Hi Bartek,
thank you for your answer.
The login using the Keycloak redirect you described is not the problem – this actually
works fine already.
I am talking about the user registration form that uses a custom Keycloak theme. I need
some more advanced UI elements in the registration theme and thus I am trying to use
Aurelia in the theme. However, when the user clicks the ‘Register’ button and the
registration form contains validation errors, Keycloak responds with reloading the whole
page (which now has the validation error messages baked in). In my case, this causes an
unwanted reload of the SPA that takes too long. So what I want to do is to submit the
registration form via AJAX and just receive a JSON response containing the validation
errors which I can then render on the client without reloading the whole app.
Von: Bartosz Andrzejczak [mailto:ba.andrzejczak@gmail.com]
Gesendet: Dienstag, 20. Februar 2018 21:43
An: moritz.becker(a)gmx.at
Cc: keycloak-user(a)lists.jboss.org
Betreff: Re: [keycloak-user] Keycloak AJAX authentication flow
Hi Moritz,
The usual path with SPA would be to just redirect user to the Keycloak authentication
page, that if user’s logged in would just redirect them back with authentication code in
the query parameter, and if not - would require user to log in. I’ve described that for
Angular here:
https://medium.com/andrzejczak/sso-for-your-single-page-application-part-...
But if your app load time is quite long there might be something else you can do. There’s
a token endpoint that would return you a JSON containing authentication token and refresh
token, both with expiration times. All you need to provide is login and password (and
additionally grant_type (`password`) and your client_id). So if you decide to implement
authentication form on your side you could just use that to get a token for a user and
treat this user as logged into the application. You’re loosing the SSO capabilities of
Keycloak, but it might still be enough for you. You can see example of this token request
in step 1 of this blogpost
https://blog.softwaremill.com/who-am-i-keycloak-impersonation-api-bfe7aca.... Be sure to
enable Direct Flow in the Keycloak Client, though.
Cheers,
Bartek
On 20 Feb 2018, at 3:38 PM, <moritz.becker(a)gmx.at <mailto:moritz.becker@gmx.at>
> <moritz.becker(a)gmx.at <mailto:moritz.becker@gmx.at> > wrote:
Hi,
I am trying to implement a Keycloak registration theme using the Aurelia JS
Framework.
The problem is that there is currently no possibility to submit the
registration form via AJAX and get back a reduced response that just
contains validation errors etc. instead of reloading the whole page. Page
reload is problematic in this scenario since it causes a reload of the
Aurelia-App which takes too long.
As far as I can see, I would need to customize the
org.keycloak.authentication.FormAuthenticationFlow but there is not SPI to
do so at the moment.
Do you have any recommendations for me?
Thanks,
Moritz
_______________________________________________
keycloak-user mailing list
keycloak-user(a)lists.jboss.org <mailto:keycloak-user@lists.jboss.org>
https://lists.jboss.org/mailman/listinfo/keycloak-user