I provided a fix with a small modification in
BearerTokenRequestAuthenticator.authenticateToken(HttpFacade exchange,
String tokenString).
Please fix for 1.2 Final.
On Tue, Apr 21, 2015 at 12:46 PM Leonardo Loch Zanivan <
leonardo.zanivan(a)gmail.com> wrote:
Serialization works fine with BearerRequestAuthentication or
Bearer/DirectLoginModule. The only problem is
BasicAuthRequestAuthentication.
In RequestAuthentication.java, RefreshableKeycloakSecurityContext is
created with Bearer.getTokenString(), but token string has Basic Auth
credentials instead of access token.
I'll create a JIRA for this.
On Tue, Apr 21, 2015 at 4:17 AM Marek Posolda <mposolda(a)redhat.com> wrote:
> That's strange, serialization and deserialization of
> KeycloakSecurityContext should work fine. KeycloakSecurityContext actually
> uses java custom serialization (it implements writeObject and readObject
> methods). So during deserialization it calls readObject and creates
> AccessToken and IDToken from the base64 encoded token. This works fine in
> cluster and we also have the test for it:
>
https://github.com/keycloak/keycloak/blob/master/core/src/test/java/org/k...
> .
>
> If you still seeing issues and you think that it's bug, feel free to
> create JIRA. But please add the exact steps to reproduce to the JIRA.
>
> Thanks,
> Marek
>
>
> On 21.4.2015 00:50, Leonardo Loch Zanivan wrote:
>
> Hi,
>
> I'm facing a problem while deserializing KeycloakSecurityContext of a
> Basic Auth KeycloakAccount.
>
> KeycloakSecurityContext stores Basic Auth base64 token instead of Access
> Token, so deserialization code fail!
>
> *String[] parts = encoded.split("\\."); if (parts.length < 2 ||
> parts.length > 3) throw new IllegalArgumentException("Parsing error");*
>
>
https://github.com/keycloak/keycloak/blob/master/core/src/main/java/org/k...
>
>
> _______________________________________________
> keycloak-dev mailing
listkeycloak-dev@lists.jboss.orghttps://lists.jboss.org/mailman/listinfo/keycloak-dev
>
>
>