I'm setting up CI/CD to automatically deploy my application to a preview URL using vercel.com
these preview URLs are generated with a random string on every commit.
in keycloak if I add the entire string e.g. "https://c1-frontend-v4-anything.tet.vercel.app/"
I can login through keycloak fine. But no matter what I try I cannot get any wildcards to work...
I have tried:
https://*.vercel.app/https://*.vercel.app/*https://c1-frontend-v4-*.vercel.apphttps://*.vercel.app*+/*https://*www.*
after giving up, assuming it is some bug in keycloak I discovered their docs...
Valid Redirect URIs
This is a required field. Enter in a URL pattern and click the + sign
to add. Click the - sign next to URLs you want to remove. Remember
that you still have to click the Save button! Wildcards () are only
allowed at the end of a URI, i.e. http://host.com/
You should take extra precautions when registering valid redirect URI
patterns. If you make them too general you are vulnerable to attacks.
See Threat Model Mitigation chapter for more information.
???♂???...
I'm having a hard time believing they actually did this on purpose.
Surely there must be a way to allow login from dynamically generated urls for preview deployments?
question from:
https://stackoverflow.com/questions/65928311/keycloak-valid-redirect-uris-for-dynamic-urls-w-vercel 与恶龙缠斗过久,自身亦成为恶龙;凝视深渊过久,深渊将回以凝视…
