[keycloak-dev] Possible bug in Keycloak 3.4.3?

John D. Ament john.d.ament at gmail.com
Tue Jan 16 15:51:57 EST 2018


Hi,

We're working on upgrading to Keycloak 3.4.3.  We hit a weird issue where
it looks like some backwards compatible code isn't working right in the
client adapter.  We found this block which seems suspect

https://github.com/keycloak/keycloak/blob/3.4.3.Final/services/src/main/java/org/keycloak/protocol/oidc/endpoints/TokenEndpoint.java#L306-L314

It looks like the values for redirectUri and redirectUriParam are actually
backwards.  We see the session_state query param in the value of
redirectUri not redirectUriParam, and this causes the next check for the
values being equal to fail.

John


More information about the keycloak-dev mailing list