Hi Sebi,

I did the same thing and defined a new client/resource called "nodejs-connect" and set the access type "bearer-only" .

but when I am running my node server, it is throwing an error

"SyntaxError: Unexpected token u

at Object.parse (native)

at Config.loadConfiguration (D:\Sample Projects\NodePrototypes\NodeSample\no

de_modules\keycloak-connect\node_modules\keycloak-auth-utils\lib\config.js:53:23

)

at new Config (D:\Sample Projects\NodePrototypes\NodeSample\node_modules\key

cloak-connect\node_modules\keycloak-auth-utils\lib\config.js:40:10)

at new Keycloak (D:\Sample Projects\NodePrototypes\NodeSample\node_modules\k

eycloak-connect\index.js:61:17)"

Can you look into this below keycloak.json file. If I have specified whether it is correct?

Keycloak.json

{

"realm": "nodejs-example",

"realm-public-key": "MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCtvV0qb8+A0pxKoRpToHhc6srY4PyoX/pwgmR7HyV0PeUw/DgyyCI1Wmvw3T15kWw7Q84gX8IL0wDNtfmbhMPmz5umVeul3LzacjU9qfDqG96Wirn7+5Je1VieH5wRX3mtyQ2TboRVpjFD0fwd063FYOtCynfDSS0Uo6YgjWs8QwIDAQAB",

"bearer-only": true,

"auth-server-url": "http://localhost:9090/auth",

"ssl-required": "none",

"resource": nodejs-connect",

"enable-cors" : true,

"credentials": {

"secret": "6b620304-b4a9-4007-8701-d3abb3537598"

}

Thanks,

Deepak

On Mon, Aug 8, 2016 at 12:34 PM, Sebastien Blanc <sblanc@redhat.com> wrote:

Hi,

Is your NodeJS app just a REST backend without any frontend ? In this case you should put "bearer-only: true" and then it is the responsibility of your frontend or any other service to pass the token to your rest service.

Sebi

On Mon, Aug 8, 2016 at 7:03 AM, Deepak Garg <deepakgarg.garg@gmail.com> wrote:
I have created a rest api in node js and used keycloak-connect npm packge.
I have mapped the nodejs middleware with keycloak middleware and just put
keycloak.Protect() method in side api method.

When the user is not logged in, it shows a login screen and ask for
credential. After login, it shows the result. but I don't want to show a
login screen if user is not already logged in. Instead of that i want to
pass the token and get access based upon that token?

Do i need to do anything in the API code so that it will accept the user
token?

I like to use this api through User interface and set the access type
bearer for this service in the keycloak admin.

see the example:

var express = require('express');
var apiRoutes = express.Router();
var User = require('../models/user');
var jwt = require('jsonwebtoken');
var faker = require('faker');
var session = require('express-session');
var Keycloak = require('keycloak-connect');
var hogan = require('hogan-express');

var memoryStore = new session.MemoryStore();

var keycloak = new Keycloak({store: memoryStore});

app.use(session({
secret: app.get('superSecret'),
resave: false,
saveUninitialized: true,
store: memoryStore
}));

app.use(keycloak.middleware({
logout: '/logout',
admin: '/'
}));
app.get('/api/user',* keycloak.protect()*, function (req, res) {
res.json({
name: faker.name.findName(),
email: faker.internet.email(),
address: faker.address.streetAddress(),
bio: faker.lorem.sentence(),
image: faker.image.avatar()

});
});

Keycloak.json:

{
"realm" : "nodejs-example",
"realm-public-key" :
"MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCrVrCuTtArbgaZzL1hvh0xtL5mc7o0NqPVnYXkLvgcwiC3BjLGw1tGEGoJaXDuSaRllobm53JBhjx33UNv+5z/UMG4kytBWxheNVKnL6GgqlNabMaFfPLPCF8kAgKnsi79NMo+n6KnSY8YeUmec/p2vjO2NjsSAVcWEQMVhJ31LwIDAQAB",
"auth-server-url" : "http://xxxx:9090/auth",
"ssl-required" : "external",
"resource" : "nodejs-connect",
"public-client" : true
}

Thanks,
Deepak

_______________________________________________
keycloak-user mailing list
keycloak-user@lists.jboss.org
https://lists.jboss.org/mailman/listinfo/keycloak-user