5 a.m.
Hi all,
How is the addition of new identity providers handled in this project? I'd love to
have a vk.com integration in keycloak. After some search, I've found this pull request
[1] which adds PayPal as a new IdP. I think it's a pretty good "blueprint"
of how to add a new IdP. I plan to give it a try and implement vk.com. This raises the
following questions:
1) Is this implementation of a vk.com IdP something the project is interested in?
2) Does the answer to 1) apply to all IdPs? I mean vk.com is a quite large social network.
What about some less known websites providing OAuth2 authentication. Would *any* IdP be
added to the project? Are there certain criteria from which you can decide?
3) What do you think about a feature which would enable to "configure" arbitrary
OAuth2 Providers as IdP using the Admin Console? To me most of the implementations of
org.keycloak.broker.oidc.AbstractOAuth2IdentityProvider look pretty similar. The main
differences are how to interpret the responses of the IdP: I wonder whether this could be
generalised.
I look forward to your answers,
Kind Regards,
Wladislaw
[1] https://github.com/keycloak/keycloak/pull/4449
4:20 a.m.
There's already support for generic OIDC providers. Generic OAuth2 doesn't
make all that much sense as it doesn't provide standard ways to obtain user
profiles or do logouts. Does vk.com support OIDC (ID token and userinfo
endpoint)? If so you can already use it with Keycloak without adding a
custom provider for it.
We've not had any requests for vk.com until now so we would probably not
accept it into the core Keycloak codebase. This is simply down to
maintenance. If you want to develop a plugin though we can link to it from
the extensions list on keycloak.org.
On Wed, 19 Dec 2018 at 12:03, Wladislaw Mitzel <mitzel(a)tawadi.de> wrote:
Hi all,
How is the addition of new identity providers handled in this project? I'd
love to have a vk.com integration in keycloak. After some search, I've
found this pull request [1] which adds PayPal as a new IdP. I think it's a
pretty good "blueprint" of how to add a new IdP. I plan to give it a try
and implement vk.com. This raises the following questions:
1) Is this implementation of a vk.com IdP something the project is
interested in?
2) Does the answer to 1) apply to all IdPs? I mean vk.com is a quite
large social network. What about some less known websites providing OAuth2
authentication. Would *any* IdP be added to the project? Are there certain
criteria from which you can decide?
3) What do you think about a feature which would enable to "configure"
arbitrary OAuth2 Providers as IdP using the Admin Console? To me most of
the implementations of
org.keycloak.broker.oidc.AbstractOAuth2IdentityProvider look pretty
similar. The main differences are how to interpret the responses of the
IdP: I wonder whether this could be generalised.
I look forward to your answers,
Kind Regards,
Wladislaw
[1] https://github.com/keycloak/keycloak/pull/4449
_______________________________________________
keycloak-dev mailing list
keycloak-dev(a)lists.jboss.org
https://lists.jboss.org/mailman/listinfo/keycloak-dev
2185
days inactive
2199
days old
1 comments
2 participants
participants (2)
-
Stian Thorgersen -
Wladislaw Mitzel