<div dir="ltr"><p>Hi, I want to authenticate a user (using his username and password) in an
Android App using aerogear with a server using Keycloak. I haven't been
able to do it, help me please.</p>
<p>I currently can authenticate the user without aerogear, but I want to
use this library since it can help me to refresh the token when is
needed.
I authenticate the user making a POST call to the server like this (but
from android):</p><pre class="gmail-default gmail-prettyprint gmail-prettyprinted" style="margin-left:40px"><code><span class="gmail-pln"> curl </span><span class="gmail-pun">-</span><span class="gmail-pln">X POST http</span><span class="gmail-pun">:</span><span class="gmail-com">//<a href="http://127.0.0.1:8080/auth/realms/example/protocol/openid-connect/token">127.0.0.1:8080/auth/realms/example/protocol/openid-connect/token</a> </span><span class="gmail-pln">
</span><span class="gmail-pun">-</span><span class="gmail-pln">H </span><span class="gmail-str">"Content-Type: application/x-www-form-urlencoded"</span><span class="gmail-pln"> </span><span class="gmail-pun">-</span><span class="gmail-pln">d </span><span class="gmail-str">"username=auser"</span><span class="gmail-pln"> </span><span class="gmail-pun">-</span><span class="gmail-pln">d </span><span class="gmail-str">'password=apassword'</span><span class="gmail-pln"> </span><span class="gmail-pun">-</span><span class="gmail-pln">d </span><span class="gmail-str">'grant_type=password'</span><span class="gmail-pln">
</span><span class="gmail-pun">-</span><span class="gmail-pln">d </span><span class="gmail-str">'client_id=clientId'</span><span class="gmail-pln"> </span><span class="gmail-pun">-</span><span class="gmail-pln">d </span><span class="gmail-str">'client_secret=secret'</span></code><br></pre><pre class="gmail-default gmail-prettyprint gmail-prettyprinted"><code></code><code><span class="gmail-str"><span style="font-family:arial,helvetica,sans-serif"></span></span></code><span style="font-family:arial,helvetica,sans-serif">What I have tried with Aerogear is this:</span><br></pre><pre class="gmail-default gmail-prettyprint gmail-prettyprinted" style="margin-left:40px"><code><span class="gmail-kwd">private</span><span class="gmail-pln"> </span><span class="gmail-kwd">void</span><span class="gmail-pln"> authz</span><span class="gmail-pun">()</span><span class="gmail-pln"> </span><span class="gmail-pun">{</span><span class="gmail-pln">
</span><span class="gmail-kwd">try</span><span class="gmail-pln"> </span><span class="gmail-pun">{</span><span class="gmail-pln">
</span><span class="gmail-typ">AuthzModule</span><span class="gmail-pln"> authzModule </span><span class="gmail-pun">=</span><span class="gmail-pln"> </span><span class="gmail-typ">AuthorizationManager</span><span class="gmail-pun">.</span><span class="gmail-pln">config</span><span class="gmail-pun">(</span><span class="gmail-str">"KeyCloakAuthz"</span><span class="gmail-pun">,</span><span class="gmail-pln"> </span><span class="gmail-typ">OAuth2AuthorizationConfiguration</span><span class="gmail-pun">.</span><span class="gmail-kwd">class</span><span class="gmail-pun">)</span><span class="gmail-pln">
</span><span class="gmail-pun">.</span><span class="gmail-pln">setBaseURL</span><span class="gmail-pun">(</span><span class="gmail-kwd">new</span><span class="gmail-pln"> URL</span><span class="gmail-pun">(</span><span class="gmail-str">"<a href="http://127.0.0.1:8080/">http://127.0.0.1:8080/</a>"</span><span class="gmail-pun">))</span><span class="gmail-pln">
</span><span class="gmail-pun">.</span><span class="gmail-pln">setAuthzEndpoint</span><span class="gmail-pun">(</span><span class="gmail-str">"/realms/example/protocol/openid-connect/auth"</span><span class="gmail-pun">)</span><span class="gmail-pln">
</span><span class="gmail-pun">.</span><span class="gmail-pln">setAccessTokenEndpoint</span><span class="gmail-pun">(</span><span class="gmail-str">"/realms/example/protocol/openid-connect/token"</span><span class="gmail-pun">)</span><span class="gmail-pln">
</span><span class="gmail-pun">.</span><span class="gmail-pln">setAccountId</span><span class="gmail-pun">(</span><span class="gmail-str">"keycloak-token"</span><span class="gmail-pun">)</span><span class="gmail-pln">
</span><span class="gmail-pun">.</span><span class="gmail-pln">setClientId</span><span class="gmail-pun">(</span><span class="gmail-str">"clientId"</span><span class="gmail-pun">)</span><span class="gmail-pln">
</span><span class="gmail-pun">.</span><span class="gmail-pln">setClientSecret</span><span class="gmail-pun">(</span><span class="gmail-str">"secret"</span><span class="gmail-pun">)</span><span class="gmail-pln">
</span><span class="gmail-pun">.</span><span class="gmail-pln">setRedirectURL</span><span class="gmail-pun">(</span><span class="gmail-str">"<a href="http://oauth2callback">http://oauth2callback</a>"</span><span class="gmail-pun">)</span><span class="gmail-pln">
</span><span class="gmail-pun">.</span><span class="gmail-pln">setScopes</span><span class="gmail-pun">(</span><span class="gmail-typ">Arrays</span><span class="gmail-pun">.</span><span class="gmail-pln">asList</span><span class="gmail-pun">(</span><span class="gmail-str">"openid"</span><span class="gmail-pun">))</span><span class="gmail-pln">
</span><span class="gmail-pun">.</span><span class="gmail-pln">addAdditionalAuthorizationParam</span><span class="gmail-pun">((</span><span class="gmail-typ">Pair</span><span class="gmail-pun">.</span><span class="gmail-pln">create</span><span class="gmail-pun">(</span><span class="gmail-str">"grant_type"</span><span class="gmail-pun">,</span><span class="gmail-pln"> </span><span class="gmail-str">"password"</span><span class="gmail-pun">)))</span><span class="gmail-pln">
</span><span class="gmail-pun">.</span><span class="gmail-pln">addAdditionalAuthorizationParam</span><span class="gmail-pun">((</span><span class="gmail-typ">Pair</span><span class="gmail-pun">.</span><span class="gmail-pln">create</span><span class="gmail-pun">(</span><span class="gmail-str">"username"</span><span class="gmail-pun">,</span><span class="gmail-pln"> </span><span class="gmail-str">"aUserName"</span><span class="gmail-pun">)))</span><span class="gmail-pln">
</span><span class="gmail-pun">.</span><span class="gmail-pln">addAdditionalAuthorizationParam</span><span class="gmail-pun">((</span><span class="gmail-typ">Pair</span><span class="gmail-pun">.</span><span class="gmail-pln">create</span><span class="gmail-pun">(</span><span class="gmail-str">"password"</span><span class="gmail-pun">,</span><span class="gmail-pln"> </span><span class="gmail-str">"aPassword"</span><span class="gmail-pun">)))</span><span class="gmail-pln">
</span><span class="gmail-pun">.</span><span class="gmail-pln">asModule</span><span class="gmail-pun">();</span><span class="gmail-pln">
authzModule</span><span class="gmail-pun">.</span><span class="gmail-pln">requestAccess</span><span class="gmail-pun">(</span><span class="gmail-kwd">this</span><span class="gmail-pun">,</span><span class="gmail-pln"> </span><span class="gmail-kwd">new</span><span class="gmail-pln"> </span><span class="gmail-typ">Callback</span><span class="gmail-pun"><</span><span class="gmail-typ">String</span><span class="gmail-pun">>()</span><span class="gmail-pln"> </span><span class="gmail-pun">{</span><span class="gmail-pln">
</span><span class="gmail-lit">@Override</span><span class="gmail-pln">
