Re: [keycloak-user] Failed to initialize in KC 3.4

Hi Asterisk should be pretty valid, maybe at some point in time KC stopped expanding it and just started to pass in reply as-is, but Access-Control-Allow-Origin: * Is valid header value [1]. And status = 0 means that preflight request check failed on the browser side and JS code can't even access any info from KC. Do you have request and response headers dump, an asterisk was quoted or not? [1] https://developer.mozilla.org/ru/docs/Web/HTTP/Headers/ Access-Control-Allow-Origin On Tue, Jan 16, 2018 at 1:10 PM Corentin Dupont <corentin.dupont(a)gmail.com&gt; wrote: > Hi guys, > I finally solved this problem. > Posting here for memory :) > I use this simple code in my NodeJS application: > > import Keycloak from 'keycloak-js'; > > var keycloak = Keycloak(); > keycloak.init({ onLoad: 'login-required'}).success(authenticated => { > if (authenticated) { > console.log("Authenticated"); > } > }).error(function (error) { > console.log("Authentication error"); > }); > } > > In Keycloak 3.3 and above, I kept getting the message "Authentication > error". > Keycloak 3.2 and below works. > > I finally understood that the problem is the Web Origins of my client. > It was set to "*", but apparently this is not supported anymore in > KC>=3.3. > By putting something more precise it worked (e.g. http://localhost:3000). > > The debugging of this one was very tricky... > The problem happens at the "code to token exchange" step. > In KC 3.3, the response headers "Access-Control-Allow-Origin" is set to > "*". > This doesn't seem to work with keycloak.js adapter, at this line: > https://github.com/keycloak/keycloak/blob/master/adapters/ > oidc/js/src/main/resources/keycloak.js#L341 > > The req.status is 0. It seems that XMLHttpRequest doesn't like this > Access-Control-Allow-Origin="*". > > If I change the Web Origins to http://localhost:3000, it works. > Likewise, in KC=3.2, the Web Origins = * seems to be translated > automatically to Access-Control-Allow-Origin hea= > > > > > > In KC 3.2, with Web Origin "*", the is transformed as " > http://localhost:3000" > > > > https://github.com/keycloak/keycloak/blob/master/adapters/ > oidc/js/src/main/resources/keycloak.js#L337 > > > > > On Tue, Dec 12, 2017 at 10:45 AM, Corentin Dupont < > corentin.dupont(a)gmail.com > > wrote: > > > Hi guys, > > > > I use this code in my javascript application: > > > > var keycloak = Keycloak(); > > keycloak.init().success(function(authenticated) { > > alert(authenticated ? 'authenticated' : 'not > authenticated'); > > }).error(function() { > > alert('failed to initialize'); > > }); > > > > Since I updated Keycloak I get the message 'failed to initialize'. > > It was working well with the previous version of KC 3.2. > > > > What could it be? How can I get a better error message? > > > > > > Thanks! > > > _______________________________________________ > keycloak-user mailing list > keycloak-user(a)lists.jboss.org > https://lists.jboss.org/mailman/listinfo/keycloak-user >