-
Notifications
You must be signed in to change notification settings - Fork 1.2k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Restore account linking on newest keycloak versions #13398
Conversation
Signed-off-by: Max Shaposhnik <mshaposh@redhat.com>
ci-test |
@mshaposhnik: thanks for quick fixup! |
@dmytro-ndp usually we do cherry-picks from master after commit is merged. |
Results of automated E2E tests of Eclipse Che Multiuser on OCP: |
E2E selenium tests results for github integration look good. |
@mshaposhnik: I have created PR #13401 to make it possible to test it as Che 6.x using CRW 1.2. |
Is this change backwards compatible with RH SSO 7.2? I am having problems with GitHub auth via SSO 7.2. |
nvm, my problem was caused by incorrect client roles (fix). |
What does this PR do?
Since in newer Keycloak versions meaning of
aud
claim changed a little, so it is not contains name of the client who requested token anymore. This information is stored in theazp
claim value, which is right place for it (see https://www.iana.org/assignments/jwt/jwt.xhtml). So we must read it from here.What issues does this PR fix or reference?
#13380
Release Notes
N/A
Docs PR
N/A