[keycloak-dev] redirect_uri validation on Keycloak 1.9.x
Marek Posolda
mposolda at redhat.com
Wed May 11 03:11:28 EDT 2016
Sorry for late response. I am personally not seeing any issue with
support the redirect_uri "org.aerogear.Shoot://oauth2Callback" . So I
suggest to create JIRA for Keycloak 2.0.0.CR1 for add this.
Thanks,
Marek
On 03/05/16 12:33, Corinne Krych wrote:
> Hello guys,
>
> Moving cookbook demo AeroGear iOS sdk to Keycloak 1.9.x I noticed that
> the redirect_uri validation has changes . I used to have
> "org.aerogear.Shoot://oauth2Callback" for a redirect_uri. In iOS land
> we used custom schema [1], as a best practice very often the first
> part of it is defined using the iOS bundle id (Apple unique id) which
> most of the time contains a mix of upper/lower case letters.
>
> When discussing the subject on irc with @Marek, it seems there might
> be an issue in RedirectUtils.lowerCaseHostname in
> https://github.com/keycloak/keycloak/blob/master/services/src/main/java/org/keycloak/protocol/oidc/utils/RedirectUtils.java#L119
>
> I converted this url to : "org.aerogear.shoot://oauth2Callback" and it
> works better [2] and did change locally the bundle id of the iOs app.
> But in KC 1.4.x I was able to use upper case in redirect_uri and for
> an iOS point of view, it was much more convenient. What is the
> reasoning behind redirect_uri? Should we use http(s) as the only protocol?
>
> Thanks for your feedback.
> ++
> Corinne
> [1]
> http://iosdevelopertips.com/cocoa/launching-your-own-application-via-a-custom-url-scheme.html
> [2] https://github.com/aerogear/aerogear-backend-cookbook/pull/30/files
>
>
> _______________________________________________
> keycloak-dev mailing list
> keycloak-dev at lists.jboss.org
> https://lists.jboss.org/mailman/listinfo/keycloak-dev
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.jboss.org/pipermail/keycloak-dev/attachments/20160511/d6bc8997/attachment.html
More information about the keycloak-dev
mailing list