<div dir="ltr"><br><div class="gmail_extra"><br><div class="gmail_quote">On Tue, Oct 11, 2016 at 6:11 PM, Andrea Carolina Buitrago <span dir="ltr"><<a href="mailto:a.carolinabm@gmail.com" target="_blank">a.carolinabm@gmail.com</a>></span> wrote:<br><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><div dir="ltr"><p>Hi, I want to authenticate a user (using his username and password) in an
Android App using aerogear with a server using Keycloak. I haven't been
able to do it, help me please.</p>
<p>I currently can authenticate the user without aerogear, but I want to
use this library since it can help me to refresh the token when is
needed.
I authenticate the user making a POST call to the server like this (but
from android):</p><pre class="m_-8171851226236515825gmail-default m_-8171851226236515825gmail-prettyprint m_-8171851226236515825gmail-prettyprinted" style="margin-left:40px"><code><span class="m_-8171851226236515825gmail-pln"> curl </span><span class="m_-8171851226236515825gmail-pun">-</span><span class="m_-8171851226236515825gmail-pln">X POST http</span><span class="m_-8171851226236515825gmail-pun">:</span><span class="m_-8171851226236515825gmail-com">//<a href="http://127.0.0.1:8080/auth/realms/example/protocol/openid-connect/token" target="_blank">127.0.0.1:8080/auth/<wbr>realms/example/protocol/<wbr>openid-connect/token</a> </span><span class="m_-8171851226236515825gmail-pln">
</span><span class="m_-8171851226236515825gmail-pun">-</span><span class="m_-8171851226236515825gmail-pln">H </span><span class="m_-8171851226236515825gmail-str">"Content-Type: application/x-www-form-<wbr>urlencoded"</span><span class="m_-8171851226236515825gmail-pln"> </span><span class="m_-8171851226236515825gmail-pun">-</span><span class="m_-8171851226236515825gmail-pln">d </span><span class="m_-8171851226236515825gmail-str">"username=auser"</span><span class="m_-8171851226236515825gmail-pln"> </span><span class="m_-8171851226236515825gmail-pun">-</span><span class="m_-8171851226236515825gmail-pln">d </span><span class="m_-8171851226236515825gmail-str">'password=apassword'</span><span class="m_-8171851226236515825gmail-pln"> </span><span class="m_-8171851226236515825gmail-pun">-</span><span class="m_-8171851226236515825gmail-pln">d </span><span class="m_-8171851226236515825gmail-str">'grant_type=password'</span><span class="m_-8171851226236515825gmail-pln">
</span><span class="m_-8171851226236515825gmail-pun">-</span><span class="m_-8171851226236515825gmail-pln">d </span><span class="m_-8171851226236515825gmail-str">'client_id=clientId'</span><span class="m_-8171851226236515825gmail-pln"> </span><span class="m_-8171851226236515825gmail-pun">-</span><span class="m_-8171851226236515825gmail-pln">d </span><span class="m_-8171851226236515825gmail-str">'client_secret=secret'</span></code><br></pre><pre class="m_-8171851226236515825gmail-default m_-8171851226236515825gmail-prettyprint m_-8171851226236515825gmail-prettyprinted"><code></code><code><span class="m_-8171851226236515825gmail-str"><span style="font-family:arial,helvetica,sans-serif"></span></span></code><span style="font-family:arial,helvetica,sans-serif">What I have tried with Aerogear is this:</span><br></pre><pre class="m_-8171851226236515825gmail-default m_-8171851226236515825gmail-prettyprint m_-8171851226236515825gmail-prettyprinted" style="margin-left:40px"><code><span class="m_-8171851226236515825gmail-kwd">private</span><span class="m_-8171851226236515825gmail-pln"> </span><span class="m_-8171851226236515825gmail-kwd">void</span><span class="m_-8171851226236515825gmail-pln"> authz</span><span class="m_-8171851226236515825gmail-pun">()</span><span class="m_-8171851226236515825gmail-pln"> </span><span class="m_-8171851226236515825gmail-pun">{</span><span class="m_-8171851226236515825gmail-pln">
