[KEYCLOAK-1733] Adapters: support for authentication with bearer token sent in query param (or POST body) - Red Hat Issue Tracker

XML

Word

Printable

Details

Type: Feature Request
Status: Closed (View Workflow)
Priority: Major
Resolution: Done
Affects Version/s: 1.4.0.Final
Fix Version/s: 2.1.0.CR1
Component/s: Adapter - JEE
Labels:
None

Description

The specs is here http://self-issued.info/docs/draft-ietf-oauth-v2-bearer.html#query-param . We may need to add support for 2.2 and 2.3 .

It might be useful for the scenarios like websockets, as javascript WebSockets doesn't seem to have a way to attach "Authorization: Bearer" header - http://stackoverflow.com/questions/4361173/http-headers-in-websockets-client-api .

Not sure if it should be enabled by default or just on demand (There are some security implications for sending token in query param. See the specs). Maybe we can support authentication through token in query parameter just for HTTP Upgrade requests.

Attachments

Activity

People

Assignee:: Unassigned

Reporter:: Marek Posolda

Votes:: 3 Vote for this issue

Watchers:: 6 Start watching this issue

Dates

Created:: 2015/Aug/05 9:24 AM

Updated:: 2021/Oct/24 5:42 AM

Resolved:: 2016/Jul/20 8:02 AM