[keycloak-user] OpenID Connect support

Iván Perdomo ivan at akvo.org
Mon Oct 20 11:28:08 EDT 2014


Hi again,


On Thu, 25 Sep 2014 14:53:04 +0200
Iván Perdomo <ivan at akvo.org> wrote:

> I'll do some testing using third-party libs/clients and will share my
> findings.

I'm testing a simple OIDC Android app [1] and Keycloack (1.0.1.Final)

Some minor configuration settings are required on this sample app [2]:

authorizationServerUrl = https://host/auth/name/rname/tokens/login
tokenServerUrl = https://host/auth/realms/name/tokens/access/codes
userInfoUrl = https://host/auth/realms/name/account

After making a build and test in in my mobile, I'm able to:

* get redirected to the login
* Successfully login
* get redirected to the grant options

After granting access to the application, I should get a new account on
my mobile, but I'm getting an exception: "Invalid ID token returned" [3]

The whole adb logcat log is a bit verbose, but you can see the
following:

java.io.IOException: Invalid ID token returned.
at
com.lnikkila.oidcsample.oidc.OIDCUtils.requestTokens(OIDCUtils.java:123)
(...)
com.google.api.client.auth.oauth2.TokenResponseException: 400 Bad
Request
{
"error": "invalid_grant",
"error_description": "Code not found"
}


I can discard the idea of a bug in the sample code because I managed to
successfully login using Mitre's Open ID connect Spring implementation
[4]

Any ideas how to know what's going wrong? I would love to get
Keycloak and this sample code working.

Thanks for your support.

[1] https://github.com/learning-layers/android-openid-connect-sample
[2]
https://github.com/learning-layers/android-openid-connect-sample/blob/8155f0f7c0579441c567d3e5f31355363dfb4c92/app/src/main/java/com/lnikkila/oidcsample/Config.java#L10-L12
[3]
https://gist.githubusercontent.com/iperdomo/023d166629ece47a5de2/raw/70c06ebb2a99cf28e40ad97dc6c8c8dadb501ac1/adb.log
[4] https://github.com/mitreid-connect/OpenID-Connect-Java-Spring-Server


-- 
Iván



More information about the keycloak-user mailing list