From d3a733f94777dd781029aed41dfb7d7b7bef7c4f Mon Sep 17 00:00:00 2001 From: Gregor Tudan Date: Tue, 3 Jul 2018 07:13:25 +0200 Subject: [PATCH] KEYCLOAK-2606: fix links --- securing_apps/topics/oidc/javascript-adapter.adoc | 6 +++--- tests/src/test/resources/ignored-links | 1 + 2 files changed, 4 insertions(+), 3 deletions(-) diff --git a/securing_apps/topics/oidc/javascript-adapter.adoc b/securing_apps/topics/oidc/javascript-adapter.adoc index 615e8c04c1..0c3f955c87 100644 --- a/securing_apps/topics/oidc/javascript-adapter.adoc +++ b/securing_apps/topics/oidc/javascript-adapter.adoc @@ -166,7 +166,7 @@ keycloak.init({ flow: 'hybrid' }) Keycloak support hybird mobile apps developed with https://cordova.apache.org/[Apache Cordova]. The Javascript adapter has two modes for this: `cordova` and `cordova-native`: The default is cordova, which the adapter will automatically select if no adapter type has been configured and window.cordova is present. -When logging in, it will open an https://cordova.apache.org/docs/en/latest/reference/cordova-plugin-inappbrowser/[InApp Browser] that lets the user interact with {project_name} and afterwards returns to the app by redirecting to http://localhost. Because of this, you must whitelist this URL as a valid redirect-uri in the client configuration section of the Administration Console. +When logging in, it will open an https://cordova.apache.org/docs/en/latest/reference/cordova-plugin-inappbrowser/[InApp Browser] that lets the user interact with {project_name} and afterwards returns to the app by redirecting to `http://localhost`. Because of this, you must whitelist this URL as a valid redirect-uri in the client configuration section of the Administration Console. While this mode is easy to setup, it also has some disadvantages: * The InApp-Browser is a browser embedded in the app and is not the phone's default browser. Therefore it will have different settings and stored credentials will not be available. @@ -193,9 +193,9 @@ This adapter required two additional plugins: * https://github.com/e-imaxina/cordova-plugin-deeplinks[cordova-plugin-deeplinks]: allow the browser to redirect back to your app by special URLs The technical details for linking to an app differ on each plattform and special setup is needed. -Please refer to the according sections of the deeplinks plugin for further instructions (https://github.com/e-imaxina/cordova-plugin-deeplinks#android-web-integration[Android] and [iOS https://github.com/e-imaxina/cordova-plugin-deeplinks#ios-web-integration[iOS]]. +Please refer to the according sections of the deeplinks plugin for further instructions (https://github.com/e-imaxina/cordova-plugin-deeplinks/blob/master/README.md#android-web-integration[Android] and [iOS https://github.com/e-imaxina/cordova-plugin-deeplinks/blob/master/README.md#ios-web-integration[iOS]). -There are different kinds of links for opening apps: custom schemes (i.e. `myapp://login` or `android-app://com.example.myapp/https/example.com/login`) and https://developer.apple.com/ios/universal-links/[Universal Links (iOS]) / https://developer.android.com/training/app-indexing/deep-linking.html[Deep Links (Android)]. +There are different kinds of links for opening apps: custom schemes (i.e. `myapp://login` or `android-app://com.example.myapp/https/example.com/login`) and https://developer.apple.com/ios/universal-links/[Universal Links (iOS)]) / https://developer.android.com/training/app-links/deep-linking[Deep Links (Android)]. While the former are easier to setup and tend to work more reliably, the later offer extra security as they are unique and only the owner of a domain can register them. Custom-URLs are deprecated on iOS. We recommend that you use universal links, combined with a fallback site with a custom-url link on it for best reliability. diff --git a/tests/src/test/resources/ignored-links b/tests/src/test/resources/ignored-links index 0220ae743c..ba18097d4e 100644 --- a/tests/src/test/resources/ignored-links +++ b/tests/src/test/resources/ignored-links @@ -1,3 +1,4 @@ +http://localhost* http://localhost:8080* http://localhost:8180* http://localhost:8181*