the kcinit go library > * Auth flow stuff, including all the duplicated code/classes for > the text mode > * KeycloakInstalled > * Probably other things as well.... > > It does make a lot of sense to get this done though in relation to > the auth work. > > On Wed, 18 Sep 2019, 19:12 Stian Thorgersen, <sthorger(a)redhat.com > <mailto:sthorger@redhat.com>> wrote: > > kc-init was never released or documented. It never got beyond > a prototype. As such it can be removed without any deprecation > period. > > We never used it in OpenShift integration, and have no plans > of doing so. > > > On Wed, 18 Sep 2019, 16:10 Stefan Guilhen, > <sguilhen(a)redhat.com <mailto:sguilhen@redhat.com>> wrote: > > Stian has sent an e-mail to kc-user about a week ago, no > replies so far. > > On Wed, Sep 18, 2019 at 10:50 AM Hynek Mlnarik > <hmlnarik(a)redhat.com <mailto:hmlnarik@redhat.com>> wrote: > > +1 from dev perspective. I believe it is worth > checking with keycloak-user > as well. > > I guess deprecation period would be needed. IIRC, this > was added with OSIN > replacement in mind [1]. Is this plan obsoleted? > > [1] > https://github.com/keycloak/openshift-integration/blob/master/README.md > > On Wed, Sep 18, 2019 at 2:30 PM Marek Posolda > <mposolda(a)redhat.com <mailto:mposolda@redhat.com>> wrote: > > > +1 > > > > Do we have a chance to do it now or is some > "deprecation period" needed? > > It may help to save some work with refactoring of > authentication flows, > > which will be required for multi-token and step-up > authentication support. > > > > Marek > > > > On 06. 09. 19 11:54, Bruno Oliveira wrote: > > > +1 > > > > > > On Fri, Sep 6, 2019 at 6:48 AM Stian Thorgersen > <sthorger(a)redhat.com <mailto:sthorger@redhat.com>> > > wrote: > > >> kcinit and it's associated text-based > authentication flows adds quite a > > bit > > >> of complexity. It was never fully completed and > we don't have capacity > > to > > >> complete it. > > >> > > >> Text-based authentication flows are also not > really all that useful. > > There > > >> are other better approaches to authenticate > devices without a web > > browser, > > >> and when there is a web browser that should be > used rather than cli. > > >> > > >> I propose we remove both kcinit as well as the > text-based authentication > > >> flows. We also need to revert KeycloakInstalled > to how it was prior to > > this > > >> was added as it is currently fairly broken. > > >> _______________________________________________ > > >> keycloak-dev mailing list > > >> keycloak-dev(a)lists.jboss.org > <mailto:keycloak-dev@lists.jboss.org> > > >> https://lists.jboss.org/mailman/listinfo/keycloak-dev > > > > > > > > > > _______________________________________________ > > keycloak-dev mailing list > > keycloak-dev(a)lists.jboss.org > <mailto:keycloak-dev@lists.jboss.org> > > https://lists.jboss.org/mailman/listinfo/keycloak-dev > > > _______________________________________________ > keycloak-dev mailing list > keycloak-dev(a)lists.jboss.org > <mailto:keycloak-dev@lists.jboss.org> > https://lists.jboss.org/mailman/listinfo/keycloak-dev > > > > -- > > Stefan Guilhen > > Principal Software Engineer > > Red Hat<https://www.redhat.com/> > > sguilhen(a)redhat.com <mailto:sguilhen@redhat.com> IM: sguilhen > > @RedHat <https://twitter.com/redhat> Red Hat > <https://www.linkedin.com/company/red-hat> Red Hat > <https://www.facebook.com/RedHatInc> > <https://www.redhat.com/> > _______________________________________________ keycloak-dev mailing list keycloak-dev(a)lists.jboss.org https://lists.jboss.org/mailman/listinfo/keycloak-dev