Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Custom Login #1

Open
ullakhan opened this issue Oct 4, 2017 · 8 comments
Open

Custom Login #1

ullakhan opened this issue Oct 4, 2017 · 8 comments

Comments

@ullakhan
Copy link

ullakhan commented Oct 4, 2017

I have upload the shared json file to the Keycloak server for the CAMPAIGN_REALM and

I am able to login to the server with the NOrmal login with which redirects to the Keycloak Login Page.

I have problem while to login to the server with Custom Login for the username: admin_user and passwiord: admin_user.

The below error i am getting at the server side.

http://localhost:8080/auth/realms/CAMPAIGN_REALM/protocol/openid-connect/certs
{ keys:
[ { kid: 'FBfZzrTszXORm6TnVB05RWnV6OpnZYb2aX8kJFr_ZpM',
kty: 'RSA',
alg: 'RS256',
use: 'sig',
n: 'yUO8jLzyWVbW906qQN7DcQmWqnSTstpjJ-VQivC_Yilk1EH-EMj79iOqdMlSaa_T2zO1bZKbjfKBaM28ICT9VzPBRSde0GKQlucxrKdLmESHSJYlHnaPw49YYCBehUvY07wmw2naETXRz-1LbG_iyANCnZkSID8JCL0roBWHhlL5u5WMAnApWLQO2JSl1UcYYr5Souqq0yBytt6HtTpDq4BakPMLq9au8FlniZ-4XAIVZGK6pXc7XZTBJEeU_fLio4IQGt3VpJVhI8RIekXeHrmN-W-DNi1J2n4NMSrY7DqoRvyDQcBkxVZnnhZkhTBiaGFZFqhTZVVqAth4yW8uow',
e: 'AQAB' } ] }
validate id token went wrong
(node:3640) UnhandledPromiseRejectionWarning: Unhandled promise rejection (rejection id: 4): TypeError: Cannot set property 'store' of undefined
::ffff:127.0.0.1 - - [04/Oct/2017:19:15:19 +0000] "GET /customLoginEnter?login=admin_user&password=admin_user HTTP/1.1" - - "http://localhost:3000/customLogin" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:55.0) Gecko/20100101 Firefox/55.0"
admin_user
admin_user
validate id token went wrong
(node:3640) UnhandledPromiseRejectionWarning: Unhandled promise rejection (rejection id: 7): TypeError: Cannot set property 'store' of undefined

Please note that i have not configured the MYSQL data base.
@v-ladynev
Copy link
Owner

v-ladynev commented Oct 4, 2017
edited
Loading

@ullakhan Please do these steps:

  1. Update your fork of keycloak-nodejs-example or clone my repository directly.
  2. Run npm update, if you will update project, because of I have changed the versions of the modules.
  3. If you will still have the error set a breakpoint at this line https://github.com/v-ladynev/keycloak-nodejs-example/blob/master/app.js#L79. And check, can you reach this line of the code or not.

Also you can check custom login request using Postman or curl
https://github.com/v-ladynev/keycloak-nodejs-example#what-happens-with-custom-login

@edwint88
Copy link

you don't need both credentials in plain text and secret header. One of them suffice.

@v-ladynev
Copy link
Owner

@edwint88 Was it for me? Please clarify if so :)

@edwint88
Copy link

you have this call:

curl -X POST
http://localhost:8080/auth/realms/CAMPAIGN_REALM/protocol/openid-connect/token
-H 'authorization: Basic Q0FNUEFJR05fQ0xJRU5UOjZkOTc5YmU1LWNiODEtNGQ1Yy05ZmM3LTQ1ZDFiMGM3YTc1ZQ=='
-H 'content-type: application/x-www-form-urlencoded'
-d 'client_id=CAMPAIGN_CLIENT&username=admin_user&password=admin_user&grant_type=password'

and you can do that either so:

curl -X POST
http://localhost:8080/auth/realms/CAMPAIGN_REALM/protocol/openid-connect/token
-H 'authorization: Basic Q0FNUEFJR05fQ0xJRU5UOjZkOTc5YmU1LWNiODEtNGQ1Yy05ZmM3LTQ1ZDFiMGM3YTc1ZQ=='
-H 'content-type: application/x-www-form-urlencoded'
-d 'grant_type=confidential'

or so

curl -X POST
http://localhost:8080/auth/realms/CAMPAIGN_REALM/protocol/openid-connect/token
-H 'content-type: application/x-www-form-urlencoded'
-d 'client_id=CAMPAIGN_CLIENT&username=admin_user&password=admin_user&grant_type=password'

and still get the tokens. You don't need to pass both information.
The only thing is to care how you configure the client 'confidential' or 'public'

@v-ladynev
Copy link
Owner

@edwint88 Thank you very much. I will check that.

@v-ladynev
Copy link
Owner

@edwint88 Your assumption is not correct. We need to provide the authorization header and user's login with password.

  1. I configured CAMPAIGN_CLIENT as confidential.
  2. I need to provide a secret code in the authorization header for such confidential client :
    authorization: Basic BASE64(clientId + ':' + secret)
  3. I need to provide user's login and password to get a token for that user.

@edwint88
Copy link

edwint88 commented Jul 3, 2018

that makes no sense, please check: https://tools.ietf.org/html/rfc6749. I also tested that locally vs a standard keycloak and for me worked as I said, maybe you have other settings that influences that.

@v-ladynev
Copy link
Owner

@edwint88 Yes. I configured a client as confidential. So I have to provide secret.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@edwint88 @ullakhan @v-ladynev