[keycloak-dev] iframe logout check now implemented

Bill Burke bburke at redhat.com
Tue May 13 08:57:08 EDT 2014 

Sounds like a good idea.  But it should be built on top of what we 
already have for the iframe stuff.

On 5/13/2014 4:33 AM, Stian Thorgersen wrote:
> Nopes, I finally get what it is and how it works ;)
>
> My idea was that if 'logoutIframe' is enabled we create the iframe, and start a timer to ping it. We should also make the ping configurable as well. If the status changes to logged out, we invoke the onAuthLogout callback to let the application deal with the logout.
>
> We should also update the updateToken method to also check the iframe status if it's configured.
>
> ----- Original Message -----
>> From: "Bill Burke" <bburke at redhat.com>
>> To: "Stian Thorgersen" <stian at redhat.com>
>> Cc: keycloak-dev at lists.jboss.org
>> Sent: Monday, 12 May, 2014 6:15:25 PM
>> Subject: Re: [keycloak-dev] iframe logout check now implemented
>>
>> I think you may be confused on what this is.  It is only to determine
>> the current login-status.  Not to login or logout.
>>
>> The example wraps the reloadData function to make sure that the user is
>> still logged in before executing.  Alternatively, somebody could make a
>> timer that checked the log-in status via this method too.
>>
>> On 5/12/2014 12:46 PM, Stian Thorgersen wrote:
>>> Nice :)
>>>
>>> Could we make it simpler to use? For example:
>>>
>>>     var keycloak = new Keycloak();
>>>
>>>     keycloak.onAuthSuccess = function() {
>>>       alert('User logged in');
>>>     }
>>>
>>>     keycloak.onAuthLogout = function() {
>>>       alert('User has logged out');
>>>     }
>>>
>>>     keycloak.init({
>>>       onLoad: 'login-required',
>>>       autoRefreshToken: true,
>>>       logoutIframe: true
>>>     });
>>>
>>>
>>> We already have the onAuthSuccess and onAuthLogout events. The user would
>>> just have to configure if they want to use the 'logoutIframe' feature or
>>> not (by default we could even have it enabled?). Also, we could add
>>> another optional feature to automatically refresh the token.
>>>
>>> In the future it would also be nice to enable support for using pop-up
>>> windows for login.
>>>
>>> ----- Original Message -----
>>>> From: "Bill Burke" <bburke at redhat.com>
>>>> To: keycloak-dev at lists.jboss.org
>>>> Sent: Monday, 12 May, 2014 3:47:18 PM
>>>> Subject: [keycloak-dev] iframe logout check now implemented
>>>>
>>>> The OpenID Connection session status IFRAME trick is now implemented.
>>>> keycloak.js has been extend.  The customer-portal-js demo has been
>>>> extended to who how to use it.
>>>>
>>>> --
>>>> Bill Burke
>>>> JBoss, a division of Red Hat
>>>> http://bill.burkecentral.com
>>>> _______________________________________________
>>>> keycloak-dev mailing list
>>>> keycloak-dev at lists.jboss.org
>>>> https://lists.jboss.org/mailman/listinfo/keycloak-dev
>>>>
>>
>> --
>> Bill Burke
>> JBoss, a division of Red Hat
>> http://bill.burkecentral.com
>>

-- 
Bill Burke
JBoss, a division of Red Hat
http://bill.burkecentral.com

More information about the keycloak-dev mailing list