</span><span class="m_-8171851226236515825gmail-kwd">try</span><span class="m_-8171851226236515825gmail-pln"> </span><span class="m_-8171851226236515825gmail-pun">{</span><span class="m_-8171851226236515825gmail-pln">
</span><span class="m_-8171851226236515825gmail-typ">AuthzModule</span><span class="m_-8171851226236515825gmail-pln"> authzModule </span><span class="m_-8171851226236515825gmail-pun">=</span><span class="m_-8171851226236515825gmail-pln"> </span><span class="m_-8171851226236515825gmail-typ">AuthorizationManager</span><span class="m_-8171851226236515825gmail-pun">.</span><span class="m_-8171851226236515825gmail-pln">config</span><span class="m_-8171851226236515825gmail-pun">(</span><span class="m_-8171851226236515825gmail-str">"<wbr>KeyCloakAuthz"</span><span class="m_-8171851226236515825gmail-pun">,</span><span class="m_-8171851226236515825gmail-pln"> </span><span class="m_-8171851226236515825gmail-typ">OAuth2AuthorizationConfigurati<wbr>on</span><span class="m_-8171851226236515825gmail-pun">.</span><span class="m_-8171851226236515825gmail-kwd">class</span><span class="m_-8171851226236515825gmail-pun">)</span><span class="m_-8171851226236515825gmail-pln">
</span><span class="m_-8171851226236515825gmail-pun">.</span><span class="m_-8171851226236515825gmail-pln">setBaseURL</span><span class="m_-8171851226236515825gmail-pun">(</span><span class="m_-8171851226236515825gmail-kwd">new</span><span class="m_-8171851226236515825gmail-pln"> URL</span><span class="m_-8171851226236515825gmail-pun">(</span><span class="m_-8171851226236515825gmail-str">"<a href="http://127.0.0.1:8080/" target="_blank">http://127.0.0.1:8080/</a>"</span><span class="m_-8171851226236515825gmail-pun">))</span><span class="m_-8171851226236515825gmail-pln">
</span><span class="m_-8171851226236515825gmail-pun">.</span><span class="m_-8171851226236515825gmail-pln">setAuthzEndpoint</span><span class="m_-8171851226236515825gmail-pun">(</span><span class="m_-8171851226236515825gmail-str">"/realms/<wbr>example/protocol/openid-<wbr>connect/auth"</span><span class="m_-8171851226236515825gmail-pun">)</span><span class="m_-8171851226236515825gmail-pln">
</span><span class="m_-8171851226236515825gmail-pun">.</span><span class="m_-8171851226236515825gmail-pln">setAccessTokenEndpoint</span><span class="m_-8171851226236515825gmail-pun">(</span><span class="m_-8171851226236515825gmail-str">"/<wbr>realms/example/protocol/<wbr>openid-connect/token"</span><span class="m_-8171851226236515825gmail-pun">)</span><span class="m_-8171851226236515825gmail-pln">
</span><span class="m_-8171851226236515825gmail-pun">.</span><span class="m_-8171851226236515825gmail-pln">setAccountId</span><span class="m_-8171851226236515825gmail-pun">(</span><span class="m_-8171851226236515825gmail-str">"keycloak-token"</span><span class="m_-8171851226236515825gmail-pun"><wbr>)</span><span class="m_-8171851226236515825gmail-pln">
</span><span class="m_-8171851226236515825gmail-pun">.</span><span class="m_-8171851226236515825gmail-pln">setClientId</span><span class="m_-8171851226236515825gmail-pun">(</span><span class="m_-8171851226236515825gmail-str">"clientId"</span><span class="m_-8171851226236515825gmail-pun">)</span><span class="m_-8171851226236515825gmail-pln">
</span><span class="m_-8171851226236515825gmail-pun">.</span><span class="m_-8171851226236515825gmail-pln">setClientSecret</span><span class="m_-8171851226236515825gmail-pun">(</span><span class="m_-8171851226236515825gmail-str">"secret"</span><span class="m_-8171851226236515825gmail-pun">)</span><span class="m_-8171851226236515825gmail-pln">
</span><span class="m_-8171851226236515825gmail-pun">.</span><span class="m_-8171851226236515825gmail-pln">setRedirectURL</span><span class="m_-8171851226236515825gmail-pun">(</span><span class="m_-8171851226236515825gmail-str">"<a href="http://oauth2callback" target="_blank">http://<wbr>oauth2callback</a>"</span><span class="m_-8171851226236515825gmail-pun">)</span><span class="m_-8171851226236515825gmail-pln">
