You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
The OIDC login button could need some improvement and clean up.
Some things that come in mind are:
ID tokens are extracted, but not used in any way
ID tokens are not validated
there is no working logout functionality
validation of access token exists (via the userinfo endpoint) but no verification if the token is issued to this client
In general we could make use of the Single Sign-On functionality of Keycloak or/and make use of a JS library.
Best solution would be to just use our openidconnect-singin button, but maybe this would require some changes in the whole code.
The text was updated successfully, but these errors were encountered:
The OIDC login button could need some improvement and clean up.
Some things that come in mind are:
In general we could make use of the Single Sign-On functionality of Keycloak or/and make use of a JS library.
Best solution would be to just use our openidconnect-singin button, but maybe this would require some changes in the whole code.
The text was updated successfully, but these errors were encountered: