[keycloak-dev] can't figure this out
Stian Thorgersen
stian at redhat.com
Thu Mar 26 11:44:43 EDT 2015
No, we can sort it out in Keycloak as Facebook redirects to Keycloak, not the application.
----- Original Message -----
> From: "Leonardo Loch Zanivan" <leonardo.zanivan at gmail.com>
> To: "Stian Thorgersen" <stian at redhat.com>
> Cc: "Bill Burke" <bburke at redhat.com>, keycloak-dev at lists.jboss.org
> Sent: Thursday, 26 March, 2015 4:41:50 PM
> Subject: Re: [keycloak-dev] can't figure this out
>
> I think it would need some tweak in the JavaScript adapter.
>
> On Thu, Mar 26, 2015 at 12:25 PM Stian Thorgersen <stian at redhat.com> wrote:
>
> > Great, so we just need to tweak the Facebook provider to strip that off
> > before redirecting to the app
> >
> > ----- Original Message -----
> > > From: "Leonardo Loch Zanivan" <leonardo.zanivan at gmail.com>
> > > To: "Stian Thorgersen" <stian at redhat.com>, "Bill Burke" <
> > bburke at redhat.com>
> > > Cc: keycloak-dev at lists.jboss.org
> > > Sent: Thursday, 26 March, 2015 4:21:49 PM
> > > Subject: Re: [keycloak-dev] can't figure this out
> > >
> > > Ops, you need to remove after keycloak success. Here is an example:
> > >
> > > keycloakAuth.init({
> > > onLoad: 'login-required'
> > > }).success(function(authenticated) {
> > > //fix facebook oauth
> > > if (window.location.hash === '#_=_') {
> > > window.location.hash = '';
> > > }
> > > });
> > >
> > >
> > > On Thu, Mar 26, 2015 at 12:19 PM Leonardo Loch Zanivan <
> > > leonardo.zanivan at gmail.com> wrote:
> > >
> > > > Facebook adds "#_=_" at the end of redirect URL for "security
> > reasons", so
> > > > SPA apps won't work unless you remove it.
> > > >
> > > > In Angular apps you should remove before call keycloak:
> > > >
> > > > if (window.location.hash === '#_=_') {
> > > > window.location.hash = '';
> > > > }
> > > >
> > > > On Thu, Mar 26, 2015 at 12:14 PM Stian Thorgersen <stian at redhat.com>
> > > > wrote:
> > > >
> > > >> AFAIK Facebook is OAuth2 + custom weird stuff that looks like but
> > isn't
> > > >> OpenID Connect
> > > >>
> > > >> ----- Original Message -----
> > > >> > From: "Stian Thorgersen" <stian at redhat.com>
> > > >> > To: "Bill Burke" <bburke at redhat.com>
> > > >> > Cc: keycloak-dev at lists.jboss.org
> > > >> > Sent: Thursday, 26 March, 2015 4:11:11 PM
> > > >> > Subject: Re: [keycloak-dev] can't figure this out
> > > >> >
> > > >> > I remember seeing the '#_=_' crap a while ago, I believe that was
> > before
> > > >> > Pedro started brokering.
> > > >> >
> > > >> > ----- Original Message -----
> > > >> > > From: "Bill Burke" <bburke at redhat.com>
> > > >> > > To: keycloak-dev at lists.jboss.org
> > > >> > > Sent: Thursday, 26 March, 2015 2:54:27 PM
> > > >> > > Subject: [keycloak-dev] can't figure this out
> > > >> > >
> > > >> > > I'm going crazy... I'm testing facebook login with the admin
> > console
> > > >> as
> > > >> > > the test app.
> > > >> > >
> > > >> > > 1. Facebook auth succeeds
> > > >> > > 2. Redirect back to admin console
> > > >> > > 3. For some reason admin console doesn't like the redirect URL and
> > > >> does
> > > >> > > a redirect back to keycloak login with a fragment of #_=_
> > > >> > > 4. I'm already logged in, so redirect back
> > > >> > > 5. Success, but the fragment is #_=_
> > > >> > >
> > > >> > > Login works for github though...I'm freakin stumped. The initial
> > > >> > > redirect back to the admin console is the same exact redirect uri
> > for
> > > >> > > both github and facebook.
> > > >> > >
> > > >> > > Has anybody seen this before?
> > > >> > >
> > > >> > > --
> > > >> > > Bill Burke
> > > >> > > JBoss, a division of Red Hat
> > > >> > > http://bill.burkecentral.com
> > > >> > > _______________________________________________
> > > >> > > keycloak-dev mailing list
> > > >> > > keycloak-dev at lists.jboss.org
> > > >> > > https://lists.jboss.org/mailman/listinfo/keycloak-dev
> > > >> > >
> > > >> > _______________________________________________
> > > >> > keycloak-dev mailing list
> > > >> > keycloak-dev at lists.jboss.org
> > > >> > https://lists.jboss.org/mailman/listinfo/keycloak-dev
> > > >> >
> > > >> _______________________________________________
> > > >> keycloak-dev mailing list
> > > >> keycloak-dev at lists.jboss.org
> > > >> https://lists.jboss.org/mailman/listinfo/keycloak-dev
> > > >>
> > > >
> > >
> >
>
More information about the keycloak-dev
mailing list