[KEYCLOAK-6585] hybrid flow: removed token_type and expires_in paramters from oidc auth response

This commit is contained in:
wyvie 2018-02-27 14:45:26 +01:00 committed by Marek Posolda
parent e52380915b
commit f8022a5c2f
2 changed files with 2 additions and 4 deletions

View file

@ -888,10 +888,10 @@
supportedParams = ['code', 'state', 'session_state'];
break;
case 'implicit':
supportedParams = ['access_token', 'token_type', 'id_token', 'state', 'session_state', 'expires_in'];
supportedParams = ['access_token', 'id_token', 'state', 'session_state'];
break;
case 'hybrid':
supportedParams = ['access_token', 'token_type', 'id_token', 'code', 'state', 'session_state', 'expires_in'];
supportedParams = ['access_token', 'id_token', 'code', 'state', 'session_state'];
break;
}

View file

@ -229,8 +229,6 @@ public class OIDCLoginProtocol implements LoginProtocol {
if (responseType.hasResponseType(OIDCResponseType.TOKEN)) {
redirectUri.addParam(OAuth2Constants.ACCESS_TOKEN, res.getToken());
redirectUri.addParam("token_type", res.getTokenType());
redirectUri.addParam("expires_in", String.valueOf(res.getExpiresIn()));
}
}