<div dir="ltr"><div>Sadly we've got no one on the team that are clued up on mobile development. However, the AeroGear guys they know all about it, so take a look at <a href="https://aerogear.org/docs/guides/security/oauth2-guide/">https://aerogear.org/docs/guides/security/oauth2-guide/</a> they have OAuth2 adapters that work with Keycloak.</div></div><div class="gmail_extra"><br><div class="gmail_quote">On 13 January 2016 at 18:20, Aritz Maeztu <span dir="ltr"><<a href="mailto:amaeztu@tesicnor.com" target="_blank">amaeztu@tesicnor.com</a>></span> wrote:<br><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">
<div bgcolor="#FFFFFF" text="#000000">
Hello everybody,<br>
<br>
I'm struggling to implement a keycloak login from my Android app.
What I want to do is to simulate what a browser does (request a
resource, be redirected to keycloak login page and get an access
token later on). From what I've seen from the OAuth2 protocol, I
need to firstly get the authorization code and later on request the
access token with that code. I wouldn't like my Android app to be
registered as a client itself, so I've registered my web service as
public.<br>
<br>
Here I start the intent to launch the Android browser pointing to
the keycloak authorization address (/openid-connect/auth):<br>
<br>
Intent i = new Intent(Intent.ACTION_VIEW,
Uri.parse(<a href="http://192.168.0.230:8080/auth/realms/master/protocol/" target="_blank">"http://192.168.0.230:8080/auth/realms/master/protocol/"</a> +<br>
"openid-connect/auth?response_type=code&client_id=web_service&redirect_uri=android://app"));<br>
startActivity(i);<br>
<br>
When I enter the credentials successfully, I'm given a code in the
redirection url, coming back to my app:<br>
<br>
Uri data = getIntent().getData();<br>
if (data != null) {<br>
String accessCode= data.getQueryParameter("code");<br>
System.out.println("Authorization code:" + accessCode);<br>
}<br>
<br>
The code looks like
bC8OM0TwfbhYouM34M3RY2aZRYTywXZVAvKFABgvVRc.693363de-d6b5-4f88-b545-c6603023ee4c<br>
<br>
Then I would like to get an access token with that code! I use a
Rest Template for that, making a POST request to the
/openid-connect/token endpoint:<br>
<br>
ResponseEntity rssResponse = template.exchange(<br>
<a href="http://192.168.0.230:8080/auth/realms/master/protocol/" target="_blank">"http://192.168.0.230:8080/auth/realms/master/protocol/"</a> +<br>
"openid-connect/token?grant_type=authoritation_code&client_id=web_service&code="+accessCode,<br>
HttpMethod.POST,<br>
null,<br>
Object.class);<br>
<br>
However, I'm given a 401 unauthorized exception. What am I doing
wrong? Thanks in advanced ;-)<span class="HOEnZb"><font color="#888888"><br>
<br>
<div>-- <br>
<div>
<table style="width:600;border-collapse:collapse">
<tbody>
<tr>
<td style="border-bottom-width:1px;border-bottom-style:solid;border-bottom-color:#989898"> <span style="font-weight:bold">Aritz Maeztu Otaño</span><br>
<span style="font-size:12px">Departamento Desarrollo
de Software</span> </td>
<td style="border-bottom-width:1px;border-bottom-style:solid;border-bottom-color:#989898;padding-left:20px"> <a href="https://www.linkedin.com/profile/preview?vpa=pub&locale=es_ES" target="_blank">
<img border="0">
</a> </td>
</tr>
<tr>
<td> <a href="http://www.tesicnor.com" target="_blank"> <img border="0" width="143">
</a> </td>
<td style="font-size:12px">
<p style="padding-left:20px"> <span>Pol. Ind.
Mocholi.</span> <span>C/Rio Elorz, Nave 13E </span><span style="font-weight:bold">31110 Noain (Navarra)</span><br>
<span>Telf.: 948 21 40 40</span> <br>
<span>Fax.: 948 21 40 41</span> <br>
</p>
</td>
</tr>
<tr>
<td colspan="2"> <span style="color:#009900;font-size:12px">Antes de imprimir este e-mail piense bien si es
necesario hacerlo: El medioambiente es cosa de todos.</span>
</td>
</tr>
</tbody>
</table>
</div>
</div>
</font></span></div>
<br>_______________________________________________<br>
keycloak-user mailing list<br>
<a href="mailto:keycloak-user@lists.jboss.org">keycloak-user@lists.jboss.org</a><br>
<a href="https://lists.jboss.org/mailman/listinfo/keycloak-user" rel="noreferrer" target="_blank">https://lists.jboss.org/mailman/listinfo/keycloak-user</a><br></blockquote></div><br></div>