GitXplorerGitXplorer
s

TokenExchangeDemo

public
4 stars
0 forks
1 issues

Commits

List of commits on branch master.
Unverified
67441d476b0b759bbe67c5139a3944493d96e9d6

updating readme

ssecondsun committed 7 years ago
Unverified
b3cba20f9f9f1661afb6d4e92386cbe8ae442250

Minor updates and fixes

ssecondsun committed 7 years ago
Unverified
c4a6687fdc2518d570461068cccb9bb17538696f

Updating Readme

ssecondsun committed 7 years ago
Unverified
8958b5e8f5e45dcd659bdf85e3d3fc141fc000a3

Initial commit

ssecondsun committed 7 years ago

README

The README file for this repository.

TokenExchangeDemo

Token Exchange Demo with KeyClaok

Setup

You will need to setup a project in Google's cloud system as well as download a google-services.json file. The documentation on that is here https://developers.google.com/identity/protocols/OAuth2.

You will need to add your Google-services.json to the app root and setup the google play services plugin.

KeyCloak Setup

I have my own keycloak servicing this app; however, you may wish to configure your own. I followed the instructions in the KeyCloak docs here : http://www.keycloak.org/docs/latest/securing_apps/index.html#external-token-to-internal-token-exchange.

There are a couple caveats I discovered to making it work with Google. First you have to create a generic OpenID Connect IdP configuration in Keycloak instead of using the Google one. With the exception of Google's Client ID and secret you can prefill all of the values using Google's well known file https://accounts.google.com/.well-known/openid-configuration. Secondly I disabled the userInfo endpoint because Google needs a Auth token that is not the ID Token they send you which is used in the KeyCloak key Exchange.