3:40 a.m.
Hello,
I’m trying to do OpenId Connect Authentication using the Authorization Code Flow with the
client library openid-client-js library. It behaves conformant to the specification.
If you are doing the Authorization Code Flow without using a server-side component to
exchange the code for a token (which you can/should do according to the security best
practices recommendation), you run into a problem. The browser needs to exchange the code
for a token and therefore perform a CORS request on the token endpoint.
The token endpoint currently does not have CORS enabled, as far as the response is telling
me.
How to enable it?
Mit freundlichen Grüßen/ Best Regards,
David Sautter
Rohde & Schwarz GmbH & Co. KG
Postbox 80 14 69, D-81614 Muenchen
Dept. 1DS5
Fon: +49 89 4129 15256
Email: David.Sautter@rohde-schwarz.com<mailto:David.Sautter@rohde-schwarz.com>
Der Inhalt dieses E-Mails ist ausschliesslich für den/die beabsichtigten Adressaten
bestimmt. Es kann Informationen enthalten, die vertraulich und/oder rechtlich geschützt
sind. Jegliche Ansicht, Weiterleitung, Verbreitung oder Nutzung durch andere Personen oder
Stellen als durch den beabsichtigten Adressaten ist verboten.
Falls Sie diese E-Mail irrtümlicherweise erhalten haben, informieren Sie bitte den
Absender und löschen Sie das Datenmaterial von Ihrem Computer.
If you are not the intended recipient of this message, you are hereby notified that any
dissemination, use or distribution of this message is unauthorized and prohibited. Please
immediately notify the sender that you have received this mes-sage and destroy the
original.
Although this message has been checked for viruses, it is not guaranteed to be virus-free.
You are strongly advised to perform another virus check of any attachment before opening
it.
Geschäftsführung / Executive Board: Christian Leicher (Vorsitzender / Chairman), Peter
Riedel, Sitz der Gesellschaft / Company's Place of Business: München, Registereintrag
/ Commercial Register No.: HRA 16 270, Persönlich haftender Gesellschafter / Personally
Liable Partner: RUSEG Verwaltungs-GmbH, Sitz der Gesellschaft / Company's Place of
Business: München, Registereintrag / Commercial Register No.: HRB 7 534,
Umsatzsteuer-Identifikationsnummer (USt-IdNr.) / VAT Identification No.: DE 130 256 683,
Elektro-Altgeräte Register (EAR) / WEEE Register No.: DE 240 437 86
3:50 a.m.
Hi,
Have you set the "Web Origins" field in the client configuration on the
keycloak webconsole ?
That should be enough.
Sebi
On Thu, Sep 5, 2019 at 10:47 AM David Sautter <
David.Sautter(a)rohde-schwarz.com> wrote:
Hello,
I’m trying to do OpenId Connect Authentication using the Authorization
Code Flow with the client library openid-client-js library. It behaves
conformant to the specification.
If you are doing the Authorization Code Flow without using a server-side
component to exchange the code for a token (which you can/should do
according to the security best practices recommendation), you run into a
problem. The browser needs to exchange the code for a token and therefore
perform a CORS request on the token endpoint.
The token endpoint currently does not have CORS enabled, as far as the
response is telling me.
How to enable it?
Mit freundlichen Grüßen/ Best Regards,
David Sautter
Rohde & Schwarz GmbH & Co. KG
Postbox 80 14 69, D-81614 Muenchen
Dept. 1DS5
Fon: +49 89 4129 15256
Email: David.Sautter(a)rohde-schwarz.com<mailto:
David.Sautter(a)rohde-schwarz.com>
Der Inhalt dieses E-Mails ist ausschliesslich für den/die beabsichtigten
Adressaten bestimmt. Es kann Informationen enthalten, die vertraulich
und/oder rechtlich geschützt sind. Jegliche Ansicht, Weiterleitung,
Verbreitung oder Nutzung durch andere Personen oder Stellen als durch den
beabsichtigten Adressaten ist verboten.
Falls Sie diese E-Mail irrtümlicherweise erhalten haben, informieren Sie
bitte den Absender und löschen Sie das Datenmaterial von Ihrem Computer.
If you are not the intended recipient of this message, you are hereby
notified that any dissemination, use or distribution of this message is
unauthorized and prohibited. Please immediately notify the sender that you
have received this mes-sage and destroy the original.
Although this message has been checked for viruses, it is not guaranteed
to be virus-free. You are strongly advised to perform another virus check
of any attachment before opening it.
Geschäftsführung / Executive Board: Christian Leicher (Vorsitzender /
Chairman), Peter Riedel, Sitz der Gesellschaft / Company's Place of
Business: München, Registereintrag / Commercial Register No.: HRA 16 270,
Persönlich haftender Gesellschafter / Personally Liable Partner: RUSEG
Verwaltungs-GmbH, Sitz der Gesellschaft / Company's Place of Business:
München, Registereintrag / Commercial Register No.: HRB 7 534,
Umsatzsteuer-Identifikationsnummer (USt-IdNr.) / VAT Identification No.: DE
130 256 683, Elektro-Altgeräte Register (EAR) / WEEE Register No.: DE 240
437 86
_______________________________________________
keycloak-user mailing list
keycloak-user(a)lists.jboss.org
https://lists.jboss.org/mailman/listinfo/keycloak-user
1939
days inactive
1939
days old
1 comments
2 participants
participants (2)
-
David Sautter -
Sebastien Blanc