guys, let me comment that this is open source :) so something is not there?
work on it!
this is not a product you pay for, who is working paid by a company on it,
it's doing it inline with the corporate strategy, which may means that if a
feature
is not a priority for their company, despite they understand its
importance, they may not give it priority.
take care,
federico
On Fri, 26 Jul 2019 at 19:21, Nick Powers <sshscp(a)gmail.com> wrote:
Yes, I received a response to a message in the user mailing list
that
identified where I needed to enable it. Please ignore my original email on
this as I was able to enable this by turning on Request refresh token in
the IDP configuration in the Keycloak GUI. This is currently an
undocumented feature. Hopefully it will make it into the documentation
soon.
I apologize for the harshness of my original email, I was just at my wits
end. I would have responded to this sooner but I don't know how I can
respond to my own messages in this mailing list, since I do not receive me
own message in my inbox.
Thanks,
Nick
On Fri, Jul 26, 2019 at 9:47 AM Thomas Darimont <
thomas.darimont(a)googlemail.com> wrote:
> Hello Nick,
>
> "All it would take is to add "access_type=offline" to the Google auth
URL
> and yet still it is broken, they just don't care enough to do even that
> simple task."
>
> isn't this already implemented?
> See:
>
>
https://github.com/keycloak/keycloak/blob/master/services/src/main/java/o...
>
>
> What's missing?
>
> Cheers,
> Thomas
>
> On Thu, 25 Jul 2019 at 21:40, Nick Powers <sshscp(a)gmail.com> wrote:
>
>> I have wasted so much time deploying Keycloak to only learn in the end
>> that
>> it doesn't support Google offline access and thus cannot retrieve Google
>> refresh tokens. I am not alone, there are many messages in both the
>> Keycloak user and dev mailing lists discussing the lack of offline
access
>> for Google IDP on Keycloak.
>>
>> When this comes up in the user mailing list the messages are generally
not
>> responded to. Which makes sense since there is not a working solution
to
>> receive Google refresh tokens using Keycloak's Google IDP solution. It
is
>> broken and thus the users cannot provide a solution.
>>
>> When this comes up in this (the dev) mailing list, it is again ignored
or
>> it is debated but end up with the same sentiment, that offline access /
>> refresh tokens from Google IDP is not a worthwhile feature. I found
many
>> messages in the dev mailing list, spanning from 4 years ago to current
>> identifying this issue and yet it remains unfixed. All it would take is
>> to
>> add "access_type=offline" to the Google auth URL and yet still it is
>> broken, they just don't care enough to do even that simple task. They
>> think that it is silly that anyone would need a Google refresh token.
>>
>> I found the code segment that related to Google offline access in
Keycloak
>> and there was a comment that identified an email address of the person
who
>> wrote that section of code. It was a Red Hat email, from regular user
on
>> this mailing list. I reached out to him and his response was that he
had
>> no time to respond to my query and that Red Hat does not support
Keycloak.
>> Maybe don't put your email into code you don't want to get queries on?
So,
>> if Red Hat is not supporting their own project, in any regard, and the
>> devs
>> have no intention of fixing this bug the assumption is that Google IDP
>> will
>> never be fixed.
>>
>> If you landed on this message, now or in the future, in hopes of
finding a
>> solution to get Google refresh tokens from Keycloak IDP all I can do is
>> try
>> to save you some time and say that Google IDP on Keycloak is currently
>> broken in that regards and if the past is any indication the devs have
no
>> intention of fixing the code to allow that access.
>>
>> If any devs on this list disagree with this message then please let me
>> know
>> what I have missed and point me in the direction of a solution for this
>> issue....... I didn't think so.
>>
>> :(
>> _______________________________________________
>> keycloak-dev mailing list
>> keycloak-dev(a)lists.jboss.org
>>
https://lists.jboss.org/mailman/listinfo/keycloak-dev
>>
>
_______________________________________________
keycloak-dev mailing list
keycloak-dev(a)lists.jboss.org
https://lists.jboss.org/mailman/listinfo/keycloak-dev
--
*Dr. FEDERICO MICHELE FACCA*
*CTO, Head of Martel Lab*
+41 788075838
*MARTEL INNOVATE* <
https://www.martel-innovate.com/> - INNOVATION, WE MAKE
IT HAPPEN
Click *HERE* to download Martel reports and white papers!
<
https://www.martel-innovate.com/premium-content/>
Follow us on *TWITTER* <
https://twitter.com/Martel_Innovate>