[keycloak-dev] The best place to get the Request Party Token

Pedro Igor Silva psilva at redhat.com
Wed Feb 1 08:55:29 EST 2017 

Hi Mauricio,

Can you please send your question to keycloak-user mailing list ? I can
help you from there.

Regards.
Pedro Igor

On Tue, Jan 31, 2017 at 10:27 AM, Maurício Giacomini Penteado <
mauriciogiacomini at hotmail.com> wrote:

> Please, I am trying use policy enforcer on my project but I am not having
> successful.
>
> My app are loging correctly by the two codes:
>
> code 1)
> var initOptions = {
>      onLoad: 'check-sso',
>      responseMode: 'query',
>      flow: 'standard'
> };
> keycloak.init(initOptions).success(function (authenticated) { ... ... ...
> }
>
> ... and by an angular interceptor:
>
> code 2)
> factory('authInterceptor', ['$q', 'keycloak', function ($q, keycloak) {
>                 return {
>                     request: function (config) {
>                         var deferred = $q.defer();
>                         keycloak.updateToken(30).success(function () {
>                             config.headers = config.headers || {};
>                             config.headers.Authorization = 'Bearer ' +
> keycloak.token;
>                             deferred.resolve(config);
>                         }).error(function () {
>                             deferred.reject('Failed to refresh token');
>                         });
>                         return deferred.promise;
>                     }
>                 };
>             }])
>
> But, if I enable policy enforcer my service calls are unauthorazed.
>
> It seems to me the best option to use the policy enforcer, in the exact
> moment that I receive the access token I must change this by an rpt token
> and from this point forward all my protected service calls will have access
> to my rpt token.
>
> I have no difficulty using the keycloak-authz.js library to get the rpt
> token. However, to get this process up and running, I must send a protected
> resource call and intercept the "WWW-Authenticate" header. I do not see how
> I can get the rpt token with the codes listed above and If I try to force
> the rtp token as an authorization header my interceptor it runs and changes
> the header for my access to the token again.
>
> There is a way to get the rpt token where I am trying or do I have any
> misconceptions it can not be done in this place?
>
> I will be very grateful if anyone can help me.
>
> Kind regards,
> Maurício Penteado.
>
> _______________________________________________
> keycloak-dev mailing list
> keycloak-dev at lists.jboss.org
> https://lists.jboss.org/mailman/listinfo/keycloak-dev
>

More information about the keycloak-dev mailing list