Marek Posolda
Marek Posolda
@jonkoops Is it ok if we downgrade it from "important" to "normal" and remove the "backport" labels?
@keycloak/ui-maintainers Anyone from the UI team available to review this?
@ssilvert Thanks!
@rmartinc @pedroigor @sguilhen Thanks for this PR and for reviewing it!
@douglaspalmer Few minor points: - The issue https://github.com/keycloak/keycloak/issues/38663 mentions access-token IDs (and few other things in the description). But it seems this PR handles various secrets, but does not handle...
@douglaspalmer Looks good. However there are test failures as we have some tests checking for token IDs being UUID. I think that `AssertEvents.isAccessTokenId` needs some update and it will fix...
@pedroigor @sschu The related issue, which I was recently involved, is https://github.com/keycloak/keycloak/issues/32650 . We had the discussion with @stianst regarding that one. Until now, we created both "online" and offline...
> Thanks, it is more clear now the context. > > > This one issue is slightly related to that. As you pointed, people were using offline sessions even for...
@stustison Thanks! Hopefully the branch from @thomasdarimont can simplify the rebase for you. @thomasdarimont Thanks for rebase in your environment! Just to doublecheck, did you had a chance to review...
@stianst I think that in the ideal world, the CRL checking (as well as the OCSP, KeyUsage and Extended KeyUsage checks) is something, which is better verified at the layer...