[keycloak-user] External JS AJAX client for jax-rs backend API

Stian Thorgersen stian at redhat.com
Mon Mar 10 10:34:06 EDT 2014


We have a JS library, it's available at http://localhost:8080/js/keycloak.js. There's no documentation for it yet, and the example needs a bit of TLC, but the example is customer-app-js and will be included in the alpha3 downloads that is due this week.

A quick overview to get you started:

Keycloak constructor takes a single object with the following properties:

* client_id (required) - the name of the application/client in the admin console
* client_secret (optional) - not recommended, instead select public client option for your application/client in the admin console
* realm (required)
* url (optional) - the base url of the server, if not specified it will infer it from the url of the keycloak.js script
* onload (optional) - valid options: login-required, check-sso. Login required will redirect to login form when init is called. Check-sso will also redirect to login form, but won't display login form (used to check if user is logged into to sso realm)

For example:

  var keycloak = Keycloak({ client_id: 'myapp', realm: 'myrealm' }) 
  keycloak.init(function() { alert('authenticated') }, function() { alert('auth failed') } );

Addition methods:

* login - redirect to login form
* logout - log out
* hasRealmRole(role) - returns true if user has the realm role
* hasResourceRole(role, resource) - return true if user has the role for the specified resource (application)
* loadUserProfile(success, failure) - loads the profile (in the future profile will be retrieved with IDToken from OpenID Connect spec, so this will probably not be required)
* onValidAccessToken(success, failure) - invoke methods with a valid token. If the token is expired the refresh token is used to retrieve a new token before invoking the success callback

Once authenticated the following properties are available as well:

* token - base64 encoded token (use this as the value for the 'Authorization' header, for example "xMLHttpRequest.setRequestHeader('Authorization', 'Bearer ' + keycloak.token)")
* tokenParsed - parsed token 
* authenticated - true if authenticated, false otherwise
* subject - userId

Please let me know how you get on with it, any feedback would be appreciated.


----- Original Message -----
> From: "Rodrigo Del Canto" <delkant at gmail.com>
> To: keycloak-user at lists.jboss.org
> Sent: Saturday, 8 March, 2014 5:54:44 AM
> Subject: [keycloak-user] External JS AJAX client for jax-rs backend API
> Hello guys,
> Congrats on the release of project! I think this is the most useful project
> for developers in the whole history of internet :D
> I would like to know if you have any example on how to perform a login from
> an external JavaScript client?
> How would you recommend to do this. I heard you have a JS/jQuery lib to do
> this, where can it be found?
> Thanks,
> delkant
> _______________________________________________
> keycloak-user mailing list
> keycloak-user at lists.jboss.org
> https://lists.jboss.org/mailman/listinfo/keycloak-user

More information about the keycloak-user mailing list