Failed to make identity provider oauth callback: org.keycloak.broker.provider.IdentityBrokerException: No token from server

[mithunglares]

• We have configured Keycloak Client as the Oauth Client(Requests as OpenId-connect)(frontend)
• We are using Facebook as the Oauth Server(Responds as Oauth)(backend)
• Trying to use SATOSA as a translate proxy

Code Version

• Keycloak version - 3.4.3.Final
• Satosa version - SATOSA-6.1.0

Expected Behavior

Expecting to login to my keycloak client in house after authentication from Facebook Oauth Server

Current Behavior

We are prompted with an error in keycloak logs that "Failed to make identity provider oauth callback: org.keycloak.broker.provider.IdentityBrokerException: No token from server."

1. Any request from keycloak client using OpenId-connect expects a token exchange in response, since we are here trying to use Oauth Server(Facebook).
2. Indicating it is expecting a token as a response from Satosa backend , and hence failing authentication

Possible Solution

1. Request you to help suggest how we configure a token as a response in addition to the response from Oauth server.
2. Any examples related to configuration of Satosa. When trying to translate between OpenID-connect and Oauth should be very useful.

Steps to Reproduce

1. The zip file containing our satosa config is attached for reference
2. The access_token can be generated using the below command. curl -X GET "https://graph.facebook.com/oauth/access_token?client_id={}&client_secret={}&grant_type=client_credentials" Satosa.zip