7:43 a.m.
Hi guys,
I am currently evaluating Keycloak and so far I have only two complaints:
1. The implicit flow is not supported, but I already found a Jira issue for
that. How realistic is it that the feature comes with 1.7CR1?
2. When the client consent is needed for an application, which uses the
password grant flow, the flow fails all the time... Even if the consent has
been given. This seems an easy to fix bug. Will you fix that? Should I
write a fix and make a pull request?
Otherwise good stuff so far :)
Best regards,
Paul
9:50 a.m.
On 05/11/15 14:43, Paul Wolf wrote:
Hi guys,
I am currently evaluating Keycloak and so far I have only two complaints:
1. The implicit flow is not supported, but I already found a Jira
issue for that. How realistic is it that the feature comes with 1.7CR1?
It's planned and very realistic that it really happens :-)
2. When the client consent is needed for an application, which uses
the password grant flow, the flow fails all the time... Even if the
consent has been given. This seems an easy to fix bug. Will you fix
that? Should I write a fix and make a pull request?
+1
makes sense to me to let the password grant flow happen if consent has
been already given. Feel free to create JIRA and PR will be even better.
Current checking of consent is done in
AuthenticationManager.actionRequired method. I hope you can extract the
consent checking to separate method and reuse it.
Marek
Otherwise good stuff so far :)
Best regards,
Paul
_______________________________________________
keycloak-dev mailing list
keycloak-dev(a)lists.jboss.org
https://lists.jboss.org/mailman/listinfo/keycloak-dev
2:34 p.m.
Thanks for your answer,
for the password grant flow i created:
- a JIRA issue: https://issues.jboss.org/browse/KEYCLOAK-2038
- and a pull request: https://github.com/keycloak/keycloak/pull/1792
Is it ok like that? Can I expect the change for the comming release?
Paul
2015-11-05 16:50 GMT+01:00 Marek Posolda <mposolda(a)redhat.com>:
On 05/11/15 14:43, Paul Wolf wrote:
Hi guys,
I am currently evaluating Keycloak and so far I have only two complaints:
1. The implicit flow is not supported, but I already found a Jira issue for
that. How realistic is it that the feature comes with 1.7CR1?
It's planned and very realistic that it really happens :-)
2. When the client consent is needed for an application, which uses the
password grant flow, the flow fails all the time... Even if the consent has
been given. This seems an easy to fix bug. Will you fix that? Should I write
a fix and make a pull request?
+1
makes sense to me to let the password grant flow happen if consent has been
already given. Feel free to create JIRA and PR will be even better. Current
checking of consent is done in AuthenticationManager.actionRequired method.
I hope you can extract the consent checking to separate method and reuse it.
Marek
Otherwise good stuff so far :)
Best regards,
Paul
_______________________________________________
keycloak-dev mailing list
keycloak-dev(a)lists.jboss.org
https://lists.jboss.org/mailman/listinfo/keycloak-dev
3663
days inactive
3663
days old
2 comments
2 participants
participants (2)
-
Marek Posolda -
Paul Wolf