</span><span class="m_-8171851226236515825gmail-pun">.</span><span class="m_-8171851226236515825gmail-pln">setScopes</span><span class="m_-8171851226236515825gmail-pun">(</span><span class="m_-8171851226236515825gmail-typ">Arrays</span><span class="m_-8171851226236515825gmail-pun">.</span><span class="m_-8171851226236515825gmail-pln">asList</span><span class="m_-8171851226236515825gmail-pun">(</span><span class="m_-8171851226236515825gmail-str">"<wbr>openid"</span><span class="m_-8171851226236515825gmail-pun">))</span><span class="m_-8171851226236515825gmail-pln">
</span><span class="m_-8171851226236515825gmail-pun">.</span><span class="m_-8171851226236515825gmail-pln">addAdditionalAuthorizationPar<wbr>am</span><span class="m_-8171851226236515825gmail-pun">((</span><span class="m_-8171851226236515825gmail-typ">Pair</span><span class="m_-8171851226236515825gmail-pun">.</span><span class="m_-8171851226236515825gmail-pln">create</span><span class="m_-8171851226236515825gmail-pun">(</span><span class="m_-8171851226236515825gmail-str">"grant_type"</span><span class="m_-8171851226236515825gmail-pun">,</span><span class="m_-8171851226236515825gmail-pln"> </span><span class="m_-8171851226236515825gmail-str">"password"</span><span class="m_-8171851226236515825gmail-pun">)))</span><span class="m_-8171851226236515825gmail-pln">
</span><span class="m_-8171851226236515825gmail-pun">.</span><span class="m_-8171851226236515825gmail-pln">addAdditionalAuthorizationPar<wbr>am</span><span class="m_-8171851226236515825gmail-pun">((</span><span class="m_-8171851226236515825gmail-typ">Pair</span><span class="m_-8171851226236515825gmail-pun">.</span><span class="m_-8171851226236515825gmail-pln">create</span><span class="m_-8171851226236515825gmail-pun">(</span><span class="m_-8171851226236515825gmail-str">"username"</span><span class="m_-8171851226236515825gmail-pun">,</span><span class="m_-8171851226236515825gmail-pln"> </span><span class="m_-8171851226236515825gmail-str">"aUserName"</span><span class="m_-8171851226236515825gmail-pun">)))</span><span class="m_-8171851226236515825gmail-pln">
</span><span class="m_-8171851226236515825gmail-pun">.</span><span class="m_-8171851226236515825gmail-pln">addAdditionalAuthorizationPar<wbr>am</span><span class="m_-8171851226236515825gmail-pun">((</span><span class="m_-8171851226236515825gmail-typ">Pair</span><span class="m_-8171851226236515825gmail-pun">.</span><span class="m_-8171851226236515825gmail-pln">create</span><span class="m_-8171851226236515825gmail-pun">(</span><span class="m_-8171851226236515825gmail-str">"password"</span><span class="m_-8171851226236515825gmail-pun">,</span><span class="m_-8171851226236515825gmail-pln"> </span><span class="m_-8171851226236515825gmail-str">"aPassword"</span><span class="m_-8171851226236515825gmail-pun">)))</span><span class="m_-8171851226236515825gmail-pln">
</span><span class="m_-8171851226236515825gmail-pun">.</span><span class="m_-8171851226236515825gmail-pln">asModule</span><span class="m_-8171851226236515825gmail-pun">();</span><span class="m_-8171851226236515825gmail-pln">
authzModule</span><span class="m_-8171851226236515825gmail-pun">.</span><span class="m_-8171851226236515825gmail-pln">requestAccess</span><span class="m_-8171851226236515825gmail-pun">(</span><span class="m_-8171851226236515825gmail-kwd">this</span><span class="m_-8171851226236515825gmail-pun"><wbr>,</span><span class="m_-8171851226236515825gmail-pln"> </span><span class="m_-8171851226236515825gmail-kwd">new</span><span class="m_-8171851226236515825gmail-pln"> </span><span class="m_-8171851226236515825gmail-typ">Callback</span><span class="m_-8171851226236515825gmail-pun"><</span><span class="m_-8171851226236515825gmail-typ">String</span><span class="m_-8171851226236515825gmail-pun">>()</span><span class="m_-8171851226236515825gmail-pln"> </span><span class="m_-8171851226236515825gmail-pun">{</span><span class="m_-8171851226236515825gmail-pln">
