Uploaded image for project: 'Keycloak'
  1. Keycloak
  2. KEYCLOAK-5007

Ensure code-to-token flow works in concurrent SSO login to same client

    Details

    • Type: Task
    • Status: Closed (View Workflow)
    • Priority: Major
    • Resolution: Done
    • Affects Version/s: None
    • Fix Version/s: 3.4.0.CR1
    • Component/s: None
    • Labels:
      None
    • Docs QE Status:
      NEW
    • QE Status:
      VERIFIED

      Description

      Right now, code is saved as a note in AuthenticatedClientSessionModel before AuthorizationRequest is redirected to the application and this note is then compared once code-to-token request is received from the application.

      There are issues with concurrent SSO login of same client now (case when user has multiple browser tabs and opens concurrently http://localhost:8080/auth/admin at the same time). This should be improved. Rather we need to have the code as JWT and the list of expired codes.

      Test: ConcurrentLoginTest and ConcurrentLoginClusterTest should work even if it uses same clients in all threads (Right now, each thread need to have separate set of clients to have test passing)

        Gliffy Diagrams

          Attachments

            Issue Links

              Activity

                People

                • Assignee:
                  mposolda Marek Posolda
                  Reporter:
                  mposolda Marek Posolda
                  Tester:
                  Mark True
                • Votes:
                  0 Vote for this issue
                  Watchers:
                  2 Start watching this issue

                  Dates

                  • Created:
                    Updated:
                    Resolved: