[keycloak-user] Social login error message

Martin Min lingvisa at gmail.com
Mon Feb 1 16:05:47 EST 2016 

I restarted my keycloak server and my application,and clicked "Twitter" to
log in, and I received a different error message. When it redirects to my
log in page from twitter, I got a single "Forbidden" message on the login
page. It looks like the authentication through the identity broker is
right, but somehow the login page is now not allowed to be accessed from my
client (browser). I tried github and got the same problem.

What may cause this? Thank you.

On Mon, Feb 1, 2016 at 12:43 PM, Martin Min <lingvisa at gmail.com> wrote:

> Hi, Marek and all:
>
> I received this message for Google and github now. I followed the
> instruction in the doc and created the identity broker:
>
> 12:40:39,607 WARN  [org.keycloak.events] (default task-63)
> type=IDENTITY_PROVIDER_LOGIN_ERROR, realmId=bword, clientId=null,
> userId=null, ipAddress=127.0.0.1,
> error=couldNotSendAuthenticationRequestMessage, identity_provider=github
> 12:40:39,608 ERROR [org.keycloak.services.resources.IdentityBrokerService]
> (default task-63) couldNotSendAuthenticationRequestMessage:
> org.keycloak.broker.provider.IdentityBrokerException: Invalid code, please
> login again through your client.
>
>  at
> org.keycloak.services.resources.IdentityBrokerService.parseClientSessionCode(IdentityBrokerService.java:551)
>         at
> org.keycloak.services.resources.IdentityBrokerService.performLogin(IdentityBrokerService.java:149)
>         at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
>         at
> sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
>         at
> sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
>         at java.lang.reflect.Method.invoke(Method.java:483)
>         at
> org.jboss.resteasy.core.MethodInjectorImpl.invoke(MethodInjectorImpl.java:137)
>         at
> org.jboss.resteasy.core.ResourceMethodInvoker.invokeOnTarget(ResourceMethodInvoker.java:296)
>         at
> org.jboss.resteasy.core.ResourceMethodInvoker.invoke(ResourceMethodInvoker.java:250)
>         at
> org.jboss.resteasy.core.ResourceLocatorInvoker.invokeOnTargetObject(ResourceLocatorInvoker.java:140)
>         at
> org.jboss.resteasy.core.ResourceLocatorInvoker.invoke(ResourceLocatorInvoker.java:103)
>         at
> org.jboss.resteasy.core.SynchronousDispatcher.invoke(SynchronousDispatcher.java:356)
>         at
> org.jboss.resteasy.core.SynchronousDispatcher.invoke(SynchronousDispatcher.java:179)
>         at
> org.jboss.resteasy.plugins.server.servlet.ServletContainerDispatcher.service(ServletContainerDispatcher.java:220)
>         at
> org.jboss.resteasy.plugins.server.servlet.HttpServletDispatcher.service(HttpServletDispatcher.java:56)
>         at
> org.jboss.resteasy.plugins.server.servlet.HttpServletDispatcher.service(HttpServletDispatcher.java:51)
>         at javax.servlet.http.HttpServlet.service(HttpServlet.java:790)
>         at
> io.undertow.servlet.handlers.ServletHandler.handleRequest(ServletHandler.java:86)
>         at
> io.undertow.servlet.handlers.FilterHandler$FilterChainImpl.doFilter(FilterHandler.java:130)
>         at
> org.keycloak.services.filters.KeycloakSessionServletFilter.doFilter(KeycloakSessionServletFilter.java:61)
>         at
> io.undertow.servlet.core.ManagedFilter.doFilter(ManagedFilter.java:60)
>         at
> io.undertow.servlet.handlers.FilterHandler$FilterChainImpl.doFilter(FilterHandler.java:132)
>         at
> io.undertow.servlet.handlers.FilterHandler.handleRequest(FilterHandler.java:85)
>         at
> io.undertow.servlet.handlers.security.ServletSecurityRoleHandler.handleRequest(ServletSecurityRoleHandler.java:62)
>         at