</span><span class="m_-8171851226236515825gmail-lit">@Override</span><span class="m_-8171851226236515825gmail-pln">
</span><span class="m_-8171851226236515825gmail-kwd">public</span><span class="m_-8171851226236515825gmail-pln"> </span><span class="m_-8171851226236515825gmail-kwd">void</span><span class="m_-8171851226236515825gmail-pln"> onSuccess</span><span class="m_-8171851226236515825gmail-pun">(</span><span class="m_-8171851226236515825gmail-typ">String</span><span class="m_-8171851226236515825gmail-pln"> o</span><span class="m_-8171851226236515825gmail-pun">)</span><span class="m_-8171851226236515825gmail-pln"> </span><span class="m_-8171851226236515825gmail-pun">{</span><span class="m_-8171851226236515825gmail-pln">
</span><span class="m_-8171851226236515825gmail-typ">Log</span><span class="m_-8171851226236515825gmail-pun">.</span><span class="m_-8171851226236515825gmail-pln">d</span><span class="m_-8171851226236515825gmail-pun">(</span><span class="m_-8171851226236515825gmail-str">"TOKEN "</span><span class="m_-8171851226236515825gmail-pun">,</span><span class="m_-8171851226236515825gmail-pln"> o</span><span class="m_-8171851226236515825gmail-pun">);</span><span class="m_-8171851226236515825gmail-pln">
</span><span class="m_-8171851226236515825gmail-pun">}</span><span class="m_-8171851226236515825gmail-pln">
</span><span class="m_-8171851226236515825gmail-lit">@Override</span><span class="m_-8171851226236515825gmail-pln">
</span><span class="m_-8171851226236515825gmail-kwd">public</span><span class="m_-8171851226236515825gmail-pln"> </span><span class="m_-8171851226236515825gmail-kwd">void</span><span class="m_-8171851226236515825gmail-pln"> onFailure</span><span class="m_-8171851226236515825gmail-pun">(</span><span class="m_-8171851226236515825gmail-typ">Exception</span><span class="m_-8171851226236515825gmail-pln"> e</span><span class="m_-8171851226236515825gmail-pun">)</span><span class="m_-8171851226236515825gmail-pln"> </span><span class="m_-8171851226236515825gmail-pun">{</span><span class="m_-8171851226236515825gmail-pln">
</span><span class="m_-8171851226236515825gmail-typ">System</span><span class="m_-8171851226236515825gmail-pun">.</span><span class="m_-8171851226236515825gmail-pln">err</span><span class="m_-8171851226236515825gmail-pun">.</span><span class="m_-8171851226236515825gmail-pln">println</span><span class="m_-8171851226236515825gmail-pun">(</span><span class="m_-8171851226236515825gmail-str">"Error!!"</span><span class="m_-8171851226236515825gmail-pun">);</span><span class="m_-8171851226236515825gmail-pln">
</span><span class="m_-8171851226236515825gmail-typ">Toast</span><span class="m_-8171851226236515825gmail-pun">.</span><span class="m_-8171851226236515825gmail-pln">makeText</span><span class="m_-8171851226236515825gmail-pun">(</span><span class="m_-8171851226236515825gmail-pln">getApplicationC<wbr>ontext</span><span class="m_-8171851226236515825gmail-pun">(),</span><span class="m_-8171851226236515825gmail-pln"> e</span><span class="m_-8171851226236515825gmail-pun">.</span><span class="m_-8171851226236515825gmail-pln">getMessage</span><span class="m_-8171851226236515825gmail-pun">(),</span><span class="m_-8171851226236515825gmail-pln"> </span><span class="m_-8171851226236515825gmail-typ">Toast</span><span class="m_-8171851226236515825gmail-pun">.</span><span class="m_-8171851226236515825gmail-pln">LENGTH_LONG</span><span class="m_-8171851226236515825gmail-pun">).</span><span class="m_-8171851226236515825gmail-pln">show</span><span class="m_-8171851226236515825gmail-pun">();</span><span class="m_-8171851226236515825gmail-pln">
