Hi, If i configure a new google broker, it always shows: "your already
logged in"
It seems to never redirect back to my application.
The logging shows the following warning:
Not present cache item for key LoginFailureKey [ realmId=mgb.
userId=1178a3e9-f20a-4564-b921-22e196b6ab9b
If I try to login again from my application, I get an unexpected error.
logging shows:
ERROR [org.keycloak.broker.oidc.AbstractOAuth2IdentityProvider] (default
task-17) Failed to make identity provider oauth callback:
org.keycloak.broker.provider.IdentityBrokerException: No access_token from
server.
at
org.keycloak.broker.oidc.OIDCIdentityProvider.verifyAccessToken(OIDCIdentityProvider.java:444)
With some more logging I see that a POST request to
www.googleapis.com/oauth2/v3/token returns a 401 Unauthorized
the following request params were sent:
code=4%2FAADq7hCNFYS8Sn5fSaKTO-Z4NFsWp8dt-_rxDFfI9zV5by4zeKLKy9EIw-1S0xD7WZs8O2lIwVQpbYdhv-eRcDc&grant_type=authorization_code&client_secret=**********&redirect_uri=https%3A%2F%
2Fsecure.mydomain.nl
%2Fauth%2Frealms%2Fbloxsense%2Fbroker%2Fgoogle%2Fendpoint&client_id=
770468752706-kvjr3kjmi12uokbe30ldpu4lt43k05vm.apps.googleusercontent.com"
I tried using stickie sessions in my loadbalancer, there is no difference
in behaviour..
This is a HA setup using the helm chart
Greetz
Naftali