> io.undertow.servlet.handlers.ServletDispatchingHandler.handleRequest(ServletDispatchingHandler.java:36)
>         at
> org.wildfly.extension.undertow.security.SecurityContextAssociationHandler.handleRequest(SecurityContextAssociationHandler.java:78)
>         at
> io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43)
>         at
> io.undertow.servlet.handlers.security.SSLInformationAssociationHandler.handleRequest(SSLInformationAssociationHandler.java:131)
>         at
> io.undertow.servlet.handlers.security.ServletAuthenticationCallHandler.handleRequest(ServletAuthenticationCallHandler.java:57)
>         at
> io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43)
>         at
> io.undertow.security.handlers.AbstractConfidentialityHandler.handleRequest(AbstractConfidentialityHandler.java:46)
>         at
> io.undertow.servlet.handlers.security.ServletConfidentialityConstraintHandler.handleRequest(ServletConfidentialityConstraintHandler.java:64)
>         at
> io.undertow.security.handlers.AuthenticationMechanismsHandler.handleRequest(AuthenticationMechanismsHandler.java:58)
>         at
> io.undertow.servlet.handlers.security.CachedAuthenticatedSessionHandler.handleRequest(CachedAuthenticatedSessionHandler.java:72)
>         at
> io.undertow.security.handlers.NotificationReceiverHandler.handleRequest(NotificationReceiverHandler.java:50)
>         at
> io.undertow.security.handlers.SecurityInitialHandler.handleRequest(SecurityInitialHandler.java:76)
>         at
> io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43)
>         at
> org.wildfly.extension.undertow.security.jacc.JACCContextIdHandler.handleRequest(JACCContextIdHandler.java:61)
>         at
> io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43)
>         at
> io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43)
>         at
> io.undertow.servlet.handlers.ServletInitialHandler.handleFirstRequest(ServletInitialHandler.java:282)
>         at
> io.undertow.servlet.handlers.ServletInitialHandler.dispatchRequest(ServletInitialHandler.java:261)
>         at
> io.undertow.servlet.handlers.ServletInitialHandler.access$000(ServletInitialHandler.java:80)
>         at
> io.undertow.servlet.handlers.ServletInitialHandler$1.handleRequest(ServletInitialHandler.java:172)
>         at
> io.undertow.server.Connectors.executeRootHandler(Connectors.java:199)
>         at
> io.undertow.server.HttpServerExchange$1.run(HttpServerExchange.java:774)
>         at
> java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1142)
>         at
> java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:617)
>         at java.lang.Thread.run(Thread.java:744)
>
> Thank you.
>
> On Mon, Feb 1, 2016 at 12:00 AM, Marek Posolda <mposolda at redhat.com>
> wrote:
>
>> I suggest to upgrade to 1.8 where this is fixed. Or you can workaround in
>> 1.7 by edit file
>> $KEYCLOAK_HOME/modules/system/layers/base/org/keycloak/keycloak-login-freemarker/main/module.xml
>> and add the line:
>>
>> <module name="org.keycloak.keycloak-broker-core"/>
>>
>> into dependencies section. Same for module
>> $KEYCLOAK_HOME/modules/system/layers/base/org/keycloak/keycloak-email-freemarker/main/module.xml
>>
>> Marek
>>
>>
>> On 29/01/16 23:49, Martin Min wrote:
>>
>> Hello, I am configuring the social login with google, twitter and github.
>> Everything else works fine until this point, namely, after it's authorized,
>> at the "update account information" page, after I fill out the fields on
>> this page, clicked the "submitted" and I received this error message.
>>
>> What could cause this? I followed the instruction carefully, but not sure
>> what caused this.
>>
>> Context Path:
>> /auth
>>
>> Servlet Path:
>>
>> Path Info:
>> /realms/myproject/login-actions/first-broker-login
