I have created a rest api in node js and used keycloak-connect npm packge. I have mapped the nodejs middleware with keycloak middleware and just put keycloak.Protect() method in side api method.

When the user is not logged in, it shows a login screen and ask for credential. After login, it shows the result. but I don't want to show a login screen if user is not already logged in. Instead of that i want to pass the token and get access based upon that token?

Do i need to do anything in the API code so that it will accept the user token?

I like to use this api through User interface and set the access type bearer for this service in the keycloak admin. 

see the example:

  var express = require('express');
    var apiRoutes = express.Router();
    var User = require('../models/user');
    var jwt = require('jsonwebtoken');
    var faker = require('faker');
    var session = require('express-session');
    var Keycloak = require('keycloak-connect');
    var hogan = require('hogan-express');
    

    
    var memoryStore = new session.MemoryStore();
    
    var keycloak = new Keycloak({store: memoryStore});
    
        app.use(session({
            secret: app.get('superSecret'),
            resave: false,
            saveUninitialized: true,
            store: memoryStore
        }));

        app.use(keycloak.middleware({
            logout: '/logout',
            admin: '/'
        }));
 app.get('/api/user', keycloak.protect(), function (req, res) {
            res.json({
                name: faker.name.findName(),
                email: faker.internet.email(),
                address: faker.address.streetAddress(),
                bio: faker.lorem.sentence(),
                image: faker.image.avatar()

  });
        });


Keycloak.json:


{
  "realm" : "nodejs-example",
  "realm-public-key" : "MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCrVrCuTtArbgaZzL1hvh0xtL5mc7o0NqPVnYXkLvgcwiC3BjLGw1tGEGoJaXDuSaRllobm53JBhjx33UNv+5z/UMG4kytBWxheNVKnL6GgqlNabMaFfPLPCF8kAgKnsi79NMo+n6KnSY8YeUmec/p2vjO2NjsSAVcWEQMVhJ31LwIDAQAB",
  "auth-server-url" : "http://xxxx:9090/auth",
  "ssl-required" : "external",
  "resource" : "nodejs-connect",
  "public-client" : true
}

Thanks,
Deepak


On Fri, Aug 5, 2016 at 1:07 PM, Shiva Saxena <shivasaxena999@gmail.com> wrote:
Hi,

Do you mean how do you set the bearer token when calling the REST endpoint from the browser ?

On Fri, Aug 5, 2016 at 1:02 PM, Deepak Garg <deepakgarg.garg@gmail.com> wrote:
Hi Shiva,

Thanks for the reply. I have already gone through this article.

I am specially looking for how to set the access type to bearer when using the API from other application and pass on the token? How to pass the authentication token to API and how keycloak would determine the same?

Also, I may need to change the keycloak.json as well based upon access type

Please suggest me example based upon above requirement.

Thanks,
Deepak

On Fri, Aug 5, 2016 at 12:24 PM, Shiva Saxena <shivasaxena999@gmail.com> wrote:
Hi Deepak,

You can check this example on github

In the admin console you will need to add a new application, it can be public or bearer depends, on the fact that will your API be directly called and request authentication or they will be called inside a pre authenticated app and just pass the token previously obtained.

On Fri, Aug 5, 2016 at 9:59 AM, Deepak Garg <deepakgarg.garg@gmail.com> wrote:
Hi,

I have created a nodeJS rest api application. I want to secure my nodeJS API layer using keycloak. 

Please suggest me how I can achieve the same?

What configuration I need to do in the admin keycloak console? like under client->access type should be public or bearer only?


Thanks,
Deepak

_______________________________________________
keycloak-user mailing list
keycloak-user@lists.jboss.org
https://lists.jboss.org/mailman/listinfo/keycloak-user



--
Best Regards
Shiva Saxena                   




--
Best Regards
Shiva Saxena