New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
CORS SPI #25446
Labels
area/oidc
Indicates an issue on OIDC area
kind/feature
Categorizes a PR related to a new feature
release/24.0.0
release-notes
team/core-clients
Comments
dteleguin
added
kind/feature
Categorizes a PR related to a new feature
status/triage
labels
Dec 10, 2023
Merged
dteleguin
added a commit
to CarrettiPro/keycloak
that referenced
this issue
Dec 10, 2023
Closes keycloak#25446 Signed-off-by: Dmitry Telegin <demetrio@carretti.pro>
dteleguin
added a commit
to CarrettiPro/keycloak
that referenced
this issue
Jan 27, 2024
Closes keycloak#25446 Signed-off-by: Dmitry Telegin <demetrio@carretti.pro>
dteleguin
added a commit
to CarrettiPro/keycloak
that referenced
this issue
Jan 27, 2024
Closes keycloak#25446 Signed-off-by: Dmitry Telegin <demetrio@carretti.pro>
dteleguin
added a commit
to CarrettiPro/keycloak
that referenced
this issue
Feb 1, 2024
Closes keycloak#25446 Signed-off-by: Dmitry Telegin <demetrio@carretti.pro>
pedroigor
pushed a commit
that referenced
this issue
Feb 6, 2024
cavuugroup
pushed a commit
to cavuugroup/keycloak
that referenced
this issue
Feb 8, 2024
Closes keycloak#25446 Signed-off-by: Dmitry Telegin <demetrio@carretti.pro> Signed-off-by: Krzysztof Walczewski <kwalczewski@gmail.com>
ahus1
pushed a commit
to ahus1/keycloak
that referenced
this issue
Mar 22, 2024
Closes keycloak#25446 Signed-off-by: Dmitry Telegin <demetrio@carretti.pro>
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Labels
area/oidc
Indicates an issue on OIDC area
kind/feature
Categorizes a PR related to a new feature
release/24.0.0
release-notes
team/core-clients
Description
Introduce a new SPI for CORS and create a default implementation based on
org.keycloak.services.resources.Cors
.Discussion
(discussed at 6th OAuth SIG)
Motivation
Currently, we have
Cors
class that belongs toservices
and is not visible from other modules. The behavior is mostly hardcoded with limited configurability. The introduction of CORS SPI will help solve the following issues:Cors
class to the provider infrastructure. Currently, one can only passCors
to a provider asjava.lang.Object
and then cast it back in the implementation (1, 2). This will also be required by the upcoming OAuth 2.0 Grant SPI;kc.spi-cors-default
) which will allow to customize the behavior (example: [CORS] Allow Access-Control-Allow-Headers customization #12682)Details
As long as CORS implementation is going to be a provider, using it will require a
KeycloakSession
. At the OAuth SIG, we have agreed that we can have a new session-based API whilst (temporarily) keeping the old one:This will result in the following changes/decisions:
org.keycloak.common.util.Resteasy
class will need to be moved to thecommon
module, otherwise it won't be accessible from theCors::add
methods (which will need to resolveKeycloakSession
via a Resteasy context).The text was updated successfully, but these errors were encountered: