[keycloak-dev] [keycloak-user] Exception while running kaycloak 1.5.0 third party example

Marek Posolda mposolda at redhat.com
Fri Oct 16 02:59:19 EDT 2015 

According to error, I suppose it is invalid client credentials, so 
likely invalid client secret.

If you go to admin console and click to "thirdparty" client, then tab 
"Credentials" you will see the actual secret of thirdparty client from 
Keycloak database. You need to copy this secret into keycloak.json .

Marek

On 15/10/15 22:56, Harish Kumar wrote:
> I made sure adapter is installed correctly. Now do not see error for 
> Class not found.
> Now getting following error. Mentioning keycloak.json below.
> Would appreciate if you could pls let me know how it can be fixed ?
>
>
> 13:44:47,283 WARN  [org.keycloak.events] (default task-115) 
> type=CODE_TO_TOKEN_ERROR, realmId=master, clientId=third-party, 
> userId=null, ipAddress=127.0.0.1, error=invalid_client_credentials
>
> *_Exception_*
> 13:44:47,284 ERROR [io.undertow.request] (default task-114) UT005023: 
> Exception handling request to /oauth-client/pull_data.jsp: 
> org.apache.jasper.JasperException: java.lang.RuntimeException: 
> org.keycloak.adapters.ServerRequest$HttpFailure
> at 
> org.apache.jasper.servlet.JspServletWrapper.service(JspServletWrapper.java:410)
> at 
> org.apache.jasper.servlet.JspServlet.serviceJspFile(JspServlet.java:326)
> at org.apache.jasper.servlet.JspServlet.service(JspServlet.java:259)
> at javax.servlet.http.HttpServlet.service(HttpServlet.java:790)
> at 
> io.undertow.servlet.handlers.ServletHandler.handleRequest(ServletHandler.java:86)
> at 
> io.undertow.servlet.handlers.security.ServletSecurityRoleHandler.handleRequest(ServletSecurityRoleHandler.java:62)
> at io.undertow.jsp.JspFileHandler.handleRequest(JspFileHandler.java:32)
> at 
> io.undertow.servlet.handlers.ServletDispatchingHandler.handleRequest(ServletDispatchingHandler.java:36)
> at 
> org.wildfly.extension.undertow.security.SecurityContextAssociationHandler.handleRequest(SecurityContextAssociationHandler.java:78)
> at 
> io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43)
> at 
> io.undertow.servlet.handlers.security.SSLInformationAssociationHandler.handleRequest(SSLInformationAssociationHandler.java:131)
> at 
> io.undertow.servlet.handlers.security.ServletAuthenticationCallHandler.handleRequest(ServletAuthenticationCallHandler.java:57)
> at 
> io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43)
> at 
> io.undertow.security.handlers.AbstractConfidentialityHandler.handleRequest(AbstractConfidentialityHandler.java:46)
> at 
> io.undertow.servlet.handlers.security.ServletConfidentialityConstraintHandler.handleRequest(ServletConfidentialityConstraintHandler.java:64)
> at 
> io.undertow.security.handlers.AuthenticationMechanismsHandler.handleRequest(AuthenticationMechanismsHandler.java:58)
> at 
> io.undertow.servlet.handlers.security.CachedAuthenticatedSessionHandler.handleRequest(CachedAuthenticatedSessionHandler.java:72)
> at 
> io.undertow.security.handlers.NotificationReceiverHandler.handleRequest(NotificationReceiverHandler.java:50)
> at 
> io.undertow.security.handlers.SecurityInitialHandler.handleRequest(SecurityInitialHandler.java:76)
> at 
> io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43)
> at 
> org.wildfly.extension.undertow.security.jacc.JACCContextIdHandler.handleRequest(JACCContextIdHandler.java:61)
> at 
> io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43)
> at 
> io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43)
> at 
> io.undertow.servlet.handlers.ServletInitialHandler.handleFirstRequest(ServletInitialHandler.java:282)
