[keycloak-user] Authenticate a REST API with keycloak in express node js without using adapters

Saransh Kumar skm.8896 at gmail.com
Sat Mar 4 02:07:30 EST 2017 

Hello Sebastien, Bruno


Thanks for replying. :)

Keycloak server: 2.5.1
keycloak-connect: 2.5.3 (node js adapter)

Rest API on express node js which is to be secured:-

var express = require('express');var router = express.Router();var app
= express();var Keycloak = require('keycloak-connect');var keycloak
=new Keycloak();

app.use( keycloak.middleware( {
logout: '/logout',
admin: '/',} ));

router.get('/users',keycloak.protect(),function(req, res, next) {

    res.send('Reached here');

});


The response is : Error 403 Forbidden.

Note: I have also included the package.json in the root folder.


Thanks in advance


On Sat, Mar 4, 2017 at 4:41 AM, Bruno Oliveira <bruno at abstractj.org> wrote:

> Last time I checked, the adapter works with bearer only. If you provide
> the steps to reproduce, version of keycloak server, adapter version and the
> error. That would help ;)
>
> On Fri, Mar 3, 2017, 8:05 PM Sebastien Blanc <sblanc at redhat.com> wrote:
>
>> Well the adapter works with bearer only , what is the error that you are
>> getting ?
>> Le ven. 3 mars 2017 à 21:26, Saransh Kumar <skm.8896 at gmail.com> a écrit :
>>
>> > Hii Sebastien,
>> >
>> > Actually, the node js kc adapter is not working with bearer auth only.
>> > So, I need to verify the access token myself with keycloak in node js
>> > without using node js adapter or any other adapters.
>> > Please help me out in this  way.
>> >
>> > Thanks in advance.
>> > Saransh
>> >
>> > On Sat, Mar 4, 2017 at 12:06 AM, Sebastien Blanc <sblanc at redhat.com>
>> > wrote:
>> >
>> >
>> >
>> > On Fri, Mar 3, 2017 at 7:04 PM, Saransh Kumar <skm.8896 at gmail.com>
>> wrote:
>> >
>> > Hello all,
>> >
>> > I have a REST API in express node js.
>> > I want to secure it with keycloak bearer auth only.
>> > So, a keycloak token would be recieved in the Authorization header of
>> the
>> > GET request to the REST API.
>> > I have to verify the token with keycloak *without using any adapters.*
>> > Please help me out in the process.
>> >
>> > Are you not allowed to add any extra packages ? Just lookup the source
>> > code of the nodejs kc adapter and paste it into your app ;)
>> >
>> >
>> >
>> > Thanks in advance
>> > Saransh
>> > _______________________________________________
>> > keycloak-user mailing list
>> > keycloak-user at lists.jboss.org
>> > https://lists.jboss.org/mailman/listinfo/keycloak-user
>> >
>> >
>> >
>> >
>> _______________________________________________
>> keycloak-user mailing list
>> keycloak-user at lists.jboss.org
>> https://lists.jboss.org/mailman/listinfo/keycloak-user
>
>

More information about the keycloak-user mailing list