Uploaded image for project: 'Keycloak'
  1. Keycloak
  2. KEYCLOAK-9050

OIDCLoginProtocol#authenticated (and others) read values from client session

    XMLWordPrintable

    Details

    • Type: Enhancement
    • Status: Closed (View Workflow)
    • Priority: Major
    • Resolution: Done
    • Affects Version/s: None
    • Fix Version/s: 4.8.0.Final
    • Component/s: None
    • Labels:
    • Docs QE Status:
      NEW
    • QE Status:
      NEW

      Description

      OIDCLoginProtocol still reads a lot of values from the client session that are available in the authentication session. This could lead to strange behaviour when concurrent client requests are done to the same user session. We should at least make sure redirect_uri, state, response_mode and response_type are read from authentication session

        Gliffy Diagrams

          Attachments

            Issue Links

              Activity

                People

                • Assignee:
                  mposolda Marek Posolda
                  Reporter:
                  stianst Stian Thorgersen
                • Votes:
                  0 Vote for this issue
                  Watchers:
                  2 Start watching this issue

                  Dates

                  • Created:
                    Updated:
                    Resolved: