9:40 a.m.
On Tue, Oct 11, 2016 at 6:11 PM, Andrea Carolina Buitrago <
a.carolinabm(a)gmail.com> wrote:
Hi, I want to authenticate a user (using his username and password)
in an
Android App using aerogear with a server using Keycloak. I haven't been
able to do it, help me please.
I currently can authenticate the user without aerogear, but I want to use
this library since it can help me to refresh the token when is needed. I
authenticate the user making a POST call to the server like this (but from
android):
curl -X POST http://127.0.0.1:8080/auth/realms/example/protocol/openid-connect/token
-H "Content-Type: application/x-www-form-urlencoded" -d
"username=auser" -d 'password=apassword' -d
'grant_type=password'
-d 'client_id=clientId' -d 'client_secret=secret'
What I have tried with Aerogear is this:
private void authz() {
try {
AuthzModule authzModule = AuthorizationManager.config("KeyCloakAuthz",
OAuth2AuthorizationConfiguration.class)
.setBaseURL(new URL("http://127.0.0.1:8080/"))
.setAuthzEndpoint("/realms/example/protocol/openid-connect/auth")
.setAccessTokenEndpoint("/realms/example/protocol/openid-connect/token")
.setAccountId("keycloak-token")
.setClientId("clientId")
.setClientSecret("secret")
.setRedirectURL("http://oauth2callback")
.setScopes(Arrays.asList("openid"))
.addAdditionalAuthorizationParam((Pair.create("grant_type",
"password")))
.addAdditionalAuthorizationParam((Pair.create("username",
"aUserName")))
.addAdditionalAuthorizationParam((Pair.create("password",
"aPassword")))
.asModule();
authzModule.requestAccess(this, new Callback<String>() {
@Override
public void onSuccess(String o) {
Log.d("TOKEN ", o);
}
@Override
public void onFailure(Exception e) {
System.err.println("Error!!");
Toast.makeText(getApplicationContext(), e.getMessage(),
Toast.LENGTH_LONG).show();
}
});
} catch (Exception e) {
e.printStackTrace();
throw new RuntimeException(e);
}}
However this doesn't do anything. What I don't understand is:
1. How can I specify that I'm doing and OpenID Connect with Keycloak
in Aerogear(Android) ? I've seen it in the swift library but I cannot find
it in Android
2. How and where can I send the username and password?
3. How can I specify the grant_type? (My HTTP POST to the server does
not work if I don't include this, so it's important)
So with OAuth flows you usually don't post a username/password to a
server. OAuth directs you to a trusted page, you input your credentials
there, then the service provides to the library a token and the library
exchanges that token for a token to use for your session. In AGDroid we
use a webview to show the login page.
I'm not familiar with iOS at all, does it support this workflow there?
I also don't think we've worked with OpenID Connect before. If it works it
is by happy coincidence, but Daniel Passos might be able to provide some
insight (he's the other AGDroid developer)
Do you have a github project i can poke at?
I'm really sorry if this is a very basic question, but I
haven't been able
to work it out on my own. Any help or documentation would be appreciated.
_______________________________________________
aerogear-dev mailing list
aerogear-dev(a)lists.jboss.org
https://lists.jboss.org/mailman/listinfo/aerogear-dev