-
-
Notifications
You must be signed in to change notification settings - Fork 29
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Compilation fails if JWT auth is selected #42
Comments
@JasonTypesCodes This should be fixed now. I moved the listed classes to a conditional block for |
New error now:
It looks like the |
I'm curious - why is there a Keycloak-specific class ( |
@mraible Because end session implementation is not part of the open id spec, thus vendor specific details have to be provided. Micronaut security does not currently have an implementation specific to Keycloak |
Since the redirect parameters are being populated from Javascript. We probably should be able to replace package <%=packageName%>.security;
import io.micronaut.http.HttpRequest;
import io.micronaut.http.server.util.HttpHostResolver;
import io.micronaut.http.uri.UriBuilder;
import io.micronaut.security.authentication.Authentication;
import io.micronaut.security.oauth2.client.OpenIdProviderMetadata;
import io.micronaut.security.oauth2.configuration.endpoints.EndSessionConfiguration;
import io.micronaut.security.oauth2.endpoint.endsession.request.EndSessionEndpoint;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import javax.annotation.Nullable;
import javax.inject.Named;
import java.net.URI;
@Named("oidc")
public class OidcEndSessionEndpoint implements EndSessionEndpoint {
private static final Logger LOG = LoggerFactory.getLogger(OidcEndSessionEndpoint.class);
private final OpenIdProviderMetadata openIdProviderMetadata;
public OidcEndSessionEndpoint(@Named("oidc") OpenIdProviderMetadata openIdProviderMetadata) {
this.openIdProviderMetadata = openIdProviderMetadata;
}
@Nullable
@Override
public String getUrl(HttpRequest originating, Authentication authentication) {
return openIdProviderMetadata.getEndSessionEndpoint();
}
} |
You might be able use something similar to what we use for Spring Boot. We just have a Spring Security supports RP-Initiated Logout, but I've been unable to get this to work when adding a JS client to the mix. Also, it requires that you hard-code the post-logout-redirect-uri, which I think is inconvenient. |
I created #45 for the Keycloak implementation |
Fixes errors in Angular client when not using OAuth2 (#42)
This was likely introduced with the OAuth support:
The text was updated successfully, but these errors were encountered: