个人中心
文章发布
退出
作者热门文章
- android - 多次调用 OnPrimaryClipChangedListener
- android - 无法更新 RecyclerView 中的 TextView 字段
- android.database.CursorIndexOutOfBoundsException : Index 0 requested, 光标大小为 0
- android - 使用 AppCompat 时,我们是否需要明确指定其 UI 组件(Spinner、EditText)颜色
25
4
设置:
我正在尝试获取demo code for keycloak-connect library to run ,但失败了。
这就是我所做的:
index.js
var createError = require('http-errors');
var express = require('express');
var path = require('path');
var cookieParser = require('cookie-parser');
var logger = require('morgan');
var session = require('express-session');
var Keycloak = require('keycloak-connect');
var memoryStore = new session.MemoryStore();
let keycloak = new Keycloak({ store: memoryStore });
var indexRouter = require('./routes/index');
var usersRouter = require('./routes/users');
var app = express();
app.set('trust proxy', 1); // trust first proxy
app.use(session({
secret: 'keyboard cat',
resave: false,
saveUninitialized: true,
cookie: { secure: true },
store: memoryStore
}));
app.use( keycloak.middleware() );
// view engine setup
app.set('views', path.join(__dirname, 'views'));
app.set('view engine', 'pug');
app.use(logger('dev'));
app.use(express.json());
app.use(express.urlencoded({ extended: false }));
app.use(cookieParser());
app.use(express.static(path.join(__dirname, 'public')));
app.get('/$', function(req, res) {
res.write('<a href="/secure">Secure</a>');
res.end();
});
app.get( '/secure', keycloak.protect('realm:master'), function(req, res){
//Edit: keycloak.protect() gives the same result
res.write("Yo!");
res.end();
});
// catch 404 and forward to error handler
app.use(function(req, res, next) {
next(createError(404));
});
// error handler
app.use(function(err, req, res, next) {
// set locals, only providing error in development
res.locals.message = err.message;
res.locals.error = req.app.get('env') === 'development' ? err : {};
// render the error page
res.status(err.status || 500);
res.render('error');
});
module.exports = app;
keycloak.json(复制/粘贴)
{
"realm": "master",
"auth-server-url": "http://localhost:8080/auth",
"ssl-required": "external",
"resource": "test",
"public-client": true,
"confidential-port": 0
}
package.json
{
"name": "keycloak-test",
"version": "0.0.0",
"private": true,
"scripts": {
"start": "node ./bin/www"
},
"dependencies": {
"cookie-parser": "~1.4.3",
"debug": "~2.6.9",
"express": "~4.16.0",
"express-session": "^1.15.6",
"http-errors": "~1.6.2",
"keycloak-connect": "^4.7.0",
"morgan": "~1.9.0",
"pug": "2.0.0-beta11"
}
}
问题:
访问http://localhost:3000/secure时,我被重定向到keycloak登录表单,并且可以使用演示用户的用户凭据登录。
然后,我被重定向回 /secure,网站显示 访问被拒绝,响应代码为 403 禁止。keycloak 控制台显示
16:44:56,691 WARN [org.keycloak.events] (default task-8)
type=CODE_TO_TOKEN_ERROR,
realmId=master,
clientId=test,
userId=xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx,
ipAddress=127.0.0.1,
error=invalid_code,
grant_type=authorization_code,
code_id=xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx,
client_auth_method=client-secret
node.js 控制台显示无法获取授权代码:400:错误请求。
我做错了什么?
最佳答案
您正在使用名为 master 的领域角色来保护您的资源 /secure
app.get( '/secure', keycloak.protect('realm:master')
您需要创建主角色并分配给demouser,如下所示
关于node.js - keycloak-nodejs-connect : Could not obtain grant code: 400:Bad Request,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/53636288/
25
4
0
我是一名优秀的程序员,十分优秀!