Funny, OIDC specs itself also has one place when it uses "bearer" . See the example: http://openid.net/specs/openid-connect-core-1_0.html#ImplicitAuthResponse .

Feel free to create JIRA and we can change to "Bearer" . Still, it looks to me more like a bug in django-oidc, which should ignore cases.

Marek

On 16/09/15 18:21, Iván Perdomo wrote:
Hi,

We're trying to integrate a Python/Django application using the
following module https://github.com/marcanpilami/django-oidc and
Keycloak 1.4.0.Final


After a successful user login the process fails because a simple check
in python:

    if token.token_type == "Bearer" and method == "GET":

Right now Keycloak is returning `token_type` as "bearer" and not "Bearer"

Reading the OpenID Connect spec in the section "3.1.3.3. Successful
Token Response"
(https://openid.net/specs/openid-connect-core-1_0.html#TokenResponse)


The OAuth 2.0 token_type response parameter value MUST be Bearer, as >

specified in OAuth 2.0 Bearer Token Usage [RFC6750], unless another

Token Type has been negotiated with the Client.

I checked and the code sets token_type manually,

https://github.com/keycloak/keycloak/blob/master/services/src/main/java/org/keycloak/protocol/oidc/TokenManager.java#L472

Can this be considered a bug?

Thanks,




_______________________________________________
keycloak-user mailing list
keycloak-user@lists.jboss.org
https://lists.jboss.org/mailman/listinfo/keycloak-user