[keycloak-dev] Remove kcinit and text-based authentication flows
Stian Thorgersen
sthorger at redhat.com
Thu Sep 19 03:31:37 EDT 2019
https://issues.jboss.org/browse/KEYCLOAK-11490
On Wed, 18 Sep 2019 at 19:15, Stian Thorgersen <sthorger at redhat.com> wrote:
> It may be a bit of work to actually get rid of this though. A few things
> that needs removing at least:
>
> * There's both a Java and a Go kcinit
> * Tests - I think they even checkout and build the kcinit go library
> * Auth flow stuff, including all the duplicated code/classes for the text
> mode
> * KeycloakInstalled
> * Probably other things as well....
>
> It does make a lot of sense to get this done though in relation to the
> auth work.
>
> On Wed, 18 Sep 2019, 19:12 Stian Thorgersen, <sthorger at redhat.com> wrote:
>
>> kc-init was never released or documented. It never got beyond a
>> prototype. As such it can be removed without any deprecation period.
>>
>> We never used it in OpenShift integration, and have no plans of doing so.
>>
>>
>> On Wed, 18 Sep 2019, 16:10 Stefan Guilhen, <sguilhen at redhat.com> wrote:
>>
>>> Stian has sent an e-mail to kc-user about a week ago, no replies so far.
>>>
>>> On Wed, Sep 18, 2019 at 10:50 AM Hynek Mlnarik <hmlnarik at redhat.com>
>>> wrote:
>>>
>>>> +1 from dev perspective. I believe it is worth checking with
>>>> keycloak-user
>>>> as well.
>>>>
>>>> I guess deprecation period would be needed. IIRC, this was added with
>>>> OSIN
>>>> replacement in mind [1]. Is this plan obsoleted?
>>>>
>>>> [1]
>>>> https://github.com/keycloak/openshift-integration/blob/master/README.md
>>>>
>>>> On Wed, Sep 18, 2019 at 2:30 PM Marek Posolda <mposolda at redhat.com>
>>>> wrote:
>>>>
>>>> > +1
>>>> >
>>>> > Do we have a chance to do it now or is some "deprecation period"
>>>> needed?
>>>> > It may help to save some work with refactoring of authentication
>>>> flows,
>>>> > which will be required for multi-token and step-up authentication
>>>> support.
>>>> >
>>>> > Marek
>>>> >
>>>> > On 06. 09. 19 11:54, Bruno Oliveira wrote:
>>>> > > +1
>>>> > >
>>>> > > On Fri, Sep 6, 2019 at 6:48 AM Stian Thorgersen <
>>>> sthorger at redhat.com>
>>>> > wrote:
>>>> > >> kcinit and it's associated text-based authentication flows adds
>>>> quite a
>>>> > bit
>>>> > >> of complexity. It was never fully completed and we don't have
>>>> capacity
>>>> > to
>>>> > >> complete it.
>>>> > >>
>>>> > >> Text-based authentication flows are also not really all that
>>>> useful.
>>>> > There
>>>> > >> are other better approaches to authenticate devices without a web
>>>> > browser,
>>>> > >> and when there is a web browser that should be used rather than
>>>> cli.
>>>> > >>
>>>> > >> I propose we remove both kcinit as well as the text-based
>>>> authentication
>>>> > >> flows. We also need to revert KeycloakInstalled to how it was
>>>> prior to
>>>> > this
>>>> > >> was added as it is currently fairly broken.
>>>> > >> _______________________________________________
>>>> > >> keycloak-dev mailing list
>>>> > >> keycloak-dev at lists.jboss.org
>>>> > >> https://lists.jboss.org/mailman/listinfo/keycloak-dev
>>>> > >
>>>> > >
>>>> >
>>>> > _______________________________________________
>>>> > keycloak-dev mailing list
>>>> > keycloak-dev at lists.jboss.org
>>>> > https://lists.jboss.org/mailman/listinfo/keycloak-dev
>>>> >
>>>> _______________________________________________
>>>> keycloak-dev mailing list
>>>> keycloak-dev at lists.jboss.org
>>>> https://lists.jboss.org/mailman/listinfo/keycloak-dev
>>>>
>>>
>>>
>>> --
>>>
>>> Stefan Guilhen
>>>
>>> Principal Software Engineer
>>>
>>> Red Hat <https://www.redhat.com/>
>>>
>>> sguilhen at redhat.com IM: sguilhen
>>> @RedHat <https://twitter.com/redhat> Red Hat
>>> <https://www.linkedin.com/company/red-hat> Red Hat
>>> <https://www.facebook.com/RedHatInc>
>>> <https://www.redhat.com/>
>>>
>>
More information about the keycloak-dev
mailing list