Hello everybody,
I'm struggling to implement a keycloak login from my Android app. What I want to do is to simulate what a browser does (request a resource, be redirected to keycloak login page and get an access token later on). From what I've seen from the OAuth2 protocol, I need to firstly get the authorization code and later on request the access token with that code. I wouldn't like my Android app to be registered as a client itself, so I've registered my web service as public.
Here I start the intent to launch the Android browser pointing to the keycloak authorization address (/openid-connect/auth):
Intent i = new Intent(Intent.ACTION_VIEW, Uri.parse("http://192.168.0.230:8080/auth/realms/master/protocol/" +
"openid-connect/auth?response_type=code&client_id=web_service&redirect_uri=android://app"));
startActivity(i);
When I enter the credentials successfully, I'm given a code in the redirection url, coming back to my app:
Uri data = getIntent().getData();
if (data != null) {
String accessCode= data.getQueryParameter("code");
System.out.println("Authorization code:" + accessCode);
}
The code looks like bC8OM0TwfbhYouM34M3RY2aZRYTywXZVAvKFABgvVRc.693363de-d6b5-4f88-b545-c6603023ee4c
Then I would like to get an access token with that code! I use a Rest Template for that, making a POST request to the /openid-connect/token endpoint:
ResponseEntity rssResponse = template.exchange(
"http://192.168.0.230:8080/auth/realms/master/protocol/" +
"openid-connect/token?grant_type=authoritation_code&client_id=web_service&code="+accessCode,
HttpMethod.POST,
null,
Object.class);
However, I'm given a 401 unauthorized exception. What am I doing wrong? Thanks in advanced ;-)
_______________________________________________
keycloak-user mailing list
keycloak-user@lists.jboss.org
https://lists.jboss.org/mailman/listinfo/keycloak-user