3:09 a.m.
Hello Stian,
I was testing this today. My problem is that the keycloak.js script assumes
that the client application is hosted in a app/web server. I'm trying to
build a html 5 based app for smartphones. So there is no way to use the
redirect functionality, I need a way to provide to keycloak a username and
password and receive as response the token id.
Do you think that is possible? Is there any example available.
Thanks.
On Mon, Mar 10, 2014 at 10:34 AM, Stian Thorgersen <stian(a)redhat.com> wrote:
Hi,
We have a JS library, it's available at
http://localhost:8080/js/keycloak.js. There's no documentation for it
yet, and the example needs a bit of TLC, but the example is customer-app-js
and will be included in the alpha3 downloads that is due this week.
A quick overview to get you started:
Keycloak constructor takes a single object with the following properties:
* client_id (required) - the name of the application/client in the admin
console
* client_secret (optional) - not recommended, instead select public client
option for your application/client in the admin console
* realm (required)
* url (optional) - the base url of the server, if not specified it will
infer it from the url of the keycloak.js script
* onload (optional) - valid options: login-required, check-sso. Login
required will redirect to login form when init is called. Check-sso will
also redirect to login form, but won't display login form (used to check if
user is logged into to sso realm)
For example:
var keycloak = Keycloak({ client_id: 'myapp', realm: 'myrealm' })
keycloak.init(function() { alert('authenticated') }, function() {
alert('auth failed') } );
Addition methods:
* login - redirect to login form
* logout - log out
* hasRealmRole(role) - returns true if user has the realm role
* hasResourceRole(role, resource) - return true if user has the role for
the specified resource (application)
* loadUserProfile(success, failure) - loads the profile (in the future
profile will be retrieved with IDToken from OpenID Connect spec, so this
will probably not be required)
* onValidAccessToken(success, failure) - invoke methods with a valid
token. If the token is expired the refresh token is used to retrieve a new
token before invoking the success callback
Once authenticated the following properties are available as well:
* token - base64 encoded token (use this as the value for the
'Authorization' header, for example
"xMLHttpRequest.setRequestHeader('Authorization', 'Bearer ' +
keycloak.token)")
* tokenParsed - parsed token
* authenticated - true if authenticated, false otherwise
* subject - userId
Please let me know how you get on with it, any feedback would be
appreciated.
Cheers,
Stian
----- Original Message -----
> From: "Rodrigo Del Canto" <delkant(a)gmail.com>
> To: keycloak-user(a)lists.jboss.org
> Sent: Saturday, 8 March, 2014 5:54:44 AM
> Subject: [keycloak-user] External JS AJAX client for jax-rs backend API
>
> Hello guys,
>
> Congrats on the release of project! I think this is the most useful
project
> for developers in the whole history of internet :D
>
> I would like to know if you have any example on how to perform a login
from
> an external JavaScript client?
>
> How would you recommend to do this. I heard you have a JS/jQuery lib to
do
> this, where can it be found?
>
> Thanks,
>
> delkant
>
> _______________________________________________
> keycloak-user mailing list
> keycloak-user(a)lists.jboss.org
> https://lists.jboss.org/mailman/listinfo/keycloak-user