[keycloak-user] Error when keycloak.js is bundled with application but not otherwise
Stian Thorgersen
sthorger at redhat.com
Sun Jul 2 23:14:05 EDT 2017
On 2 July 2017 at 18:47, Karthik Jayaraman <aswin88us at gmail.com> wrote:
> Hi all,
>
> I am having the following issue:
>
> Scenario 1:
>
> In my application index.html (bundled in a JAR file and deployed in Jetty),
> I have the following code:
>
> <script src="keycloak.js"></script>
>
> <script>
> var keycloak = Keycloak(
> {
> "realm": "master",
> "clientId": "client1",
> "auth-server-url": "http://
> <<keycloak-server-ip>>:<<keycloak-server-port>>/auth",
> "public-client": true
> });
>
Check
https://keycloak.gitbooks.io/documentation/securing_apps/topics/oidc/javascript-adapter.html.
You should use 'url' instead of 'auth-server-url' when passing arguments
directly to constructor instead of using keycloak.json file.
>
> keycloak.init({
> onLoad: 'login-required'
> }).success(function () {
> alert("login success");
> });
>
> </script>
>
> And I have the following client configuration in Keycloak server
>
> Client Protocol - openid-connect
> Access Type - public
> Standard Flow Enabled - ON
> Implicit Flow Enabled - OFF
> Direct Access Grants Enabled - ON
> Authorization Enabled - OFF
> Root URL -
> Valid Redirect URIs - http://
> <<myapplicationIP>>:<<myapplicationPort>>/admin/*
> Base URL - http://<<myapplicationIP>>:<<myapplicationPort>>/admin
> Admin URL -
> Web Origins -
>
> With this configuration, the first time when I hit
> http://<<myapplicationIP>>:<<myapplicationPort>>/admin/
> , I am getting redirected to http://
> <<myapplicationIP>>:<<myapplicationPort>>/realms/
> master/protocol/openid-connect
> /auth?client_id=client1&redirect_uri=http%3A%2F%2F<<myapplicationIP>>%3A<<
> myapplicationPort>>%2Fadmin%2F&state=c524eb6c-9245-4f82-
> 87e9-e767dd733b0d&nonce=760809b5-b2d5-4c3e-9d76-
> 40cd43bdef0d&response_mode=fragment&response_type=code&scope=openid
>
> and I get 404 which is expected since keycloak is trying to redirect to
> http://<<myapplicationIP>>:<<myapplicationPort>>/realms/... which does
> not
> exist in our application.
>
> Scenario 2:
>
> When I do the same thing as scenario 1 except the way keycloak.js is
> loaded, everything works as expected.
>
> <script src="http://
> <<keycloakServerIP>>:<<keycloakServerPort>>/auth/js/keycloak.js"></script>
>
> So, what is operationally different between bundling keycloak.js and
> loading it at run time ?
>
> - Karthik
> _______________________________________________
> keycloak-user mailing list
> keycloak-user at lists.jboss.org
> https://lists.jboss.org/mailman/listinfo/keycloak-user
>
More information about the keycloak-user
mailing list