Sorry for late response. I am personally not seeing any issue with support the redirect_uri "org.aerogear.Shoot://oauth2Callback" . So I suggest to create JIRA for Keycloak 2.0.0.CR1 for add this.

Thanks,
Marek

On 03/05/16 12:33, Corinne Krych wrote:

Hello guys,

Moving cookbook demo AeroGear iOS sdk to Keycloak 1.9.x I noticed that the redirect_uri validation has changes . I used to have "org.aerogear.Shoot://oauth2Callback" for a redirect_uri. In iOS land we used custom schema [1], as a best practice very often the first part of it is defined using the iOS bundle id (Apple unique id) which most of the time contains a mix of upper/lower case letters.

When discussing the subject on irc with @Marek, it seems there might be an issue in RedirectUtils.lowerCaseHostname in

https://github.com/keycloak/keycloak/blob/master/services/src/main/java/org/keycloak/protocol/oidc/utils/RedirectUtils.java#L119

I converted this url to : "org.aerogear.shoot://oauth2Callback" and it works better [2] and did change locally the bundle id of the iOs app. But in KC 1.4.x I was able to use upper case in redirect_uri and for an iOS point of view, it was much more convenient. What is the reasoning behind redirect_uri? Should we use http(s) as the only protocol?

Thanks for your feedback.

++

Corinne

[1] http://iosdevelopertips.com/cocoa/launching-your-own-application-via-a-custom-url-scheme.html

[2] https://github.com/aerogear/aerogear-backend-cookbook/pull/30/files
_______________________________________________
keycloak-dev mailing list
keycloak-dev@lists.jboss.org
https://lists.jboss.org/mailman/listinfo/keycloak-dev