1:16 a.m.
Can you also show us your keycloak.json and show how you pass from the
frontend the token to the nodejs service ?
On Sat, Mar 4, 2017 at 8:07 AM, Saransh Kumar <skm.8896(a)gmail.com> wrote:
Hello Sebastien, Bruno
Thanks for replying. :)
Keycloak server: 2.5.1
keycloak-connect: 2.5.3 (node js adapter)
Rest API on express node js which is to be secured:-
var express = require('express');var router = express.Router();var app =
express();var Keycloak = require('keycloak-connect');var keycloak =new
Keycloak();
app.use( keycloak.middleware( {
logout: '/logout',
admin: '/',} ));
router.get('/users',keycloak.protect(),function(req, res, next) {
res.send('Reached here');
});
The response is : Error 403 Forbidden.
Note: I have also included the package.json in the root folder.
Thanks in advance
On Sat, Mar 4, 2017 at 4:41 AM, Bruno Oliveira <bruno(a)abstractj.org>
wrote:
> Last time I checked, the adapter works with bearer only. If you provide
> the steps to reproduce, version of keycloak server, adapter version and the
> error. That would help ;)
>
> On Fri, Mar 3, 2017, 8:05 PM Sebastien Blanc <sblanc(a)redhat.com> wrote:
>
>> Well the adapter works with bearer only , what is the error that you are
>> getting ?
>> Le ven. 3 mars 2017 à 21:26, Saransh Kumar <skm.8896(a)gmail.com> a écrit
>> :
>>
>> > Hii Sebastien,
>> >
>> > Actually, the node js kc adapter is not working with bearer auth only.
>> > So, I need to verify the access token myself with keycloak in node js
>> > without using node js adapter or any other adapters.
>> > Please help me out in this way.
>> >
>> > Thanks in advance.
>> > Saransh
>> >
>> > On Sat, Mar 4, 2017 at 12:06 AM, Sebastien Blanc <sblanc(a)redhat.com>
>> > wrote:
>> >
>> >
>> >
>> > On Fri, Mar 3, 2017 at 7:04 PM, Saransh Kumar <skm.8896(a)gmail.com>
>> wrote:
>> >
>> > Hello all,
>> >
>> > I have a REST API in express node js.
>> > I want to secure it with keycloak bearer auth only.
>> > So, a keycloak token would be recieved in the Authorization header of
>> the
>> > GET request to the REST API.
>> > I have to verify the token with keycloak *without using any adapters.*
>> > Please help me out in the process.
>> >
>> > Are you not allowed to add any extra packages ? Just lookup the source
>> > code of the nodejs kc adapter and paste it into your app ;)
>> >
>> >
>> >
>> > Thanks in advance
>> > Saransh
>> > _______________________________________________
>> > keycloak-user mailing list
>> > keycloak-user(a)lists.jboss.org
>> > https://lists.jboss.org/mailman/listinfo/keycloak-user
>> >
>> >
>> >
>> >
>> _______________________________________________
>> keycloak-user mailing list
>> keycloak-user(a)lists.jboss.org
>> https://lists.jboss.org/mailman/listinfo/keycloak-user
>
>