[keycloak-dev] Feedback on examples
Marek Posolda
mposolda at redhat.com
Thu Dec 12 12:35:00 EST 2013
On 11.12.2013 14:10, Bill Burke wrote:
>
> On 12/10/2013 11:45 AM, Marek Posolda wrote:
>> I have few points regarding example applications:
>>
>> - For third-party oauth client example, there is not possibility to
>> configure stuff through JSON but everything is hardcoded in classes
>> Bootstrap and ProductDatabaseClient. There are also some strange
>> comments in code like "This is the worst code ever" etc :-) This is not
>> so ideal IMO as I expect that people will often look to the source code
>> of these examples for inspiration. I believe that OAuth clients should
>> also have something like ManagedResourceConfigLoader for Applications.
>>
> Feel free to write a better example with CDI or Spring and expand out
> the oauth client framework code.
I've send PR https://github.com/keycloak/keycloak/pull/134 . Third-party
application rewritten to use CDI+JSF and now it read the configuration
from JSON file. I've added ManagedOAuthClientConfigLoader (subclass of
ManagedResourceConfigLoader) for support of reading configuration of
OAuth clients from JSON files.
I've also created JIRA https://issues.jboss.org/browse/KEYCLOAK-231 and
implemented it in my PR as currently our adapters (both OAuthClient and
Applications) don't have any support for sending "scope" parameter to
Keycloak server.
So now if you have something like this in keycloak.json configuration of
your application or oauth-client:
"scope" : {
"realm" : [ "user" ]
}
Then auth URL to keycloak will have scope parameter included with those
scopes specified in configuration.
Marek
>
>> - For the "third-party" OAuth client, I don't like the fact that when
>> user press "Cancel" in OAuth grant page, there is exception in
>> server.log and Tomcat error page displayed. I believe the behaviour
>> should be more user-friendly.
>>
> Again, feel free to expand on the third-party app to display something
> better.
>
>> - Examples "customer-portal", "product-portal", "database-service" and
>> "oauth-client" are using package "org.jboss.reasteasy..." instead of
>> "org.keycloak..."
>>
> Yeah, holdover from Resteasy code I migrated from.
>
>
More information about the keycloak-dev
mailing list