[keycloak-dev] Social saving state

Stian Thorgersen stian at redhat.com
Thu Aug 1 12:53:43 EDT 2013


Cool, I'll do the same!

I've got login with Google and Twitter working with the demo now. Haven't tried oauth grant yet, but should work. I also need to clean-up the code a bit before committing, but expect something tomorrow :)

----- Original Message -----
> From: "Bill Burke" <bburke at redhat.com>
> To: keycloak-dev at lists.jboss.org
> Sent: Thursday, 1 August, 2013 5:19:10 PM
> Subject: Re: [keycloak-dev] Social saving state
> 
> I've been doing it in memory.
> 
> On 8/1/2013 11:45 AM, Stian Thorgersen wrote:
> > The social providers needs to save some state between a request and a
> > callback (client_id, state, etc.). I've come up with 3 alternatives of how
> > to save this state:
> >
> > * In http session
> > * In a session cookie (encoded json)
> > * In-memory - this would require a flushing mechanism (if callback never
> > happens, for example user just closes browser)
> >
> > I'm not able to convince myself which is the better (or least bad), so do
> > you have any thoughts?
> > _______________________________________________
> > keycloak-dev mailing list
> > keycloak-dev at lists.jboss.org
> > https://lists.jboss.org/mailman/listinfo/keycloak-dev
> >
> 
> --
> Bill Burke
> JBoss, a division of Red Hat
> http://bill.burkecentral.com
> _______________________________________________
> keycloak-dev mailing list
> keycloak-dev at lists.jboss.org
> https://lists.jboss.org/mailman/listinfo/keycloak-dev
> 


More information about the keycloak-dev mailing list