</span><span class="gmail-kwd">public</span><span class="gmail-pln"> </span><span class="gmail-kwd">void</span><span class="gmail-pln"> onSuccess</span><span class="gmail-pun">(</span><span class="gmail-typ">String</span><span class="gmail-pln"> o</span><span class="gmail-pun">)</span><span class="gmail-pln"> </span><span class="gmail-pun">{</span><span class="gmail-pln">
</span><span class="gmail-typ">Log</span><span class="gmail-pun">.</span><span class="gmail-pln">d</span><span class="gmail-pun">(</span><span class="gmail-str">"TOKEN "</span><span class="gmail-pun">,</span><span class="gmail-pln"> o</span><span class="gmail-pun">);</span><span class="gmail-pln">
</span><span class="gmail-pun">}</span><span class="gmail-pln">
</span><span class="gmail-lit">@Override</span><span class="gmail-pln">
</span><span class="gmail-kwd">public</span><span class="gmail-pln"> </span><span class="gmail-kwd">void</span><span class="gmail-pln"> onFailure</span><span class="gmail-pun">(</span><span class="gmail-typ">Exception</span><span class="gmail-pln"> e</span><span class="gmail-pun">)</span><span class="gmail-pln"> </span><span class="gmail-pun">{</span><span class="gmail-pln">
</span><span class="gmail-typ">System</span><span class="gmail-pun">.</span><span class="gmail-pln">err</span><span class="gmail-pun">.</span><span class="gmail-pln">println</span><span class="gmail-pun">(</span><span class="gmail-str">"Error!!"</span><span class="gmail-pun">);</span><span class="gmail-pln">
</span><span class="gmail-typ">Toast</span><span class="gmail-pun">.</span><span class="gmail-pln">makeText</span><span class="gmail-pun">(</span><span class="gmail-pln">getApplicationContext</span><span class="gmail-pun">(),</span><span class="gmail-pln"> e</span><span class="gmail-pun">.</span><span class="gmail-pln">getMessage</span><span class="gmail-pun">(),</span><span class="gmail-pln"> </span><span class="gmail-typ">Toast</span><span class="gmail-pun">.</span><span class="gmail-pln">LENGTH_LONG</span><span class="gmail-pun">).</span><span class="gmail-pln">show</span><span class="gmail-pun">();</span><span class="gmail-pln">
</span><span class="gmail-pun">}</span><span class="gmail-pln">
</span><span class="gmail-pun">});</span><span class="gmail-pln">
</span><span class="gmail-pun">}</span><span class="gmail-pln"> </span><span class="gmail-kwd">catch</span><span class="gmail-pln"> </span><span class="gmail-pun">(</span><span class="gmail-typ">Exception</span><span class="gmail-pln"> e</span><span class="gmail-pun">)</span><span class="gmail-pln"> </span><span class="gmail-pun">{</span><span class="gmail-pln">
e</span><span class="gmail-pun">.</span><span class="gmail-pln">printStackTrace</span><span class="gmail-pun">();</span><span class="gmail-pln">
</span><span class="gmail-kwd">throw</span><span class="gmail-pln"> </span><span class="gmail-kwd">new</span><span class="gmail-pln"> </span><span class="gmail-typ">RuntimeException</span><span class="gmail-pun">(</span><span class="gmail-pln">e</span><span class="gmail-pun">);</span><span class="gmail-pln">
</span><span class="gmail-pun">}</span><span class="gmail-pln">
</span><span class="gmail-pun">}<br><br><br></span></code></pre><p>However this doesn't do anything. What I don't understand is:</p>
<ol><li>How can I specify that I'm doing and OpenID Connect with Keycloak in Aerogear(Android) ? I've seen it in the swift library but I cannot find it in Android<br></li><li>How and where can I send the username and password?</li><li>How can I specify the grant_type? (My HTTP POST to the server does not work if I don't include this, so it's important)</li></ol>
<p>I'm really sorry if this is a very basic question, but I haven't been able to work it out on my own. Any help or documentation would be appreciated.<br></p><pre class="gmail-default gmail-prettyprint gmail-prettyprinted"><code><span class="gmail-pun"></span></code></pre></div>