Comments (2)
AlistairDoswald
commented on July 25, 2024
From the user documentation, the first broker login flow is the correct first flow, as keycloak needs to create information for the user locally, and a link to the user in the external IdP, so the "browser" login flow shouldn't be investigated.
Now, for the first broker login flow, the problem is that when the username or Id is null, keycloak cannot create the link to the external IdP user due to the fields being null. The pull request from @SebZal corrects the Id problem, but not the username problem. Even through this can be avoided by configuring the client correctly in the IdP, the following steps will be taken:
- Make the
getUsername()method returngetId()if it can't get a name rather then the opposite. This will bring it in line for what is done for SAML2 tokens. - Have the
WSFedEndpoint handleLoginResponsemethod throw an exception if the Id or Username is null rather than waiting to get a NullPointerException to happen when keycloak tries to create the user's Identity Provider link. - Write the unit tests for the
SAML11RequestedTokenclass since there doesn't seem to be any :-p
from keycloak-wsfed.
AlistairDoswald
commented on July 25, 2024
Modifications done and tested
from keycloak-wsfed.
Related Issues (20)
- List on keycloak.org extensions page HOT 2
- Migrate keycloak-wsfed module for compatibility with 4.0.0.Final HOT 1
- Broker-mode: when key does not match the signature, a "invalidFederatedIdentityActionMessage" is reported
- Can add an samlple for Exchange2013-OWA login ? HOT 13
- Add support for client-scope mappers to the module
- How to obtain jars? HOT 7
- Maven build on master does not work HOT 2
- Support on version 7.0.1 HOT 1
- login_hint issue HOT 1
- Migrate to Keycloak 8.0.1 HOT 5
- Single logout issue HOT 4
- Frontchannel logout problem HOT 3
- Backchannel logout problem HOT 2
- build jar - deps? HOT 11
- Migrate to Keycloak 11.x+ HOT 4
- how to import x509 to keycloak HOT 1
- support for ws-trust HOT 1
- Migrate to keycloak v15 (at least v13) HOT 1
- WS-fed 404 login timeout error on Exchange2016 OWA
- Keycloak 22+ Support Request HOT 1
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from keycloak-wsfed.