Thanks Marek
Indeed with a correct backend realm config [1], I have a Swift iOS helloworld type demo[2]
with request/refresh/revoke tokens working just fine.
Next step, I want to share how to use oauth2 with KC and iOS with a blog post.
++
Corinne
[1]
In this config, you specified product-inventory to be public OAuth
client. In this case, you may delete this line:
https://github.com/corinnekrych/aerogear-backend-cookbook/blob/master/Pro...
because for public applications/oauth clients, you don't need secret at all.
Also I think the exception with revocation is due to incorrect configuration of this
application:
https://github.com/corinnekrych/aerogear-backend-cookbook/blob/master/Pro....
Do you really have this application running and deployed on localhost:8081 ? If not, you
can either delete this or update configurations.
Also it might be good to update to Keycloak 1.0.1.Final as Stian added this fix:
https://issues.jboss.org/browse/KEYCLOAK-682 which cause that logout is not send to all
applications, but just to those when user is really logged into.
Marek
On 22.9.2014 10:28, Corinne Krych wrote:
> Yep indeed i think it’s an error of configuration but not sure which one i should
change. In my use case it’s a oauth2 client app. whe re should I specify the URL redirect
for logout?
> See my config file here:
>
https://github.com/corinnekrych/aerogear-backend-cookbook/blob/master/Pro...
>
> do I need to define a product-inventory app? or a simple oauth2 client is enough?
>
> Best Regards,
> Corinne
> On 22 Sep 2014, at 09:44, Marek Posolda <mposolda(a)redhat.com> wrote:
>
>> Hi,
>>
>> there is exception in the log like:
>>
>> Caused by: org.apache.http.conn.HttpHostConnectException: Connection to
http://localhost:8081 refused
>>
>> isn't it possible that adminURL for some of your applications is not
configured correctly (like there is localhost:8081 instead of localhost:8080)?
>>
>> Btv. I've created JIRA
https://issues.jboss.org/browse/KEYCLOAK-709 as
currently it seems that if ResourceAdminManager.logoutUser wants to call logout to more
applications (like app1 and app2) and logout to app1 fails, then RuntimeException is
thrown and logout to app2 is not called at all, which doesn't seem to be correct
behaviour to me.
>>
>> Marek
>>
>>
>> On 20.9.2014 17:48, Corinne Krych wrote:
>>> Hello
>>>
>>> Trying to implement AGIOS-206 [1] linked to [2], what iI need is a revoke of
all tokens (refresh and access token).
>>>
>>> I've tried ‘logout’ with a refresh token this endpoint:
>>>
http://docs.jboss.org/keycloak/docs/1.0.1.Final/rest-api/realms/%7Brealm%...
>>> for a public client.
>>> I run appliance 1.0-final distribution of key cloak.
>>>
>>> But I run into this exception [3] after a timeout. Anything else I can try or
should I just wait for revoke feature to be implemented in Keycloak?
>>>
>>> ++
>>> Corinne
>>>
>>> [1]
https://issues.jboss.org/browse/AGIOS-206
>>> [2]
https://issues.jboss.org/browse/KEYCLOAK-312
>>> [3]
https://gist.github.com/corinnekrych/53bd73c4e047281a94f1
>>> _______________________________________________
>>> keycloak-dev mailing list
>>> keycloak-dev(a)lists.jboss.org
>>>
https://lists.jboss.org/mailman/listinfo/keycloak-dev