pmlopes
commented
11 months ago This is a great catch, thanks!
Closed Ernstsen closed 11 months ago
pmlopes
commented
11 months ago This is a great catch, thanks!
Changes
The revocation endpoint was forced to be null, when using the keycloak oauth2 provider.
As per the keycloak documentation, there is an endpoint for revoking tokens: https://www.keycloak.org/docs/latest/securing_apps/#_token_revocation_endpoint
This would enable logging users out with API instead of redirects with keycloak.
Motivation:
I need to be able to log out users, when using the keycloak OAuth2 provider.
This is currently not possible as the
revokemethod requires therevocationUrl != nulland thelogoutmethod inOAuth2APIis not accessible from outside theOAuth2Authobject.This simple change allows users to use the flow described in the current vertx.io documentation for token management: https://vertx.io/docs/vertx-auth-oauth2/java/#_token_management
Conformance:
You should have signed the Eclipse Contributor Agreement as explained in https://github.com/eclipse/vert.x/blob/master/CONTRIBUTING.md Please also make sure you adhere to the code style guidelines: https://github.com/vert-x3/wiki/wiki/Vert.x-code-style-guidelines