[keycloak-dev] can't figure this out

Stian Thorgersen stian at redhat.com
Thu Mar 26 11:24:56 EDT 2015


Great, so we just need to tweak the Facebook provider to strip that off before redirecting to the app

----- Original Message -----
> From: "Leonardo Loch Zanivan" <leonardo.zanivan at gmail.com>
> To: "Stian Thorgersen" <stian at redhat.com>, "Bill Burke" <bburke at redhat.com>
> Cc: keycloak-dev at lists.jboss.org
> Sent: Thursday, 26 March, 2015 4:21:49 PM
> Subject: Re: [keycloak-dev] can't figure this out
> 
> Ops, you need to remove after keycloak success. Here is an example:
> 
> keycloakAuth.init({
>     onLoad: 'login-required'
> }).success(function(authenticated) {
>     //fix facebook oauth
>     if (window.location.hash === '#_=_') {
>         window.location.hash = '';
>     }
> });
> 
> 
> On Thu, Mar 26, 2015 at 12:19 PM Leonardo Loch Zanivan <
> leonardo.zanivan at gmail.com> wrote:
> 
> > Facebook adds "#_=_" at the end of redirect URL for "security reasons", so
> > SPA apps won't work unless you remove it.
> >
> > In Angular apps you should remove before call keycloak:
> >
> > if (window.location.hash === '#_=_') {
> >     window.location.hash = '';
> > }
> >
> > On Thu, Mar 26, 2015 at 12:14 PM Stian Thorgersen <stian at redhat.com>
> > wrote:
> >
> >> AFAIK Facebook is OAuth2 + custom weird stuff that looks like but isn't
> >> OpenID Connect
> >>
> >> ----- Original Message -----
> >> > From: "Stian Thorgersen" <stian at redhat.com>
> >> > To: "Bill Burke" <bburke at redhat.com>
> >> > Cc: keycloak-dev at lists.jboss.org
> >> > Sent: Thursday, 26 March, 2015 4:11:11 PM
> >> > Subject: Re: [keycloak-dev] can't figure this out
> >> >
> >> > I remember seeing the '#_=_' crap a while ago, I believe that was before
> >> > Pedro started brokering.
> >> >
> >> > ----- Original Message -----
> >> > > From: "Bill Burke" <bburke at redhat.com>
> >> > > To: keycloak-dev at lists.jboss.org
> >> > > Sent: Thursday, 26 March, 2015 2:54:27 PM
> >> > > Subject: [keycloak-dev] can't figure this out
> >> > >
> >> > > I'm going crazy...  I'm testing facebook login with the admin console
> >> as
> >> > > the test app.
> >> > >
> >> > > 1. Facebook auth succeeds
> >> > > 2. Redirect back to admin console
> >> > > 3. For some reason admin console doesn't like the redirect URL and
> >> does
> >> > > a redirect back to keycloak login with a fragment of #_=_
> >> > > 4. I'm already logged in, so redirect back
> >> > > 5. Success, but the fragment is #_=_
> >> > >
> >> > > Login works for github though...I'm freakin stumped.  The initial
> >> > > redirect back to the admin console is the same exact redirect uri for
> >> > > both github and facebook.
> >> > >
> >> > > Has anybody seen this before?
> >> > >
> >> > > --
> >> > > Bill Burke
> >> > > JBoss, a division of Red Hat
> >> > > http://bill.burkecentral.com
> >> > > _______________________________________________
> >> > > keycloak-dev mailing list
> >> > > keycloak-dev at lists.jboss.org
> >> > > https://lists.jboss.org/mailman/listinfo/keycloak-dev
> >> > >
> >> > _______________________________________________
> >> > keycloak-dev mailing list
> >> > keycloak-dev at lists.jboss.org
> >> > https://lists.jboss.org/mailman/listinfo/keycloak-dev
> >> >
> >> _______________________________________________
> >> keycloak-dev mailing list
> >> keycloak-dev at lists.jboss.org
> >> https://lists.jboss.org/mailman/listinfo/keycloak-dev
> >>
> >
> 


More information about the keycloak-dev mailing list