[keycloak-dev] iOS Keycloak demo
Bill Burke
bburke at redhat.com
Fri Feb 28 12:26:37 EST 2014
On 2/28/2014 11:58 AM, Christos Vasilakis wrote:
> Hi everyone,
>
> worked out a simple application that utilises AeroGear iOS OAuth2 adapter to go against a Keycloak server. You can find the source code here[1] and a small video demonstration here[2].
>
Great work!
> Overall it worked great but needed to make some small adjustments on the library which I would like your feedback. Two issues that raised are in the request parameters:
>
> - the ‘scope’ parameter on the request needed to be in a specific format "realm": [ “user”, .. ]. Needed to include ‘realm’ and a list of separated names. Not sure if this is the same as the ‘scope’ parameter in OAuth2 where just a space delimited strings are required. Further, the scope needed to be base64 url encoded in order for the server to parse it.
Scope parameter is optional. We also need to get rid of what we have
anyways as its incompatible with OpenID Connect.
> - the ‘client_secret’ parameter needed to be encoded as ’secret’.
>
We changed client auth to Basic Auth to match Oauth Spec.
--
Bill Burke
JBoss, a division of Red Hat
http://bill.burkecentral.com
More information about the keycloak-dev
mailing list