keycloak-nodejs-connect | OAuth library
kandi X-RAY | keycloak-nodejs-connect Summary
kandi X-RAY | keycloak-nodejs-connect Summary
Keycloak is an Open Source Identity and Access Management solution for modern Applications and Services. This repository contains the source code for the Keycloak Node.js adapter. This module makes it simple to implement a Node.js Connect-friendly application that uses Keycloak for its authentication and authorization needs.
Support
Quality
Security
License
Reuse
Top functions reviewed by kandi - BETA
- Resolve environment variable reference .
keycloak-nodejs-connect Key Features
keycloak-nodejs-connect Examples and Code Snippets
Community Discussions
Trending Discussions on keycloak-nodejs-connect
QUESTION
I've tried for many hours now and seem to have hit a wall. Any advice/help would be appreciated.
Goal: I want to authorize the express rest-api (ex client-id: "my-rest-api") routes (example resource: "WeatherForecast") across various HTTP methods mapped to client scopes (examples: "create"/"read"/"update"/"delete"). I want to control those permissions through policies (For example - "Read - WeatherForecast - Permission" will be granted if policy "Admin Group Only" (user belongs to admin group) is satisfied.
Rest-api will not log users in (will be done from front end talking directly to keycloak and then they will use that token to talk with rest-api).
Environment:
- Keycloak 15.1.1 running in its own container, port 8080, on docker locally (w/ shared network with rest-api)
- "my-rest-api": Nodejs 16.14.x w/ express 4.17.x server running on its own container on docker locally. Using keycloak-connect 15.1.1 and express-session 1.17.2.
- Currently hitting "my-rest-api" through postman following this guide: https://keepgrowing.in/tools/kecloak-in-docker-7-how-to-authorize-requests-via-postman/
What Happens: I can login from keycloak login page through postman and get an access token. However when I hit any endpoint that uses keycloak.protect() or keycloak.enforce() (with or without specifying resource permissions) I can't get through. In the following code the delete endpoint returns back 200 + the HTML of the keycloak login page in postman and the Get returns back 403 + "Access Denied".
Current State of Realm
- Test User (who I login with in Postman) has group "Admin".
- Client "my-rest-api" with access-type: Confidential with Authorization enabled.
- Authorization set up:
- Policy Enforcement Mode: Enforcing, Decision Strategy: Unanimous
- "WeatherForecast" resource with uri "/api/WeatherForecast" and create/read/update/delete client scopes applied.
- "Only Admins Policy" for anyone in group admin. Logic positive.
- Permission for each of the client scopes for "WeatherForecast" resource with "Only Admins Policy" selected, Decision Strategy: "Affirmative".
Current State of Nodejs Code:
...ANSWER
Answered 2022-Apr-11 at 18:17So my team finally figured it out - the resolution was a two part process:
- Followed the instructions on similar issue stackoverflow question answers such as : https://stackoverflow.com/a/51878212/5117487 Rough steps incase that link is ever broken somehow:
- Add hosts entry for 127.0.0.1 keycloak (if 'keycloak' is the name of your docker container for keycloak, I changed my docker-compose to specify container name to make it a little more fool-proof)
- Change keycloak-connect config authServerUrl setting to be: 'http://keycloak:8080/auth/' instead of 'http://localhost:8080/auth/'
- Postman OAuth 2.0 token request Auth URL and Access Token URL changed to use the now updated hosts entry:
- "http://localhost:8080/auth/realms/abra/protocol/openid-connect/auth" -> "http://keycloak:8080/auth/realms/abra/protocol/openid-connect/auth"
- "http://localhost:8080/auth/realms/abra/protocol/openid-connect/token" -> "http://keycloak:8080/auth/realms/abra/protocol/openid-connect/token"
QUESTION
I'm new on node js, and the company that i work for needs a proof of concept about postgraphile, the situation is this:
- I created a node js mini server that uses postgraphile to access the data on postgres
- The mini server works fine and can return data and also can use mutations.
- I used keycloak-connect to try to access keycloak to authenticate the token from the request that is sent by postman but there is a problem.
- If the token is valid or not it does not matter for the mini server, the only thing that seems to matter is that is a bearer token.
I tried to use other plugins (like keycloak-nodejs-connect, keycloak-verify, etc) but the result is the same, i also changed my code to use the examples in the documentation of those plugins but nothing.
This is my code: (keycloak-config.js file)
...ANSWER
Answered 2021-Dec-17 at 13:33I found the answer to my problem:
QUESTION
I'm trying to log in into Keycloak from NodeJS code, and I'm struggling with finding the working example.
The documentation on https://www.keycloak.org/docs/latest/securing_apps/index.html#_nodejs_adapter is incomplete and doesn't describe the most important thing, how do you actually log in.
I've tinkered my example from the rudimentary information on the keycloak docs, and the tests from keycloak-nodejs-connect:
...ANSWER
Answered 2021-Nov-19 at 09:52Error not_allowed
indicates that direct grant is not allowed. Enable Direct Access Grants Enabled
in the test-client
Keycloak client configuration.
QUESTION
I'm trying to implement keycloak on my node.js apps.
I'm using keycloak-nodejs-connect on my node.js apps.
If there is no operation on the website for longer than session idle time, I would like to automatically go to the login page or notify the user that are logged out (When session is expired, pressing F5 will automatically bring up the login page).
Keycloak version : 12.0.0 keycloak-nodejs-connect version : 12.0.4
I just using I wrote the code by referring to the source code below.
https://github.com/keycloak/keycloak-nodejs-connect/blob/master/example/index.js
How do I redirect the client page to login page or logout page?
Thanks for comments.
Here is the code.
app.js var memoryStore = new session.MemoryStore();
app.use(session({ secret: 'mySecret', resave: false, saveUninitialized: true, store: memoryStore }));
var keycloak = new Keycloak({ store: memoryStore });
app.use(keycloak.middleware({ logout: '/logout', admin:'/' }));
index.js(router) var Keycloak = require('keycloak-connect');
var memoryStore = new session.MemoryStore(); var keycloak = new Keycloak({ store: memoryStore });
...ANSWER
Answered 2021-Mar-10 at 16:01If you are using keycloak-connect
, you do not have to worry about redirecting of the user, because this is the reason, why you are using the library, it does it for you.
Regarding the links: if you are running the example, the url http://localhost:3000/logout will redirect to keycloak server and removes the session there. After that, it will redirect back to your application, in this case http://localhost:3000
Any resource of the express app, which needs authentication and/or authorization, like
QUESTION
I have mongoose schema which uses timestamp. I tried to run the code it errors out with
...ANSWER
Answered 2020-Dec-02 at 01:56This may be an error in @types/mongoose
You should be able to use:
Community Discussions, Code Snippets contain sources that include Stack Exchange Network
Vulnerabilities
No vulnerabilities reported
Install keycloak-nodejs-connect
Support
Reuse Trending Solutions
Find, review, and download reusable Libraries, Code Snippets, Cloud APIs from over 650 million Knowledge Items
Find more librariesStay Updated
Subscribe to our newsletter for trending solutions and developer bootcamps
Share this Page