[keycloak-dev] Password grant flow with client consent is bugged

Marek Posolda mposolda at redhat.com
Thu Nov 5 10:50:06 EST 2015


On 05/11/15 14:43, Paul Wolf wrote:
>
> Hi guys,
>
> I am currently evaluating Keycloak and so far I have only two complaints:
> 1. The implicit flow is not supported, but I already found a Jira 
> issue for that. How realistic is it that the feature comes with 1.7CR1?
>
It's planned and very realistic that it really happens :-)
>
> 2. When the client consent is needed for an application, which uses 
> the password grant flow, the flow fails all the time... Even if the 
> consent has been given. This seems an easy to fix bug. Will you fix 
> that? Should I write a fix and make a pull request?
>
+1

makes sense to me to let the password grant flow happen if consent has 
been already given. Feel free to create JIRA and PR will be even better. 
Current checking of consent is done in 
AuthenticationManager.actionRequired method. I hope you can extract the 
consent checking to separate method and reuse it.

Marek
>
> Otherwise good stuff so far :)
>
> Best regards,
> Paul
>
>
>
> _______________________________________________
> keycloak-dev mailing list
> keycloak-dev at lists.jboss.org
> https://lists.jboss.org/mailman/listinfo/keycloak-dev

-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.jboss.org/pipermail/keycloak-dev/attachments/20151105/0177e699/attachment.html 


More information about the keycloak-dev mailing list