66cffca3d4
Closes #27632 Signed-off-by: AndyMunro <amunro@redhat.com> Signed-off-by: Alexander Schwartz <aschwart@redhat.com> Co-authored-by: Alexander Schwartz <aschwart@redhat.com>
34 lines
1.9 KiB
Text
34 lines
1.9 KiB
Text
= Javascript engine available by default on the classpath
|
|
|
|
In the previous version, when Keycloak was used on Java 17 with Javascript providers (Script authenticator, Javascript authorization policy or Script protocol mappers for OIDC and SAML clients),
|
|
it was needed to copy javascript engine to the distribution. This is no longer needed as Nashorn javascript engine is available in Keycloak server by default. When you deploy script providers,
|
|
it is recommended to not copy the nashorn script engine and it's dependencies into the Keycloak distribution.
|
|
|
|
= Change of the default Client ID mapper of Service Account Client
|
|
|
|
Default `Client ID` mapper of `Service Account Client` has been changed. `Token Claim Name` field value has been changed from `clientId` to `client_id`.
|
|
`client_id` claim is compliant with OAuth2 specifications:
|
|
|
|
- https://datatracker.ietf.org/doc/html/rfc9068#section-2.2[JSON Web Token (JWT) Profile for OAuth 2.0 Access Tokens]
|
|
- https://www.rfc-editor.org/rfc/rfc7662#section-2.2[OAuth 2.0 Token Introspection]
|
|
- https://datatracker.ietf.org/doc/html/rfc8693#section-4.3[OAuth 2.0 Token Exchange]
|
|
|
|
`clientId` userSession note still exists.
|
|
|
|
= Keycloak JS adapter must be instanciated with the `new` operator
|
|
|
|
Historically it has been possible to create an instance of the Keycloak JS adapter by calling the `Keycloak()` function directly:
|
|
|
|
[source,javascript]
|
|
----
|
|
const keycloak = Keycloak();
|
|
----
|
|
|
|
To align this with modern conventions in the JavaScript world it has been possible to use the https://developer.mozilla.org/en-US/docs/Web/JavaScript/Reference/Operators/new[`new` operator] to create an instance instead:
|
|
|
|
[source,javascript]
|
|
----
|
|
const keycloak = new Keycloak();
|
|
----
|
|
|
|
The function-style constructor has been deprecated for a while, but starting this version we will actively log a deprecation message when it used. This style of constructor will be removed in a future version so make sure to migrate your code to use the `new` operator.
|