[keycloak-dev] The best place to get the Request Party Token
Maurício Giacomini Penteado
mauriciogiacomini at hotmail.com
Tue Jan 31 07:27:50 EST 2017
Please, I am trying use policy enforcer on my project but I am not having successful.
My app are loging correctly by the two codes:
code 1)
var initOptions = {
onLoad: 'check-sso',
responseMode: 'query',
flow: 'standard'
};
keycloak.init(initOptions).success(function (authenticated) { ... ... ... }
... and by an angular interceptor:
code 2)
factory('authInterceptor', ['$q', 'keycloak', function ($q, keycloak) {
return {
request: function (config) {
var deferred = $q.defer();
keycloak.updateToken(30).success(function () {
config.headers = config.headers || {};
config.headers.Authorization = 'Bearer ' + keycloak.token;
deferred.resolve(config);
}).error(function () {
deferred.reject('Failed to refresh token');
});
return deferred.promise;
}
};
}])
But, if I enable policy enforcer my service calls are unauthorazed.
It seems to me the best option to use the policy enforcer, in the exact moment that I receive the access token I must change this by an rpt token and from this point forward all my protected service calls will have access to my rpt token.
I have no difficulty using the keycloak-authz.js library to get the rpt token. However, to get this process up and running, I must send a protected resource call and intercept the "WWW-Authenticate" header. I do not see how I can get the rpt token with the codes listed above and If I try to force the rtp token as an authorization header my interceptor it runs and changes the header for my access to the token again.
There is a way to get the rpt token where I am trying or do I have any misconceptions it can not be done in this place?
I will be very grateful if anyone can help me.
Kind regards,
Maurício Penteado.
More information about the keycloak-dev
mailing list