</span><span class="m_-8171851226236515825gmail-pun">}</span><span class="m_-8171851226236515825gmail-pln">
</span><span class="m_-8171851226236515825gmail-pun">});</span><span class="m_-8171851226236515825gmail-pln">
</span><span class="m_-8171851226236515825gmail-pun">}</span><span class="m_-8171851226236515825gmail-pln"> </span><span class="m_-8171851226236515825gmail-kwd">catch</span><span class="m_-8171851226236515825gmail-pln"> </span><span class="m_-8171851226236515825gmail-pun">(</span><span class="m_-8171851226236515825gmail-typ">Exception</span><span class="m_-8171851226236515825gmail-pln"> e</span><span class="m_-8171851226236515825gmail-pun">)</span><span class="m_-8171851226236515825gmail-pln"> </span><span class="m_-8171851226236515825gmail-pun">{</span><span class="m_-8171851226236515825gmail-pln">
e</span><span class="m_-8171851226236515825gmail-pun">.</span><span class="m_-8171851226236515825gmail-pln">printStackTrace</span><span class="m_-8171851226236515825gmail-pun">();</span><span class="m_-8171851226236515825gmail-pln">
</span><span class="m_-8171851226236515825gmail-kwd">throw</span><span class="m_-8171851226236515825gmail-pln"> </span><span class="m_-8171851226236515825gmail-kwd">new</span><span class="m_-8171851226236515825gmail-pln"> </span><span class="m_-8171851226236515825gmail-typ">RuntimeException</span><span class="m_-8171851226236515825gmail-pun">(</span><span class="m_-8171851226236515825gmail-pln">e</span><span class="m_-8171851226236515825gmail-pun">);</span><span class="m_-8171851226236515825gmail-pln">
</span><span class="m_-8171851226236515825gmail-pun">}</span><span class="m_-8171851226236515825gmail-pln">
</span><span class="m_-8171851226236515825gmail-pun">}<br><br><br></span></code></pre><p>However this doesn't do anything. What I don't understand is:</p>
<ol><li>How can I specify that I'm doing and OpenID Connect with Keycloak in Aerogear(Android) ? I've seen it in the swift library but I cannot find it in Android<br></li><li>How and where can I send the username and password?</li><li>How can I specify the grant_type? (My HTTP POST to the server does not work if I don't include this, so it's important)</li></ol></div></blockquote><div><br></div><div>So with OAuth flows you usually don't post a username/password to a server. OAuth directs you to a trusted page, you input your credentials there, then the service provides to the library a token and the library exchanges that token for a token to use for your session. In AGDroid we use a webview to show the login page.</div><div><br></div><div>I'm not familiar with iOS at all, does it support this workflow there?</div><div>I also don't think we've worked with OpenID Connect before. If it works it is by happy coincidence, but Daniel Passos might be able to provide some insight (he's the other AGDroid developer)</div><div><br></div><div>Do you have a github project i can poke at?</div><div> </div><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><div dir="ltr">
<p>I'm really sorry if this is a very basic question, but I haven't been able to work it out on my own. Any help or documentation would be appreciated.<br></p><pre class="m_-8171851226236515825gmail-default m_-8171851226236515825gmail-prettyprint m_-8171851226236515825gmail-prettyprinted"><code><span class="m_-8171851226236515825gmail-pun"></span></code></pre></div>
<br>______________________________<wbr>_________________<br>
aerogear-dev mailing list<br>
<a href="mailto:aerogear-dev@lists.jboss.org">aerogear-dev@lists.jboss.org</a><br>
<a href="https://lists.jboss.org/mailman/listinfo/aerogear-dev" rel="noreferrer" target="_blank">https://lists.jboss.org/<wbr>mailman/listinfo/aerogear-dev</a><br></blockquote></div><br></div></div>