That'd work. As it's not documented we can probably instead just log a
warning to the console?
On Thu, 7 Nov 2019 at 13:55, Jon Koops <jonkoops(a)gmail.com> wrote:
We recently also deprecated non-native promises with the intent to
remove
this behavior in the future. Would it not then make sense to deprecate this
behavior now and remove it eventually? Especially considering this behavior
is not very secure and just adds extra cruft to the adapter code.
On Thu, Nov 7, 2019 at 1:51 PM Stian Thorgersen <sthorger(a)redhat.com>
wrote:
> It might be there from the early days when we didn't have public clients.
> I'd probably just keep it in case someone is using it with a confidential
> client as removing it would break it for them. Although strictly speaking
> you shouldn't use a confidential client with a client-side app.
>
> On Thu, 7 Nov 2019 at 07:42, Michal Hajas <mhajas(a)redhat.com> wrote:
>
> > Hello,
> >
> > in Javascript adapter we have a possibility to configure a client secret
> > [1] in order to use Basic authorization for requests for token endpoint
> > [2]. I haven't found any information in docs about it and I don't
> > understand why we have it there as public clients don't have secrets. Is
> > this useful in some scenarios or we should remove it?
> >
> > Michal
> >
> > [1]
> >
> >
>
https://github.com/keycloak/keycloak/blob/master/adapters/oidc/js/src/mai...
> > &
> > <
>
https://github.com/keycloak/keycloak/blob/master/adapters/oidc/js/src/mai...
> >
> >
> >
>
https://github.com/keycloak/keycloak/blob/master/adapters/oidc/js/src/mai...
> >
> > [2]
> >
> >
>
https://github.com/keycloak/keycloak/blob/master/adapters/oidc/js/src/mai...
> > &
> > <
>
https://github.com/keycloak/keycloak/blob/master/adapters/oidc/js/src/mai...
> >
> >
> >
>
https://github.com/keycloak/keycloak/blob/master/adapters/oidc/js/src/mai...
> > _______________________________________________
> > keycloak-dev mailing list
> > keycloak-dev(a)lists.jboss.org
> >
https://lists.jboss.org/mailman/listinfo/keycloak-dev
> >
> _______________________________________________
> keycloak-dev mailing list
> keycloak-dev(a)lists.jboss.org
>
https://lists.jboss.org/mailman/listinfo/keycloak-dev
>