Funny, OIDC specs itself also has one place when it uses "bearer" . See
the example:
http://openid.net/specs/openid-connect-core-1_0.html#ImplicitAuthResponse .
Feel free to create JIRA and we can change to "Bearer" . Still, it looks
to me more like a bug in django-oidc, which should ignore cases.
Marek
On 16/09/15 18:21, Iván Perdomo wrote:
Hi,
We're trying to integrate a Python/Django application using the
following module
https://github.com/marcanpilami/django-oidc and
Keycloak 1.4.0.Final
After a successful user login the process fails because a simple check
in python:
if token.token_type == "Bearer" and method == "GET":
Right now Keycloak is returning `token_type` as "bearer" and not
"Bearer"
Reading the OpenID Connect spec in the section "3.1.3.3. Successful
Token Response"
(
https://openid.net/specs/openid-connect-core-1_0.html#TokenResponse)
> The OAuth 2.0 token_type response parameter value MUST be Bearer, as >
specified in OAuth 2.0 Bearer Token Usage [RFC6750], unless another
> Token Type has been negotiated with the Client.
I checked and the code sets token_type manually,
https://github.com/keycloak/keycloak/blob/master/services/src/main/java/o...
Can this be considered a bug?
Thanks,
_______________________________________________
keycloak-user mailing list
keycloak-user(a)lists.jboss.org
https://lists.jboss.org/mailman/listinfo/keycloak-user