You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
When using CNAMEs to point to the Keyclaok server, the JWT created has in the iss field the CNAME. As the KC Server can be react over both addresses, the auth-server-url field of the Config must take this into account. In the code line
the request will be rejected if they come form the CNAME URL of the URL the CNAME Points to.
Proposal
Type for backwards compatibility:
type auth_server_url_type: string|string[]
Usgage:
letiss=newURL(token.content.iss)if((typeofthis.config.realmUrl)==="string"){// Use like until now}elseif(Array.isArray(this.config.realmUrl){if(this.config.realmUrl.includes(iss.host)&&(iss.pathname===''/realms/' + this.config.realm) // Accept/Reject
}else{// Error (the Config class constructor should check this)}
Discussion
No response
Motivation
No response
Details
No response
The text was updated successfully, but these errors were encountered:
Description
When using CNAMEs to point to the Keyclaok server, the JWT created has in the
iss
field the CNAME. As the KC Server can be react over both addresses, theauth-server-url
field of the Config must take this into account. In the code linekeycloak-nodejs-connect/middleware/auth-utils/grant-manager.js
Line 427 in dd1c20f
Proposal
Type for backwards compatibility:
Usgage:
Discussion
No response
Motivation
No response
Details
No response
The text was updated successfully, but these errors were encountered: