Hi guys,
I finally solved this problem.
Posting here for memory :)
I use this simple code in my NodeJS application:
import Keycloak from 'keycloak-js';
var keycloak = Keycloak();
keycloak.init({ onLoad: 'login-required'}).success(authenticated => {
if (authenticated) {
console.log("Authenticated");
}
}).error(function (error) {
console.log("Authentication error");
});
}
In Keycloak 3.3 and above, I kept getting the message "Authentication
error".
Keycloak 3.2 and below works.
I finally understood that the problem is the Web Origins of my client.
It was set to "*", but apparently this is not supported anymore in KC>=3.3.
By putting something more precise it worked (e.g.
http://localhost:3000).
The debugging of this one was very tricky...
The problem happens at the "code to token exchange" step.
In KC 3.3, the response headers "Access-Control-Allow-Origin" is set to
"*".
This doesn't seem to work with keycloak.js adapter, at this line:
https://github.com/keycloak/keycloak/blob/master/adapters/oidc/js/src/mai...
The req.status is 0. It seems that XMLHttpRequest doesn't like this
Access-Control-Allow-Origin="*".
If I change the Web Origins to
http://localhost:3000, it works.
Likewise, in KC=3.2, the Web Origins = * seems to be translated
automatically to Access-Control-Allow-Origin hea=
In KC 3.2, with Web Origin "*", the is transformed as "
http://localhost:3000"
https://github.com/keycloak/keycloak/blob/master/adapters/oidc/js/src/mai...
On Tue, Dec 12, 2017 at 10:45 AM, Corentin Dupont <corentin.dupont(a)gmail.com
wrote:
Hi guys,
I use this code in my javascript application:
var keycloak = Keycloak();
keycloak.init().success(function(authenticated) {
alert(authenticated ? 'authenticated' : 'not
authenticated');
}).error(function() {
alert('failed to initialize');
});
Since I updated Keycloak I get the message 'failed to initialize'.
It was working well with the previous version of KC 3.2.
What could it be? How can I get a better error message?
Thanks!