[keycloak-user] Wrong error message while IDP integration

Karol Buler K.Buler at adbglobal.com
Mon Oct 1 05:20:52 EDT 2018


Hi,

I am testing Identity Brokering, so I tried to run two Keycloak instances in 4.5.0.Final version: MAIN and SECOND. SECOND is a Identity Provider for the MAIN instance. Everything is fine since redirecting from SECOND. In GUI of MAIN instance I am getting:

We're sorry...
An error occurred, please login again through your application.

In logs of MAIN:

10:36:11,122 WARN  [org.keycloak.events] (default task-1) type=IDENTITY_PROVIDER_LOGIN_ERROR, realmId=master, clientId=null, userId=null, ipAddress=127.0.0.1, error=invalid_code

Which is wrong, because after DEBUG enabled in Wildfly (MAIN) I found that code is successfully converted into access_token with the SECOND instance in request:

POST /auth/realms/master/protocol/openid-connect/token HTTP/1.1

SECOND doesn't log anything.

What is interesting and may be helpful -> few lines before WARN/error:

10:36:11,120 DEBUG [org.keycloak.services.util.CookieHelper] (default task-1) {1} cookie found in the requests header
10:36:11,120 DEBUG [org.keycloak.services.util.CookieHelper] (default task-1) {1} cookie found in the cookies field
10:36:11,120 DEBUG [org.keycloak.services.managers.AuthenticationSessionManager] (default task-1) Found AUTH_SESSION_ID cookie with value 5edf6c51-d976-4dc5-a64d-c3d748847939.<hostname>
10:36:11,120 DEBUG [org.keycloak.services.util.CookieHelper] (default task-1) {1} cookie found in the requests header
10:36:11,120 DEBUG [org.keycloak.services.util.CookieHelper] (default task-1) {1} cookie found in the cookies field
10:36:11,121 DEBUG [org.keycloak.services.managers.AuthenticationSessionManager] (default task-1) Found AUTH_SESSION_ID cookie with value 5edf6c51-d976-4dc5-a64d-c3d748847939.<hostname>
10:36:11,122 DEBUG [org.keycloak.services.util.CookieHelper] (default task-1) {1} cookie found in the requests header
10:36:11,122 DEBUG [org.keycloak.services.util.CookieHelper] (default task-1) {1} cookie found in the cookies field
10:36:11,122 DEBUG [org.keycloak.services.managers.AuthenticationSessionManager] (default task-1) Found AUTH_SESSION_ID cookie with value 5edf6c51-d976-4dc5-a64d-c3d748847939.<hostname>
10:36:11,122 DEBUG [org.keycloak.services.resources.SessionCodeChecks] (default task-1) Authentication session not found. Trying to restart from cookie.
10:36:11,122 DEBUG [org.keycloak.protocol.RestartLoginCookie] (default task-1) KC_RESTART cookie doesn't exist

Best regards,
Karol

[https://www.adbglobal.com/wp-content/uploads/adb.png]
adbglobal.com<https://www.adbglobal.com>
This message (including any attachments) may contain confidential, proprietary, privileged and/or private information. The information is intended for the use of the individual or entity designated above. If you are not the intended recipient of this message, please notify the sender immediately, and delete the message and any attachments. Any disclosure, reproduction, distribution or other use of this message or any attachments by an individual or entity other than the intended recipient is STRICTLY PROHIBITED.
Please note that ADB protects your privacy. Any personal information we collect from you is used in accordance with our Privacy Policy<https://www.adbglobal.com/privacy-policy/> and in compliance with applicable European data protection law (Regulation (EU) 2016/679, General Data Protection Regulation) and other statutory provisions.


More information about the keycloak-user mailing list