[keycloak-dev] bug: how did javascript adapter ever work?
Josh Cain
jcain at redhat.com
Tue Apr 17 09:57:12 EDT 2018
I was about to say... Red Hat customer portal and a number of other apps
we have are running the 7.2 version in production just fine. Although,
it remains a fork until we can get #3271[0] in the upstream :(
[0] https://github.com/keycloak/keycloak/pull/3271
On 04/08/2018 08:16 PM, Bill Burke wrote:
> Sorry, nevermind...you have to add allowed origins to client or a "+"
> to add redirects.
>
> On Sun, Apr 8, 2018 at 9:09 PM, Bill Burke <bburke at redhat.com> wrote:
>> Maybe its just a firefox thing? The preflight sets the
>> ACCESS_CONTROL_ALLOW_ORIGIN, but I think firefox doesn't remember this
>> and expects the same header for the POST response to code to token.
>>
>> On Sun, Apr 8, 2018 at 9:04 PM, Bill Burke <bburke at redhat.com> wrote:
>>> Does our javascript adapter use code to token flow by default? Is
>>> that the preferred mechanism? I don't think anybody is using it and
>>> has never used it if so, because...its broken.
>>>
>>> I'm integrating with a non-keycloak html5 app that is using code to
>>> token and the code to token request is failing with a CORS error.
>>> This is because we do not set allowed origins in TokenEndpoint:
>>>
>>> https://github.com/keycloak/keycloak/blob/master/services/src/main/java/org/keycloak/protocol/oidc/endpoints/TokenEndpoint.java#L416
>>>
>>> Embarrassing? Or am i missing something?
>>>
>>> --
>>> Bill Burke
>>> Red Hat
>>
>>
>>
>> --
>> Bill Burke
>> Red Hat
>
>
>
More information about the keycloak-dev
mailing list