[keycloak-dev] Infinite loop problem with authenticated users browsing out of root context

Mon Sep 26 11:28:10 EDT 2016

I'm  almost sure it is looping because of the automatic boostrap, looks at
this demo app that has pretty much the some flow as your app
https://github.com/jamesfalkner/coolstore-microservice/ and particulary
this section
https://github.com/jamesfalkner/coolstore-microservice/blob/master/coolstore-ui/app/app.js#L30-L47

That could give you some ideas.

Sebi

On Mon, Sep 26, 2016 at 8:13 AM, Maurício Giacomini Penteado <
mauriciogiacomini at hotmail.com> wrote:

> Hi Sebastian
>
> I did a code very similar of photoz sample.
> On my "index.html" has the same <script> block from photoz sample but with
> onLoad: 'check-sso' on initOptions:
>
> <script>
> ...
> var initOptions = {
> onLoad: 'check-sso',
> responseMode: 'query',
> flow: 'standard'
> };
>
> keycloak.init(initOptions).success(function (authenticated) {
> output('Init Success (' + (authenticated ? 'Authenticated' : 'Not
> Authenticated') + ')');
> }).error(function () {
> output('Init Error');
> });
> </script>
> To pass keycloak instance for angular code I put on my "app.js" a provider:
>
> var app = angular.module('myApp', [])
> .provider('keycloak', function () {
> return {
> setKeycloak: function (value) {
> keycloak = value;
> },
> $get: function () {
> return keycloak;
> }
> };
> });
> Injecting keycloak on my controller I have success accessing keycloak
> methods like login or logout:
>
> app.controller('MainCtrl', ['$scope, ''keycloak', function ($scope,
> keycloak) {
> $scope.login = function () {
>             keycloak.login();
>         };
>         $scope.logout = function () {
>             keycloak.logout();
>         };
> }
> ]);
>
> Doing this way, I can call angular login and logout from $scope in
> "index.html" that I have all keycloak event logs reported like photoz
> sample:
>
> <body ng-app="myApp" ng-controller="MainCtrl">
> <div>
> <button id="btnLogin" ng-click="login()">Login</button>
> <button id="btnLogout" ng-click="logout()">Logout</button>
> </div>
> ...
>
> The behavior of my app is that I described on last email with an infinite
> loop if an authenticated user browse to www.exampledomain.com/someAppPath.
>
> I am not doing the bootstrap of angular, perhaps it can be my problem. I
> not know where is the best place to do it, I will try find.
>
> Regards,
> Maurício.
>
> ------------------------------
> *De:* Sebastien Blanc <sblanc at redhat.com>
> *Enviado:* segunda-feira, 26 de setembro de 2016 13:57
> *Para:* Maurício Giacomini Penteado
> *Cc:* keycloak-dev at lists.jboss.org
> *Assunto:* Re: [keycloak-dev] Infinite loop problem with authenticated
> users browsing out of root context
>
> Could you share some code on how you initiate keycloak and bootstrap the
> angular app ?
>
> Le lundi 26 septembre 2016, Maurício Giacomini Penteado <
> mauriciogiacomini at hotmail.com> a écrit :
>
>> Hello everybody
>>
>>
>> I have a strange error trying codify with keycloak 2.0.0, Angular 1.5.8
>> and Wildfly 10. I am programming an application that follows concepts of
>> "WYSIWYG".
>> In my application I have setted keycloak to work on model "check-sso".
>> All work perfectly if browsing is done with unauthenticated users on any
>> path from my application.
>> But strangely, authenticated users just can browse on root context from
>> my application. If any aditional path is requested with an authenticated
>> user the app starts a infinite loop.
>>
>> Example (with app running on root context "/"):
>>
>> www.exampledomain.com/  - > Works perfectly with authenticated users or
>> unauthenticated users.
>>
>> www.exampledomain.com/someAppPath
>> <http://www.exampledomain.com/someAppPath>  - > Just works with
>> unauthenticated users. With authenticated users starts a infinite loop.
>>
>>
>> If anybody has an idea to solve this problem please, let me know.
>>
>> Regards,
>> Maurício.
>>
>>
>>
>>
>>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.jboss.org/pipermail/keycloak-dev/attachments/20160926/f4d34b2e/attachment.html 