[keycloak-user] OpenID Connect support

Bill Burke bburke at redhat.com
Mon Oct 20 12:04:44 EDT 2014 

Can't really tell, but maybe your library doesn't like the token format 
we send back?  Just looking at the 1st exception in the log...

Log a jira and we can look into it.  Our queue is pretty full at the 
moment though.

On 10/20/2014 11:28 AM, Iván Perdomo wrote:
> Hi again,
>
>
> On Thu, 25 Sep 2014 14:53:04 +0200
> Iván Perdomo <ivan at akvo.org> wrote:
>
>> I'll do some testing using third-party libs/clients and will share my
>> findings.
>
> I'm testing a simple OIDC Android app [1] and Keycloack (1.0.1.Final)
>
> Some minor configuration settings are required on this sample app [2]:
>
> authorizationServerUrl = https://host/auth/name/rname/tokens/login
> tokenServerUrl = https://host/auth/realms/name/tokens/access/codes
> userInfoUrl = https://host/auth/realms/name/account
>
> After making a build and test in in my mobile, I'm able to:
>
> * get redirected to the login
> * Successfully login
> * get redirected to the grant options
>
> After granting access to the application, I should get a new account on
> my mobile, but I'm getting an exception: "Invalid ID token returned" [3]
>
> The whole adb logcat log is a bit verbose, but you can see the
> following:
>
> java.io.IOException: Invalid ID token returned.
> at
> com.lnikkila.oidcsample.oidc.OIDCUtils.requestTokens(OIDCUtils.java:123)
> (...)
> com.google.api.client.auth.oauth2.TokenResponseException: 400 Bad
> Request
> {
> "error": "invalid_grant",
> "error_description": "Code not found"
> }
>
>
> I can discard the idea of a bug in the sample code because I managed to
> successfully login using Mitre's Open ID connect Spring implementation
> [4]
>
> Any ideas how to know what's going wrong? I would love to get
> Keycloak and this sample code working.
>
> Thanks for your support.
>
> [1] https://github.com/learning-layers/android-openid-connect-sample
> [2]
> https://github.com/learning-layers/android-openid-connect-sample/blob/8155f0f7c0579441c567d3e5f31355363dfb4c92/app/src/main/java/com/lnikkila/oidcsample/Config.java#L10-L12
> [3]
> https://gist.githubusercontent.com/iperdomo/023d166629ece47a5de2/raw/70c06ebb2a99cf28e40ad97dc6c8c8dadb501ac1/adb.log
> [4] https://github.com/mitreid-connect/OpenID-Connect-Java-Spring-Server
>
>

-- 
Bill Burke
JBoss, a division of Red Hat
http://bill.burkecentral.com

More information about the keycloak-user mailing list