3:05 a.m.
(including the mailing list again)
tbh I'm not sure this is related to keycloak, isn't just a matter of using
the right IPs exposed by the container in your keycloak.json files ?
On Tue, Apr 25, 2017 at 6:25 PM, Alex Berg <chexxor(a)gmail.com> wrote:
Here's my problem:
I'm running keycloak, mysql, and my JS app locally in docker containers.
From inside the container, keycloak is accessible at "keycloak:8080", but
outside the container (from the browser on localhost), it's available at
"localhost:8080". My "keycloak.json" file has
"auth-server-url" =
"localhost:8080", so when JS app gets the OIDC authorization token in a
callback, the Keycloak middleware in my JS app tries to get an access token
by requesting the auth token to "localhost:8080", but this request fails
because localhost isn't serving on that port - the "keycloak" container
is.
On Sat, Apr 22, 2017 at 2:08 PM, Alex Berg <chexxor(a)gmail.com> wrote:
> I can't find docs which answer the basic question of what it does and how
> it is supposed to work. After spending a week trying to discover these
> answers for myself by reading it's code, I still can't get it to work, so I
> am curious what I would lose my using a better documented library. Thanks
> for that answer!
>
> I'm doing a SPA-ish app and want to track session on a cookie, and this
> library does exactly that, but knowing how the redirects should work and
> what the responses should be is pretty tricky. The errors indicate deeper
> complexity than just "install this middleware and the rest just works".
>
> I can make a PR for doc improvements. I know one of the errors I was
> seeing is a response of "invalid authorization token", but I don't know
why
> that would be. I can only make a JIRA ticket if I know the problem isn't my
> lack of knowledge.
>
> On Apr 22, 2017 02:32, "Sebastien Blanc" <sblanc(a)redhat.com> wrote:
>
>>
>>
>> On Fri, Apr 21, 2017 at 8:16 PM, Alex Berg <chexxor(a)gmail.com> wrote:
>>
>>> I am trying to install the keycloak-nodejs-connect middleware into my
>>> app.
>>> It isn't working well, so of course I'm thinking of trying a
different
>>> openid-connect client library.
>>>
>> What doesn't work well ? Have you opened tickets for this ?
>>
>>>
>>> What does the keycloak-nodejs-connect library do that other
>>> openid-connect
>>> client libraries doesn't do? It looks like one unique thing is that it
>>> listens for a logout request to be sent from the keycloak admin console,
>>> but I'm not sure as docs don't exist.
>>>
>> It also handles the admin backend channel for revocation, it handles
>> public key rotation retrieval, role-based authorization. This is documented
>> in the docs that exists https://keycloak.gitbooks.io/d
>> ocumentation/content/securing_apps/topics/oidc/nodejs-adapter.html
>>
>>> _______________________________________________
>>> keycloak-user mailing list
>>> keycloak-user(a)lists.jboss.org
>>> https://lists.jboss.org/mailman/listinfo/keycloak-user
>>>
>>
>>