> at 
> io.undertow.servlet.handlers.ServletInitialHandler.dispatchRequest(ServletInitialHandler.java:261)
> at 
> io.undertow.servlet.handlers.ServletInitialHandler.access$000(ServletInitialHandler.java:80)
> at 
> io.undertow.servlet.handlers.ServletInitialHandler$1.handleRequest(ServletInitialHandler.java:172)
> at io.undertow.server.Connectors.executeRootHandler(Connectors.java:199)
> at 
> io.undertow.server.HttpServerExchange$1.run(HttpServerExchange.java:774)
> at 
> java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1142)
> at 
> java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:617)
> at java.lang.Thread.run(Thread.java:745)
> Caused by: java.lang.RuntimeException: 
> org.keycloak.adapters.ServerRequest$HttpFailure
> at 
> org.keycloak.example.oauth.ProductDatabaseClient.getTokenResponse(ProductDatabaseClient.java:87)
> at org.apache.jsp.pull_005fdata_jsp._jspService(pull_005fdata_jsp.java:65)
> at org.apache.jasper.runtime.HttpJspBase.service(HttpJspBase.java:69)
> at javax.servlet.http.HttpServlet.service(HttpServlet.java:790)
> at 
> org.apache.jasper.servlet.JspServletWrapper.service(JspServletWrapper.java:366)
> ... 31 more
> Caused by: org.keycloak.adapters.ServerRequest$HttpFailure
> at org.keycloak.adapters.ServerRequest.error(ServerRequest.java:211)
> at 
> org.keycloak.adapters.ServerRequest.invokeAccessCodeToToken(ServerRequest.java:94)
> at 
> org.keycloak.servlet.ServletOAuthClient.resolveBearerToken(ServletOAuthClient.java:41)
> at 
> org.keycloak.servlet.ServletOAuthClient.getBearerToken(ServletOAuthClient.java:146)
> at 
> org.keycloak.example.oauth.ProductDatabaseClient.getTokenResponse(ProductDatabaseClient.java:70)
> ... 35 more
>
> *_Kyecloak.json_*
> {
> "realm": "master",
> "realm-public-key": 
> "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsqzFVCG8nltfcTBL70E5wk2Lh+yu0s5pUvl7rheFBeCb4mSEBwFqLAOIRN3iHVC+A7F8PSp4ZlpqQIBiFXfFiUUSaLfVPVoRapKfi0Wl4+MScFcW2VL4uiIZWR0wIlg0HCZ8EOrHLA6myKi5pc/jhEf7i1FgG+QiTvemQSv9TvLF1xXAXoiNvQbbGzH0t2Pmau9woyHwbiepLp+8pxxIxYupJtBFU+cTc65Rs2wJOmd9snCQQbhTOxeoJLT9J/JkOQcrJUVEracGRx7ebj2pjmUrKx2sAqFH4sCyinODPfFh2OUWUaTSoIN16X2QRyJPbltChjwiu4U2ajD56L5teQIDAQAB",
> "auth-server-url": "http://localhost:8080/auth",
> "ssl-required": "external",
> "resource": "third-party",
> "credentials": {
> "secret": "49f899fa-6208-4eb6-b4fe-e4a8c9b02332"
>   }
> }
>
>
>
>
> On Wednesday, October 14, 2015 12:36 PM, Harish Kumar 
> <harish_k_s007 at yahoo.com> wrote:
>
>
> Thanks Marko for response. I checked 
> keycloak-adapter-core-1.5.0.final.jar is present
> at ( /modules/system/layers/base/org/keycloak-adapter-core).
>
> Few things i observed, Not sure if they are related just mentioning
> #1. After 1.1, release httpcomponents (modules/org/apache) has changed 
> jars from 4.2.
> #2. No start() method for ServletOAuthClient ( it was there in 
> Bootstrap.java in 1.1)
>
> Pls let me know if i am missing anything ?
>
> Thanks,
> Harish
>
> On Wednesday, October 14, 2015 2:01 AM, Marko Strukelj 
> <mstrukel at redhat.com> wrote:
>
>
> The exception seems to indicate that your adapter was not proprerly 
> installed.
>
> Make sure that you can see the following file underneath your Wildfly 
> 9 home directory (where you deploy your third party app):
>
> modules/system/layers/base/org/keycloak/keycloak-adapter-core/main/keycloak-adapter-core-1.5.0.Final.jar
>
> It should be there as a result of properly unpacking 
> keycloak-wf9-adapter-dist-1.5.0.Final.zip 
> <http://www.redhat.com/j/elqNow/elqRedir.htm?ref=http://downloads.jboss.org/keycloak/1.5.0.Final/adapters/keycloak-wf9-adapter-dist-1.5.0.Final.zip> into 
