[keycloak-dev] Issues 16, 17 and 24
Gabriel Cardoso
gcardoso at redhat.com
Wed Aug 14 15:27:23 EDT 2013
>> - Issue 16 <https://issues.jboss.org/browse/KEYCLOAK-16>: When the user
>> is asked to give permissions, won't they see the pop ups from Facebook
>> or Google? Or will them see a popup with Keycloak style inside Keycloak?
>> If so, will they probably have to authorize different permissions of
>> different social providers, do they?
>>
>
> They will see the popup form FB/Google *AND* if configured, they will
> see it from Keycloak as well. Facebook and Google may not have the
> notion of the permissions that are requested by the OAuth client.
In the examples I tested, this kind of popup is shown immediately after clicking "Sign in with Facebook", for example. It is usually a pop up and, if the user clicks accept, he is redirected to inside the service. If he cancels, he stays at the login page. Is that the expected flow OR we have a different one where the popup is displayed after the login, inside the admin UI?
>> - Issue 17 <https://issues.jboss.org/browse/KEYCLOAK-17>: With regards
>> to the OAuth grants, same doubt, is not this made in Google?
>>
>
> Only for information provided by Google applications, AFAIK, i.e. Email,
> contacts, etc. For example, event-announcer.com may want permission to
> view your events on event-juggler.com. Google doesn't know anything
> about this. It only knows about google applications.
Please see the following screens to see if they cover the scenario:
https://gatein.mybalsamiq.com/projects/keycloak/Linda%20Authorised%20Access
https://gatein.mybalsamiq.com/projects/keycloak/Linda%20Authorised%20Access%202
>> - Issue 24 <https://issues.jboss.org/browse/KEYCLOAK-24>: I guess it is
>> related to 17 and 16.
>>
>
> While you wouldn't manage credentials within a social Account management
> page, you might want to revoke keycloak-specific grants you've given in
> Issue 16 and 17. You might want to unregister here too.
Mockups updated. Please take a look at:
https://gatein.mybalsamiq.com/projects/keycloak/Linda%20account
https://gatein.mybalsamiq.com/projects/keycloak/Linda%20deactivate
Gabriel
More information about the keycloak-dev
mailing list