4:26 p.m.
Since we're using client secret now to authenticate clients, I changed
the protocol to use Basic Auth as per the OAuth and OpenId Connect
specs. I updated the javascript adapter to use basic auth (I think),
but I don't have an app to test against.
P.S.
I hear Marek laughing and/or cursing at me in the background...
--
Bill Burke
JBoss, a division of Red Hat
http://bill.burkecentral.com
2:18 a.m.
On 20.2.2014 23:26, Bill Burke wrote:
Since we're using client secret now to authenticate clients, I
changed
the protocol to use Basic Auth as per the OAuth and OpenId Connect
specs. I updated the javascript adapter to use basic auth (I think),
but I don't have an app to test against.
P.S.
I hear Marek laughing and/or cursing at me in the background...
You say that:-)
For JS apps, we may also need to test cors, which I mentioned in
https://issues.jboss.org/browse/KEYCLOAK-328
Isn't the app here
https://github.com/keycloak/keycloak/tree/master/examples/demo-template/c...
?
Marek
7:48 a.m.
On 2/21/2014 3:18 AM, Marek Posolda wrote:
On 20.2.2014 23:26, Bill Burke wrote:
> Since we're using client secret now to authenticate clients, I changed
> the protocol to use Basic Auth as per the OAuth and OpenId Connect
> specs. I updated the javascript adapter to use basic auth (I think),
> but I don't have an app to test against.
>
>
> P.S.
>
> I hear Marek laughing and/or cursing at me in the background...
You say that:-)
For JS apps, we may also need to test cors, which I mentioned in
https://issues.jboss.org/browse/KEYCLOAK-328
Isn't the app here
https://github.com/keycloak/keycloak/tree/master/examples/demo-template/c...
?
BTW, looking at OpenID connect there are multiple options you can
configure for client authentication, Basic Auth is only one of them.
--
Bill Burke
JBoss, a division of Red Hat
http://bill.burkecentral.com
4:52 a.m.
----- Original Message -----
From: "Bill Burke" <bburke(a)redhat.com>
To: keycloak-dev(a)lists.jboss.org
Sent: Thursday, 20 February, 2014 10:26:05 PM
Subject: [keycloak-dev] /tokens/access/codes now uses Basic Auth
Since we're using client secret now to authenticate clients, I changed
the protocol to use Basic Auth as per the OAuth and OpenId Connect
specs. I updated the javascript adapter to use basic auth (I think),
but I don't have an app to test against.
Checked and it works fine.
I added customer-portal-js to example, but didn't get around to updating docs on how
to deploy it. Currently you need to edit the html to set the realm, clientId and
clientSecret before deploying.
What I've used to test it with is:
<html>
<head>
<script src="keycloak.js"></script>
</head>
<body>
<button onclick="keycloak.login()">Login</button>
<script>
var keycloak = Keycloak({ realm: 'test', clientId: 'test',
clientSecret: '17c72dd3-a26c-40e7-91a3-cbbb1636789c' });
keycloak.init(function () {
console.debug('Token: ' + keycloak.tokenParsed);
console.debug('Realm access: ' + keycloak.realmAccess);
console.debug('Resource access: ' + keycloak.resourceAccess);
keycloak.loadUserProfile(function (profile) {
console.debug(profile);
}, function (error) {
console.debug(error);
})
});
</script>
</body>
</html>
P.S.
I hear Marek laughing and/or cursing at me in the background...
--
Bill Burke
JBoss, a division of Red Hat
http://bill.burkecentral.com
_______________________________________________
keycloak-dev mailing list
keycloak-dev(a)lists.jboss.org
https://lists.jboss.org/mailman/listinfo/keycloak-dev
3980
days inactive
3981
days old
3 comments
3 participants
participants (3)
-
Bill Burke -
Marek Posolda -
Stian Thorgersen