Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[2.6.x] Update keycloakjs and use access_token instead of id_token for oidc code path #5371

Merged
merged 2 commits into from
Nov 22, 2024
Merged

[2.6.x] Update keycloakjs and use access_token instead of id_token for oidc code path #5371

merged 2 commits into from
Nov 22, 2024

Conversation

davidvoit
Copy link

Fixes: #5085

@davidvoit
Update keycloakjs version to avoid cyclic redirect
97ac17c 
Nonce support in urls was removed in Keycloak 25 to be
fully oidc compatible. But this change is not compatible with
old keycloakjs version. Apicurio used a very old version
and was broken after this keycloak release.
@davidvoit
Use access_token not id_token for Bearer auth
daf62ba 
If the oidc client auth library is used (instead of the
default keycloakjs on) the id_token is used as Bearer Token.
This is not standard compatible. ID Tokens only contain user information
and should never be used for authentications.
@apicurio-bot
Copy link

apicurio-bot bot commented Oct 21, 2024

Thank you for creating a pull request!

Pinging @EricWittmann to respond or triage.

@apicurio-bot apicurio-bot bot added the area/ui label Oct 21, 2024
@carlesarnal
Copy link
Member

This looks correct I think, but since we don't have automated tests in the browser for authentication I have to manually test this PR. I'll add that to my list. Thanks for the contribution.

@EricWittmann EricWittmann added this to the 3.0.4 milestone Nov 7, 2024
@carlesarnal carlesarnal modified the milestones: 3.0.4, 2.6.x Nov 14, 2024
@carlesarnal carlesarnal merged commit 61f69db into Apicurio:2.6.x Nov 22, 2024
19 checks passed
@carlesarnal carlesarnal modified the milestones: 2.6.x, 3.0.5 Nov 22, 2024
@carlesarnal carlesarnal added the port-3.x Port from 2.x to 3.x label Nov 22, 2024
@EricWittmann EricWittmann modified the milestones: 3.0.5, 3.0.6 Dec 3, 2024
@bf2robot bf2robot mentioned this pull request Dec 10, 2024
Open
1 task
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees

@carlesarnal carlesarnal

Labels
area/ui port-3.x Port from 2.x to 3.x
Projects
Registry 3.0
Status: Done
Milestone
3.0.6
Development

Successfully merging this pull request may close these issues.
3 participants
@davidvoit @carlesarnal @EricWittmann