Comments (2)
J0
commented on September 25, 2024
Hey @jland-redhat,
Thanks for reporting the issue and for patiently waiting. I'm not too familiar with Keycloak- is the requirement here for Keycloak to receive a URL that includes <url>/?<params...>&code_challenge=S256 ?
from auth.
jland-redhat
commented on September 25, 2024
Hey @J0
So yeah exactly what you are saying, Keycloak is an authorization server and this is as much an issue on their side IMO. But their "allowed code challenges" are S256 and plain and if you pass in code_challenge=s256 it rejects it.
We ended up going in another direction but I am not sure if this is the low hanging fruit of just adding an extra value to your code_challenge_method enum inside your openapi.yaml contract or if there would be more to it than that. But figured I would bring it to y'all attention since Keycloak is a fairly popular auth option when using Openshift.
from auth.
Related Issues (20)
- .well-known/jwks.json to use in REST API HOT 2
- Sharing a Supabase Auth Session - Incompatibility Between Supabase Flutter and Swift SDKs: Session JSON Structure Mismatch HOT 4
- Issue with migrations HOT 7
- HookName field unavailable in the UI, thus not saved in backend. HOT 7
- auth.signUp accepts empty email and password when anonymous sign in is enabled HOT 1
- auth.admin.generateLink does not return proper redirectTo HOT 4
- Auth - Error sending magic link - Status 500
- send_email auth hook email_change does not contain token HOT 2
- AuthException Not returning valid message and status code for banned_until As per documentation HOT 5
- In Firebase, the password hash is stored in passwordHash and is hashed using SCRYPT with specific parameters. In Supabase, the password is stored in encrypted_password and is hashed using bcrypt. As a result, when migrating authenticated users, an error occurs due to the different password hashing algorithms. HOT 5
- Captcha fails after migrating from hCaptcha to Turnstile HOT 2
- env replacement in [auth.sms.twilio] / `account_sid` HOT 1
- Some JWTs exceed Cloudflare header size limits & Nginx defaults
- Kakao Login: Need for both REST API Key and Native App Key causes confusion
- GOTRUE_JWT_SECRET value and base64 string format
- Sending a magic link will sometimes fail due to password.Generate generating an invalid password
- linkIdentity errors out if the account already exists HOT 1
- Various Ways of Password Reset
- PUT /USER is abusable HOT 1
- Too long strings in user_metadata causing authentication to break HOT 1
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from auth.