1915f11cba
Instead of DEFAULT_OAUTH2_DEVICE_POLLING_INTERVAL, constant for the lifespan was used to initialize the default polling interval. This leads to inability to continuously poll the result as the result stuck in the actionTokens cache for far longer than expected (600 seconds instead of 5 seconds). As a result, only the first request for the token succeeds if a resource owner already did grant the access. If that has not happened, any additional polling within 600 seconds would get rejected with a 'slow_down' response. This makes hard to write OAuth 2.0 clients using device code authorization grant flow against multiple IdPs. Microsoft's implementation of OAuth 2.0 device code grant flow requires 'nudging' the Authorization Server's token endpoint before it even starts recognizing the device code. Keycloak mismatch of the polling interval default makes this flow impossible. Closes #12327 Signed-off-by: Alexander Bokovoy <abokovoy@redhat.com> |
||
|---|---|---|
| .github | ||
| .mvn/wrapper | ||
| adapters | ||
| authz | ||
| boms | ||
| common | ||
| config-api | ||
| core | ||
| dependencies | ||
| distribution | ||
| docs | ||
| examples | ||
| federation | ||
| integration | ||
| kubernetes | ||
| misc | ||
| model | ||
| operator | ||
| quarkus | ||
| saml-core | ||
| saml-core-api | ||
| server-spi | ||
| server-spi-private | ||
| services | ||
| testsuite | ||
| themes | ||
| util | ||
| wildfly | ||
| .gitattributes | ||
| .gitignore | ||
| .gitleaks.toml | ||
| ADOPTERS.md | ||
| CONTRIBUTING.md | ||
| get-version.sh | ||
| GOVERNANCE.md | ||
| LICENSE.txt | ||
| MAINTAINERS.md | ||
| maven-settings.xml | ||
| mvnw | ||
| mvnw.cmd | ||
| pom.xml | ||
| prod-arguments.json | ||
| README.md | ||
| release.sh | ||
| set-version.sh | ||
Keycloak
Keycloak is an Open Source Identity and Access Management solution for modern Applications and Services.
This repository contains the source code for the Keycloak Server, Java adapters and the JavaScript adapter.
Help and Documentation
- Documentation
- User Mailing List - Mailing list for help and general questions about Keycloak
Reporting Security Vulnerabilities
If you've found a security vulnerability, please look at the instructions on how to properly report it
Reporting an issue
If you believe you have discovered a defect in Keycloak please open an issue. Please remember to provide a good summary, description as well as steps to reproduce the issue.
Getting started
To run Keycloak download the distribution from our website. Unzip and run:
bin/kc.[sh|bat] start-dev
Alternatively, you can use the Docker image by running:
docker run quay.io/keycloak/keycloak start-dev
For more details refer to the Keycloak Documentation.
Building from Source
To build from source refer to the building and working with the code base guide.
Testing
To run tests refer to the running tests guide.
Writing Tests
To write tests refer to the writing tests guide.
Contributing
Before contributing to Keycloak please read our contributing guidelines.
Other Keycloak Projects
- Keycloak - Keycloak Server and Java adapters
- Keycloak Documentation - Documentation for Keycloak
- Keycloak QuickStarts - QuickStarts for getting started with Keycloak
- Keycloak Node.js Connect - Node.js adapter for Keycloak
- Keycloak Node.js Admin Client - Node.js library for Keycloak Admin REST API