From 42553cdc4464fd6b176a957cfda5579574a5fc62 Mon Sep 17 00:00:00 2001 From: Jani Date: Tue, 19 Jun 2018 21:53:28 +0300 Subject: [PATCH] [KEYCLOAK-7695] Restore token_type and expires_in for implicit flow As KEYCLOAK-6585 concerns only hybrid flow, this commit restores the behavior for implicit flow. This commit partially reverts #5041 (061049e41a6b0e6fb45c75f05748023ad7ab7d92). --- adapters/oidc/js/src/main/resources/keycloak.js | 2 +- .../java/org/keycloak/protocol/oidc/OIDCLoginProtocol.java | 4 ++++ 2 files changed, 5 insertions(+), 1 deletion(-) diff --git a/adapters/oidc/js/src/main/resources/keycloak.js b/adapters/oidc/js/src/main/resources/keycloak.js index 8b147bf9a0..3aed2bfa04 100755 --- a/adapters/oidc/js/src/main/resources/keycloak.js +++ b/adapters/oidc/js/src/main/resources/keycloak.js @@ -910,7 +910,7 @@ supportedParams = ['code', 'state', 'session_state']; break; case 'implicit': - supportedParams = ['access_token', 'id_token', 'state', 'session_state']; + supportedParams = ['access_token', 'token_type', 'id_token', 'state', 'session_state', 'expires_in']; break; case 'hybrid': supportedParams = ['access_token', 'id_token', 'code', 'state', 'session_state']; diff --git a/services/src/main/java/org/keycloak/protocol/oidc/OIDCLoginProtocol.java b/services/src/main/java/org/keycloak/protocol/oidc/OIDCLoginProtocol.java index 9480651084..f41b4cdc85 100755 --- a/services/src/main/java/org/keycloak/protocol/oidc/OIDCLoginProtocol.java +++ b/services/src/main/java/org/keycloak/protocol/oidc/OIDCLoginProtocol.java @@ -235,6 +235,10 @@ public class OIDCLoginProtocol implements LoginProtocol { if (responseType.hasResponseType(OIDCResponseType.TOKEN)) { redirectUri.addParam(OAuth2Constants.ACCESS_TOKEN, res.getToken()); + if (responseType.isImplicitFlow()) { + redirectUri.addParam("token_type", res.getTokenType()); + redirectUri.addParam("expires_in", String.valueOf(res.getExpiresIn())); + } } }