[keycloak-user] Failed to initialize in KC 3.4
Виталий Ищенко
betalb at gmail.com
Tue Jan 16 06:47:06 EST 2018
Also, you can set Origins to "+" plus sign, and KC will expand origins
automatically for you
On Tue, Jan 16, 2018 at 2:46 PM Виталий Ищенко <betalb at gmail.com> wrote:
> Hi
>
> Asterisk should be pretty valid, maybe at some point in time KC stopped
> expanding it and just started to pass in reply as-is, but Access-Control-Allow-Origin:
> *
>
> Is valid header value [1]. And status = 0 means that preflight request
> check failed on the browser side and JS code can't even access any info
> from KC.
>
> Do you have request and response headers dump, an asterisk was quoted or
> not?
>
> [1]
> https://developer.mozilla.org/ru/docs/Web/HTTP/Headers/Access-Control-Allow-Origin
>
> On Tue, Jan 16, 2018 at 1:10 PM Corentin Dupont <corentin.dupont at gmail.com>
> wrote:
>
>> Hi guys,
>> I finally solved this problem.
>> Posting here for memory :)
>> I use this simple code in my NodeJS application:
>>
>> import Keycloak from 'keycloak-js';
>>
>> var keycloak = Keycloak();
>> keycloak.init({ onLoad: 'login-required'}).success(authenticated => {
>> if (authenticated) {
>> console.log("Authenticated");
>> }
>> }).error(function (error) {
>> console.log("Authentication error");
>> });
>> }
>>
>> In Keycloak 3.3 and above, I kept getting the message "Authentication
>> error".
>> Keycloak 3.2 and below works.
>>
>> I finally understood that the problem is the Web Origins of my client.
>> It was set to "*", but apparently this is not supported anymore in
>> KC>=3.3.
>> By putting something more precise it worked (e.g. http://localhost:3000).
>>
>> The debugging of this one was very tricky...
>> The problem happens at the "code to token exchange" step.
>> In KC 3.3, the response headers "Access-Control-Allow-Origin" is set to
>> "*".
>> This doesn't seem to work with keycloak.js adapter, at this line:
>>
>> https://github.com/keycloak/keycloak/blob/master/adapters/oidc/js/src/main/resources/keycloak.js#L341
>>
>> The req.status is 0. It seems that XMLHttpRequest doesn't like this
>> Access-Control-Allow-Origin="*".
>>
>> If I change the Web Origins to http://localhost:3000, it works.
>> Likewise, in KC=3.2, the Web Origins = * seems to be translated
>> automatically to Access-Control-Allow-Origin hea=
>>
>>
>>
>>
>>
>> In KC 3.2, with Web Origin "*", the is transformed as "
>> http://localhost:3000"
>>
>>
>>
>>
>> https://github.com/keycloak/keycloak/blob/master/adapters/oidc/js/src/main/resources/keycloak.js#L337
>>
>>
>>
>>
>> On Tue, Dec 12, 2017 at 10:45 AM, Corentin Dupont <
>> corentin.dupont at gmail.com
>> > wrote:
>>
>> > Hi guys,
>> >
>> > I use this code in my javascript application:
>> >
>> > var keycloak = Keycloak();
>> > keycloak.init().success(function(authenticated) {
>> > alert(authenticated ? 'authenticated' : 'not
>> authenticated');
>> > }).error(function() {
>> > alert('failed to initialize');
>> > });
>> >
>> > Since I updated Keycloak I get the message 'failed to initialize'.
>> > It was working well with the previous version of KC 3.2.
>> >
>> > What could it be? How can I get a better error message?
>> >
>> >
>> > Thanks!
>> >
>> _______________________________________________
>> keycloak-user mailing list
>> keycloak-user at lists.jboss.org
>> https://lists.jboss.org/mailman/listinfo/keycloak-user
>>
>
More information about the keycloak-user
mailing list