Welcome to OGeek Q&A Community for programmer and developer-Open, Learning and Share
Welcome To Ask or Share your Answers For Others

Categories

0 votes
808 views
in Technique[技术] by (71.8m points)

keycloak Valid Redirect URIs for dynamic URLs w/ Vercel

I'm setting up CI/CD to automatically deploy my application to a preview URL using vercel.com

these preview URLs are generated with a random string on every commit.

in keycloak if I add the entire string e.g. "https://c1-frontend-v4-anything.tet.vercel.app/"

I can login through keycloak fine. But no matter what I try I cannot get any wildcards to work...

I have tried:

  • https://*.vercel.app/
  • https://*.vercel.app/*
  • https://c1-frontend-v4-*.vercel.app
  • https://*.vercel.app
  • *
  • +
  • /*
  • https://*
  • www.*

after giving up, assuming it is some bug in keycloak I discovered their docs...

Valid Redirect URIs

This is a required field. Enter in a URL pattern and click the + sign to add. Click the - sign next to URLs you want to remove. Remember that you still have to click the Save button! Wildcards () are only allowed at the end of a URI, i.e. http://host.com/

You should take extra precautions when registering valid redirect URI patterns. If you make them too general you are vulnerable to attacks. See Threat Model Mitigation chapter for more information.

???♂???...

I'm having a hard time believing they actually did this on purpose.

Surely there must be a way to allow login from dynamically generated urls for preview deployments?

question from:https://stackoverflow.com/questions/65928311/keycloak-valid-redirect-uris-for-dynamic-urls-w-vercel

与恶龙缠斗过久,自身亦成为恶龙;凝视深渊过久,深渊将回以凝视…
Welcome To Ask or Share your Answers For Others

1 Reply

0 votes
by (71.8m points)
Waitting for answers

与恶龙缠斗过久,自身亦成为恶龙;凝视深渊过久,深渊将回以凝视…
OGeek|极客中国-欢迎来到极客的世界,一个免费开放的程序员编程交流平台!开放,进步,分享!让技术改变生活,让极客改变未来! Welcome to OGeek Q&A Community for programmer and developer-Open, Learning and Share
Click Here to Ask a Question

...