vue-keycloak-js
vue-keycloak-js copied to clipboard
redirect_uri with keycloak 18 causes an error
Using @https://github.com/[email protected]
with keycloak 18 will produce an error when trying to logout:
invalid param redirect_uri
The Breaking Change in Keycloak is described in the Release Notes - Section "Migration from 17.0 -> OpenID Connect Logout".
The problem can be fixed by updating keycloak-js
to version 18.0.0
.
As previously mentioned in other issues we are keeping keycloak-js at the current version because of redhat-sso using said version. So it won't be updated until there is a redhat-sso version with corresponding keycloak version.
In the release notes you linked there is also a way to make redirect_uri
work with 18+ versions of keycloak
There is a backwards compatibility option, which allows your application to still use the old format of the redirect_uri parameter.
You can enable this parameter when you start the server by entering the following command:
bin/kc.[sh|bat] --spi-login-protocol-openid-connect-legacy-logout-redirect-uri=true start
With this configuration, you can still use the format with the redirect_uri parameter. Note the confirmation screen will be needed if the id_token_hint is omitted.
Thanks @baltom ... You help me a lot.
I meet the same problem. In my case, I downgrade [email protected] to [email protected]. That works for me.
https://quay.io/repository/keycloak/keycloak?tab=tags&tag=17.0.1
You don't need to downgrade @joe105598055 . You need to upgrade your Keycloak-js libs. It also solved the issue.
@hendisantika was right. I updated Keycloak-JS and it worked.
el logout se me arreglo y me funciono asi Valid redirect URIs : http://localhost:4200/* Valid post logout : http://localhost:4200/* Web origins : http://localhost:4200/*
@baltom If I'm not mistaken, redhat recently upgraded to [email protected] which uses [email protected] https://access.redhat.com/articles/2342881
@theolevisage yeah, it is indeed. So we can bump up the keycloak-js dependency. And won't need the workaround to support old format
Is this issue fixed? I upgrade vue-keycloak-js to latest "@dsb-norge/vue-keycloak-js": "^2.1.5-beta", on keycloak-18.0.0 still receive error log message " Parameter 'redirect_uri' no longer supported. Please use 'post_logout_redirect_uri' with 'id_token_hint' for this endpoint."
I'm not sure how to upgrade keycloak-js to version 18.0.0
in my package.json.
Thank you for your help.
el logout se me arreglo y me funciono asi Valid redirect URIs : http://localhost:4200/* Valid post logout : http://localhost:4200/* Web origins : http://localhost:4200/*
Gracias, tambien me funciono.
@theolevisage yeah, it is indeed. So we can bump up the keycloak-js dependency. And won't need the workaround to support old format
I agree with @baltom. This is the only valid solution to this issue. Issue is not in Keycloak application but in js adapter itself, it is not fully compatible since it is outdated. Enabling legacy features and changing Keycloak configuration should only be a workaround in development stage.
I'm using keycloak-js 19.0.3 and getting the indicated error with Keycloak 21.x