> your Wildfly 9.
> I suppose your mentioning keycloak-appliance-dist-all-1.1.0.Final is a 
> reference to a version that used to work for you some time ago, and 
> not what you're using now.
>
>
> On Wed, Oct 14, 2015 at 4:36 AM, Harish Kumar <harish_k_s007 at yahoo.com 
> <mailto:harish_k_s007 at yahoo.com>> wrote:
>
>     I was trying out examples from keycloak 1.5.0, specifically i was
>     trying third-party
>     example. Same example worked fine while i took distribution
>     (keycloak-appliance-dist-all-1.1.0.Final)
>     I did following steps.
>
>     1. Installed keycloak 1.5.0
>     2. Set third-party client with valid redirect URL as /oauth-client/*
>     3. Keycloak Json mentioned below (towards end of that email)
>     4. Initially when i deployed then i got error (No class definition
>     error :Lorg/keycloak/servlet/ServletOAuthClient)
>        then added files from keycloak-wf9-adapter-dist-1.5.0.Final.zip
>     <http://www.redhat.com/j/elqNow/elqRedir.htm?ref=http://downloads.jboss.org/keycloak/1.5.0.Final/adapters/keycloak-wf9-adapter-dist-1.5.0.Final.zip>.
>     5. After that application could deploy but when i type
>     http://localhost:8080/oauth-client/ and click on "pull data"
>        then getting error.  I would appreciate if you could pls let me
>     know how this error can be fixed ?
>         Any module missing ?
>
>      javax.servlet.ServletException: java.lang.NoClassDefFoundError:
>      org/keycloak/adapters/ServerRequest$HttpFailure
>      org.apache.jasper.runtime.PageContextImpl.doHandlePageException(PageContextImpl.java:848)
>      org.apache.jasper.runtime.PageContextImpl.handlePageException(PageContextImpl.java:777)
>      org.apache.jsp.redirect_jsp._jspService(redirect_jsp.java:63)
>      org.apache.jasper.runtime.HttpJspBase.service(HttpJspBase.java:69)
>      javax.servlet.http.HttpServlet.service(HttpServlet.java:790)
>      org.apache.jasper.servlet.JspServletWrapper.service(JspServletWrapper.java:366)
>      org.apache.jasper.servlet.JspServlet.serviceJspFile(JspServlet.java:326)
>      org.apache.jasper.servlet.JspServlet.service(JspServlet.java:259)
>      javax.servlet.http.HttpServlet.service(HttpServlet.java:790)
>      io.undertow.servlet.handlers.ServletHandler.handleRequest(ServletHandler.java:86)
>
>
>     *_Keycloak json_*
>     {
>     "realm": "demo",
>     "realm-public-key":
>     "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuPt1q5aq8xZGUZVHAwj7xW6vJ20qk/awf6kK6NqQ2CvblWoSYyZOeLF+NpGue3Wn5r4ImKVUST89wPMrO83Y5st31Zpe4kZKoe8kvUj7tI6eeRrUsEsUWwpZ6I5yR5uVgj+8hJ9TaZQNAgB8zK0FvAxmu5bO+mq7c6eDEsYbcuMt3X+VZrkD36toaWM+gXPqziVkiNxp8DdS2TB8EN2J+MBGQRkbG6t6zdVMF0XrWpoT2UeMeFQ05I5lk1mlVupa6TJCpeH7sZBL2pgR+6TRDhViShur5PZUepHayS45PjPYPMsejfGZInRjHl/aqGcRK8YkXPjVDqPSp0xIa/QXYwIDAQAB",
>     "auth-server-url": "http://localhost:8080/auth",
>     "ssl-required": "external",
>     "resource": "third-party",
>     "credentials": {
>     "secret": "7269abc3-4de8-4be7-b881-8c3fcacf4ef4"
>       }
>     }
>
>
>
>     _______________________________________________
>     keycloak-user mailing list
>     keycloak-user at lists.jboss.org <mailto:keycloak-user at lists.jboss.org>
>     https://lists.jboss.org/mailman/listinfo/keycloak-user
>
>
>
>
>
>
>
>
> _______________________________________________
> keycloak-dev mailing list
> keycloak-dev at lists.jboss.org
> https://lists.jboss.org/mailman/listinfo/keycloak-dev

-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.jboss.org/pipermail/keycloak-dev/attachments/20151016/92082f41/attachment-0001.html

More information about the keycloak-dev mailing list