Closed manhar-developer closed 3 years ago
czetsuya
commented
3 years ago After modifying keycloak.json with "enable-pkce": true, still not able to use this. Please suggest
Hi. What exactly are you doing? What's your setup and what have you done so far? What errors do you see in the log?
Regarding enable-pkce, it's properly documented here https://www.keycloak.org/docs/latest/securing_apps.
manhar-developer
commented
3 years ago Hi @czetsuya When token is being generated (refer attached snapshot) I want to use the the form data parameters like code, grannt_type= authorization_code, client_id, redirect_uri . Out of this parameters waht to use code which is being genarated by keycloak js library and send pkec generated string along with these paraemeters.
Modified keycloak json -
{ "realm": "test", "auth-server-url": "http://192.168.252.62:8180/auth/", "ssl-required": "none", "resource": "spa-heroes", "public-client": true, "enable-pkce": true, "confidential-port": 0 }
Expetcted result : Need to send code verifier string.
PS - I followed your tutorial and created app using https://www.youtube.com/watch?v=JUhknUDsZQg . Please suggest if this can be done as I am just using keycloak js dependency and no other third party library as you did in the tutorial
czetsuya
commented
3 years ago Hi,
In the client's advance settings, set S256 under Proof key for code.
Set Access type=public and enable Standard flow enabled.
In your frontend application make sure that keycloak.json contains: "enable-pkce": true.
After modifying keycloak.json with "enable-pkce": true, still not able to use this. Please suggest