Reason for showcase app not showing user info is that it can not obtain authentication token from keycloak. Because of that if sync server is protected by keycloak, user won't be able to query or edit items.
Problem seems to be in client created with CR by MDC. If I create new client manually in keycloak with same config, all works then.
This is difference between client created manually (mobile-client) and created by MDC during binding (jhellar-client):
{noformat}
➜ Desktop diff mobile-client.json jhellar-client.json
2c2,7
< "clientId": "mobile-client",
---
> "clientId": "jhellar-client",
> "name": "jhellar-client",
> "description": "",
> "rootUrl": "",
> "adminUrl": "",
> "baseUrl": "",
7c12
< "*"
---
> "http://localhost*"
10c15,16
< "*"
---
> "*",
> "http://localhost:8100"
17c23
< "directAccessGrantsEnabled": true,
---
> "directAccessGrantsEnabled": false,
22,36c28
< "attributes": {
< "saml.assertion.signature": "false",
< "saml.force.post.binding": "false",
< "saml.multivalued.roles": "false",
< "saml.encrypt": "false",
< "saml.server.signature": "false",
< "saml.server.signature.keyinfo.ext": "false",
< "exclude.session.state.from.auth.response": "false",
< "saml_force_name_id_format": "false",
< "saml.client.signature": "false",
< "tls.client.certificate.bound.access.tokens": "false",
< "saml.authnstatement": "false",
< "display.on.consent.screen": "false",
< "saml.onetimeuse.condition": "false"
< },
---
> "attributes": {},
38,39c30,31
< "fullScopeAllowed": true,
< "nodeReRegistrationTimeout": -1,
---
> "fullScopeAllowed": false,
> "nodeReRegistrationTimeout": 0,
{noformat}
|
|