>>
>> Query String:
>>
>> code=Rp6yjxlbY0_IIjk8_-IpyOy_x8m_hC0d8zz4t-hp7vI.9ea99589-bf8d-4a13-930a-c58661dfb925
>>
>> *Stack Trace*
>> java.lang.RuntimeException: request path:
>> /auth/realms/myproject/login-actions/first-broker-login
>>
>> org.keycloak.services.filters.KeycloakSessionServletFilter.doFilter(KeycloakSessionServletFilter.java:75)
>> io.undertow.servlet.core.ManagedFilter.doFilter(ManagedFilter.java:60)
>>
>> io.undertow.servlet.handlers.FilterHandler$FilterChainImpl.doFilter(FilterHandler.java:132)
>>
>> io.undertow.servlet.handlers.FilterHandler.handleRequest(FilterHandler.java:85)
>>
>> io.undertow.servlet.handlers.security.ServletSecurityRoleHandler.handleRequest(ServletSecurityRoleHandler.java:62)
>>
>> io.undertow.servlet.handlers.ServletDispatchingHandler.handleRequest(ServletDispatchingHandler.java:36)
>>
>> org.wildfly.extension.undertow.security.SecurityContextAssociationHandler.handleRequest(SecurityContextAssociationHandler.java:78)
>>
>> io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43)
>>
>> io.undertow.servlet.handlers.security.SSLInformationAssociationHandler.handleRequest(SSLInformationAssociationHandler.java:131)
>>
>> io.undertow.servlet.handlers.security.ServletAuthenticationCallHandler.handleRequest(ServletAuthenticationCallHandler.java:57)
>>
>> io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43)
>>
>> io.undertow.security.handlers.AbstractConfidentialityHandler.handleRequest(AbstractConfidentialityHandler.java:46)
>>
>> io.undertow.servlet.handlers.security.ServletConfidentialityConstraintHandler.handleRequest(ServletConfidentialityConstraintHandler.java:64)
>>
>> io.undertow.security.handlers.AuthenticationMechanismsHandler.handleRequest(AuthenticationMechanismsHandler.java:58)
>>
>> io.undertow.servlet.handlers.security.CachedAuthenticatedSessionHandler.handleRequest(CachedAuthenticatedSessionHandler.java:72)
>>
>> io.undertow.security.handlers.NotificationReceiverHandler.handleRequest(NotificationReceiverHandler.java:50)
>>
>> io.undertow.security.handlers.SecurityInitialHandler.handleRequest(SecurityInitialHandler.java:76)
>>
>> io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43)
>>
>> org.wildfly.extension.undertow.security.jacc.JACCContextIdHandler.handleRequest(JACCContextIdHandler.java:61)
>>
>> io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43)
>>
>> io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43)
>>
>> io.undertow.servlet.handlers.ServletInitialHandler.handleFirstRequest(ServletInitialHandler.java:282)
>>
>> io.undertow.servlet.handlers.ServletInitialHandler.dispatchRequest(ServletInitialHandler.java:261)
>>
>> io.undertow.servlet.handlers.ServletInitialHandler.access$000(ServletInitialHandler.java:80)
>>
>> io.undertow.servlet.handlers.ServletInitialHandler$1.handleRequest(ServletInitialHandler.java:172)
>> io.undertow.server.Connectors.executeRootHandler(Connectors.java:199)
>> io.undertow.server.HttpServerExchange$1.run(HttpServerExchange.java:774)
>>
>> java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1142)
>>
>> java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:617)
>> java.lang.Thread.run(Thread.java:745)
>>
>> Caused by: org.jboss.resteasy.spi.UnhandledException:
>> java.lang.NoClassDefFoundError:
>> org/keycloak/broker/provider/BrokeredIdentityContext
>>
>>
>>
>>
>>
>>
>>
>>
>>
>>
>>
>>
>>
>>
>> _______________________________________________
>> keycloak-user mailing listkeycloak-user at lists.jboss.orghttps://lists.jboss.org/mailman/listinfo/keycloak-user
>>
>>
>>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.jboss.org/pipermail/keycloak-user/attachments/20160201/5243f595/attachment.html

More information about the keycloak-user mailing list