keycloak-nodejs-multirealm post authentication keycloak-connect-multirealm library is not recognizing keycloak bearer token.

post authentication keycloak-connect-multirealm library is not recognizing keycloak bearer token.

Open jaganvelu opened this issue 1 year ago • 0 comments

We are migrating an application used for managing keycloak resources. This was deployed on node v14 and working fine, we are currently in the process of upgrading it to node v18 due to EOL for node v14. We noticed that the keycloak multi realm initialize not recognizing the bearer token issued by keycloak post authentication.

Environment: Keycloak server version - 21.0.1/16.1.1 - tested with both the version and same result. NodeJs - 18 keycloak-js package - 21.0.1 keycloak-connect package - 21.0.1 keycloak-connect-multirealm - 2.1.0

keycloak adapter config : { "realm": "my-realm", "auth-server-url": "http://localhost/auth/", "ssl-required": "none", "resource": "my-client-id", "public-client": true, "confidential-port": 0 } Sequence of flow as below:

/token request returns auth information incluing access_token, refreshToken, etc.
/login - node server api which takes forward bearer token to the application for other requests. this one is again redirecting with 302 to openid-connect/auth keycloak .
I feel this is because my /login is not getting the bearer token or recognize the authentication context.
the same flow is working fine with NodeJs v14. below are few code snippets.

// setting up keycloak and its config in node server const setupKeycloakAuth = (app, config) => { const kcConfig = { resource: ${config.keycloakClientId}, serverUrl: ${config.keycloakUrl}, "auth-server-url": ${config.keycloakUrl}, "public-client": true };

return new KeycloakMultirealm({ }, kcConfig);

};

const keycloak = setupKeycloakAuth(app, config); app.use(keycloak.middleware()); require("./dev-helper").setupHotLoading(app, config); app.use("/umlite/api", keycloak.protect(), api.createRouter(config)); });

// initializing keycloak - in react application

export const initializeKeycloak = ( keycloakUrl, keycloakTimeoutMs, keycloakRealm, keycloakClientId, accessToken, refreshToken, idToken, saneSessionID, isConfidentialClient, clientSecret ) => {

keycloakInstance = new Keycloak({
  realm: keycloakRealm,
  url: keycloakUrl,
  clientId: keycloakClientId
});

let initPromise; if (accessToken) { initPromise = keycloakInstance.init({ refreshToken: refreshToken, token: accessToken, idToken: idToken, checkLoginIframe: false }); keycloakInstance.saneSessionID = saneSessionID; } else { initPromise = keycloakInstance.init({ ** /authenticate keycloak api // keycloak is initialized and authenticated with token, refreshToken etc.** onLoad: "check-sso", checkLoginIframeInterval: 1 }); } return promiseTimeout(keycloakTimeoutMs, initPromise).then(() => { if ( keycloakRealm === keycloakInstance.realm && keycloakInstance.authenticated ) { let tokenFromSession = sessionStorage.getItem(TOKEN); sessionStorage.setItem(TOKEN, keycloakInstance.token); !tokenFromSession && logLoginEvent(); // invokes the node login api } else { keycloakInstance.login(); } }); };

// Api.js

// this method returns all the header information which also has the bearer token and other related info. Even with the proper bearer token it is doing a 302 redirect to /openid-connect/auth meaning the request is not recognizing the bearer token.

export const logLoginEvent = (userData = {}) => { const uri = ${node_api_base_path}/login; return postCall(uri, userData); };

What am I missing here? Is there any compatibility issues in keycloak-connect-multirealm with node 18.

May 19 '23 12:05 jaganvelu

keycloak-nodejs-multirealm keycloak-nodejs-multirealm copied to clipboard

post authentication keycloak-connect-multirealm library is not recognizing keycloak bearer token.

keycloak-nodejs-multirealm
keycloak-nodejs-multirealm copied to clipboard