docs and javadoc fixes
This commit is contained in:
mposolda
parent
09488b8df3
commit
c11539cccb
5 changed files with 6 additions and 6 deletions
|
|
@ -898,7 +898,7 @@ public class SecretQuestionRequiredActionFactory implements RequiredActionFactor
|
|||
}
|
||||
]]></programlisting>
|
||||
|
||||
where the <literal>mysecret</literal> needs to be replaced with the real value of client secret. You can obtain it from client admin console.
|
||||
where the <literal>mysecret</literal> needs to be replaced with the real value of client secret. You can obtain it from admin console from client configuration.
|
||||
</para>
|
||||
</listitem>
|
||||
</varlistentry>
|
||||
|
|
@ -906,7 +906,7 @@ public class SecretQuestionRequiredActionFactory implements RequiredActionFactor
|
|||
<term>Authentication with signed JWT</term>
|
||||
<listitem>
|
||||
<para>
|
||||
This is based on the <ulink url="https://tools.ietf.org/html/draft-jones-oauth-jwt-bearer-03">JWT Bearer Token Profiles for OAuth 2.0</ulink> specification.
|
||||
This is based on the <ulink url="https://tools.ietf.org/html/rfc7523">JWT Bearer Token Profiles for OAuth 2.0</ulink> specification.
|
||||
The client/adapter generates the <ulink url="https://tools.ietf.org/html/rfc7519">JWT</ulink> and signs it with his private key.
|
||||
The Keycloak then verifies the signed JWT with the client's public key and authenticates client based on it.
|
||||
</para>
|
||||
|
|
|
|||
|
|
@ -14,7 +14,7 @@ import org.keycloak.adapters.KeycloakDeployment;
|
|||
*
|
||||
* You must specify a file
|
||||
* META-INF/services/org.keycloak.adapters.authentication.ClientCredentialsProvider in the WAR that this class is contained in (or in the JAR that is attached to the WEB-INF/lib or as jboss module
|
||||
* if you want to share the implementation among more WARs). This file must have the fully qualified class name of all your ClientAuthenticatorFactory classes
|
||||
* if you want to share the implementation among more WARs).
|
||||
*
|
||||
* NOTE: The SPI is not finished and method signatures are still subject to change in future versions (for example to support
|
||||
* authentication with client certificate)
|
||||
|
|
|
|||
|
|
@ -13,7 +13,7 @@ import org.keycloak.util.Time;
|
|||
|
||||
/**
|
||||
* Client authentication based on JWT signed by client private key .
|
||||
* See <a href="https://tools.ietf.org/html/draft-jones-oauth-jwt-bearer-03">specs</a> for more details.
|
||||
* See <a href="https://tools.ietf.org/html/rfc7519">specs</a> for more details.
|
||||
*
|
||||
* @author <a href="mailto:mposolda@redhat.com">Marek Posolda</a>
|
||||
*/
|
||||
|
|
|
|||
|
|
@ -27,7 +27,7 @@ import org.keycloak.services.Urls;
|
|||
|
||||
/**
|
||||
* Client authentication based on JWT signed by client private key .
|
||||
* See <a href="https://tools.ietf.org/html/draft-jones-oauth-jwt-bearer-03">specs</a> for more details.
|
||||
* See <a href="https://tools.ietf.org/html/rfc7519">specs</a> for more details.
|
||||
*
|
||||
* This is server side, which verifies JWT from client_assertion parameter, where the assertion was created on adapter side by
|
||||
* org.keycloak.adapters.authentication.JWTClientCredentialsProvider
|
||||
|
|
|
|||
|
|
@ -20,7 +20,7 @@ public class OIDCWellKnownProvider implements WellKnownProvider {
|
|||
|
||||
public static final List<String> DEFAULT_ID_TOKEN_SIGNING_ALG_VALUES_SUPPORTED = list("RS256");
|
||||
|
||||
public static final List<String> DEFAULT_GRANT_TYPES_SUPPORTED = list(OAuth2Constants.AUTHORIZATION_CODE, OAuth2Constants.REFRESH_TOKEN, OAuth2Constants.PASSWORD);
|
||||
public static final List<String> DEFAULT_GRANT_TYPES_SUPPORTED = list(OAuth2Constants.AUTHORIZATION_CODE, OAuth2Constants.REFRESH_TOKEN, OAuth2Constants.PASSWORD, OAuth2Constants.CLIENT_CREDENTIALS);
|
||||
|
||||
public static final List<String> DEFAULT_RESPONSE_TYPES_SUPPORTED = list(OAuth2Constants.CODE);
|
||||
|
||||
|
|
|
|||
Loading…
Reference in a new issue