9:20 a.m.
Thank you Pedro,
indeed it was a version issue, I was using the older version of Keycloak.
However, after resolving this issue I've encountered a new one with always
getting a *401 Unauthorized* response from the service.
The client code that is calling the service is this:
*String accessToken = AuthzClient.create().obtainAccessToken.getToken();*
WebTarget target = client.target("url");
MyResponse res =
target.request(MediaType.APPLICATION_JSON).*header("Authorization",
"Bearer " + accessToken)*.post(MyResponse.class);
keycloak.json SERVICE
{
"realm": "demo",
"bearer-only": true,
"auth-server-url": "http://127.0.0.1:8780/auth",
"ssl-required": "external",
"resource": "risk-assessment-service",
"confidential-port": 0
}
keycloak.json CLIENT
{
"realm": "demo",
"auth-server-url": "http://127.0.0.1:8780/auth",
"ssl-required": "false",
"resource": "risk-assessment-client",
"credentials": {
"secret": "98f93f5e-e20a-433c-b29a-d3f9cab4bb44"
},
"confidential-port": 0
}
Could the problem be something with SSL? Because my service is not
available on https:// endpoints? Or is the calling code not correct?
On 29 March 2018 at 14:07, Pedro Igor Silva <psilva(a)redhat.com> wrote:
What version of Keycloak are you using ? Perhaps, Keycloak v4 ?
If so, you need to make sure your keycloak-authz dependency references the
same version.
The uma-configuration discovery endpoint changed to uma2-configuration.
Regards.
Pedro Igor
On Thu, Mar 29, 2018 at 4:21 AM, Filip Kozjak <filip.kozjak(a)gmail.com>
wrote:
> Hi everyone,
>
> I am having troubles obtaining access token for my Java EE REST service
> from Keycloak.
>
> I have started Keycloak server at *http://localhost <http://localhost>*,
> and I can access the admin console at
> *http://localhost:8081/auth/admin/master/console/#/realms/demo
> <http://localhost:8081/auth/admin/master/console/#/realms/demo>.*
>
> Next, I created a new realm "demo" and registered my REST service there.
> I've copied the generated *keycloak.json *to the WEB-INF of my service and
> added what was needed to web.xml. This successfully protected my endpoint.
> My REST service is up and running on *http://localhost:8080/
> <http://localhost:8080/>.*
>
> However, now I want to set up a client that would be authorized to access
> the protected endpoint. The client is running at *http://localhost:9080
> <http://localhost:9080>;. *Again, it's a Java EE REST service that talks
> to
> the protected service. I registered it as *OAuth Client* in the admin
> console and again copied the *keycloak.json* to the resources of my app. I
> am trying to obtain the access token like this:
>
> AuthzClient authz = AuthzClient.create();
> AccessTokenResponse tokenResponse = authzClient.obtainAccessToken();
>
> This results in the following error:
>
> java.lang.RuntimeException: Could not obtain configuration from server [
> http://localhost:8081/auth/realms/demo/.well-known/uma-configuration]
> .<br>
> <div id="stack">at
> org.keycloak.authorization.client.AuthzClient.<init>(AuthzCl
> ient.java:92)<br>at
> org.keycloak.authorization.client.AuthzClient.create(AuthzCl
> ient.java:60)<br>at
> org.keycloak.authorization.client.AuthzClient.create(AuthzCl
> ient.java:53)<br>at
> hr.assecosee.three_ds_2.risk.services.ProxyServiceImpl.invok
> eRiskLevelApi(ProxyServiceImpl.java:28)<br>at
> sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)<br>at
> sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAcce
> ssorImpl.java:62)<br>at
> sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMe
> thodAccessorImpl.java:43)<br>at
> java.lang.reflect.Method.invoke(Method.java:498)<br>at
> com.ibm.ejs.container.EJSContainer.invokeProceed(EJSContaine
> r.java:5316)<br>...
> 16 more<br>
> </div>Caused by:
> org.keycloak.authorization.client.util.HttpResponseException: Unexpected
> response from server: 404 / Not Found<br>
>
> I posted a question about it on StackOverflow too:
> https://stackoverflow.com/questions/49534589/404-not-found-
> while-requesting-token-from-keycloak
>
> Is there something I am missing?
> _______________________________________________
> keycloak-user mailing list
> keycloak-user(a)lists.jboss.org
> https://lists.jboss.org/mailman/listinfo/keycloak-user
>