libre.sh/keycloak-scim
3
0
Fork 0
Code Issues 15 Pull requests Releases 1 Packages Activity Actions

[KEYCLOAK-6585] hybrid flow: removed token_type and expires_in paramters from oidc auth response

Browse source
This commit is contained in:
wyvie 2018-02-27 14:45:26 +01:00 committed by Marek Posolda
parent e52380915b
commit f8022a5c2f
2 changed files with 2 additions and 4 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

4
adapters/oidc/js/src/main/resources/keycloak.js
View file

@ -888,10 +888,10 @@
supportedParams = ['code', 'state', 'session_state'];
break;
case 'implicit':
supportedParams = ['access_token', 'token_type', 'id_token', 'state', 'session_state', 'expires_in'];
supportedParams = ['access_token', 'id_token', 'state', 'session_state'];
break;
case 'hybrid':
supportedParams = ['access_token', 'token_type', 'id_token', 'code', 'state', 'session_state', 'expires_in'];
supportedParams = ['access_token', 'id_token', 'code', 'state', 'session_state'];
break;
}

2
services/src/main/java/org/keycloak/protocol/oidc/OIDCLoginProtocol.java
View file

@ -229,8 +229,6 @@ public class OIDCLoginProtocol implements LoginProtocol {
if (responseType.hasResponseType(OIDCResponseType.TOKEN)) {
redirectUri.addParam(OAuth2Constants.ACCESS_TOKEN, res.getToken());
redirectUri.addParam("token_type", res.getTokenType());
redirectUri.addParam("expires_in", String.valueOf(res.getExpiresIn()));
}
}