Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

added MTLS external validation support #21

Open
wants to merge 3 commits into
base: main
Choose a base branch
from
Open

added MTLS external validation support #21

wants to merge 3 commits into from

Conversation

DmitryMishchuk
Copy link

Added MTLS external validation support as per keycloak/keycloak-community#267

@DmitryMishchuk
Copy link
Author

@tnorimat please Review

@tnorimat
Copy link
Owner

@DmitryMishchuk Thank you. I will review this soon.

tnorimat
tnorimat reviewed May 20, 2021
View reviewed changes
Copy link
Owner

@tnorimat tnorimat left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@DmitryMishchuk I've reviewed this PR and add some review comments. Could you check them?

...rc/main/java/org/keycloak/protocol/oidc/representations/OIDCConfigurationRepresentation.java Outdated Show resolved Hide resolved
core/src/main/java/org/keycloak/representations/oidc/OIDCClientRepresentation.java Outdated Show resolved Hide resolved
server-spi/src/main/java/org/keycloak/mtls/MtlsExtendedValidationProvider.java
@@ -0,0 +1,13 @@
package org.keycloak.mtls;
Copy link
Owner

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I'm not sure whether this provider is in server-spi project.

AFAIK, the providers in server-spi are fixed and never change their interfaces.
IMO, it might be appropriate that this provider be in server-spi-private.

It might be better to ask Keycloak development team about this point.

server-spi/src/main/java/org/keycloak/mtls/MtlsExtendedValidationSpi.java Show resolved Hide resolved
server-spi/src/main/java/org/keycloak/mtls/MtlsExtendedValidationProvider.java Outdated Show resolved Hide resolved
...src/main/java/org/keycloak/authentication/authenticators/client/X509ClientAuthenticator.java Outdated Show resolved Hide resolved
...src/main/java/org/keycloak/authentication/authenticators/client/X509ClientAuthenticator.java Outdated Show resolved Hide resolved
...src/main/java/org/keycloak/authentication/authenticators/client/X509ClientAuthenticator.java Outdated Show resolved Hide resolved
...src/main/java/org/keycloak/authentication/authenticators/client/X509ClientAuthenticator.java Outdated Show resolved Hide resolved
services/src/main/java/org/keycloak/protocol/oidc/OIDCAdvancedConfigWrapper.java Outdated Show resolved Hide resolved
tnorimat pushed a commit that referenced this pull request Jul 8, 2023
@pedroigor @mposolda
Verify holder of the device code (#21)
28aa1d7 
Closes keycloak/security#32

Co-authored-by: Stian Thorgersen <[email protected]>
Conflicts:
    services/src/main/java/org/keycloak/protocol/oidc/grants/device/DeviceGrantType.java
tnorimat pushed a commit that referenced this pull request Feb 11, 2024
@francis-pouatcha
Merge pull request #21 from adorsys/issue-25638-13
64fcac7 
test: add test for nested disclosable jwt
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@tnorimat tnorimat tnorimat left review comments

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@DmitryMishchuk @tnorimat