[keycloak-user] Login to keycloak from Android app

Stian Thorgersen sthorger at redhat.com
Wed Jan 13 13:22:31 EST 2016 

Sadly we've got no one on the team that are clued up on mobile development.
However, the AeroGear guys they know all about it, so take a look at
https://aerogear.org/docs/guides/security/oauth2-guide/ they have OAuth2
adapters that work with Keycloak.

On 13 January 2016 at 18:20, Aritz Maeztu <amaeztu at tesicnor.com> wrote:

> Hello everybody,
>
> I'm struggling to implement a keycloak login from my Android app. What I
> want to do is to simulate what a browser does (request a resource, be
> redirected to keycloak login page and get an access token later on). From
> what I've seen from the OAuth2 protocol, I need to firstly get the
> authorization code and later on request the access token with that code. I
> wouldn't like my Android app to be registered as a client itself, so I've
> registered my web service as public.
>
> Here I start the intent to launch the Android browser pointing to the
> keycloak authorization address (/openid-connect/auth):
>
> Intent i = new Intent(Intent.ACTION_VIEW, Uri.parse(
> "http://192.168.0.230:8080/auth/realms/master/protocol/"
> <http://192.168.0.230:8080/auth/realms/master/protocol/> +
>
> "openid-connect/auth?response_type=code&client_id=web_service&redirect_uri=android://app"));
> startActivity(i);
>
> When I enter the credentials successfully, I'm given a code in the
> redirection url, coming back to my app:
>
> Uri data = getIntent().getData();
> if (data != null) {
>     String accessCode= data.getQueryParameter("code");
>     System.out.println("Authorization code:" + accessCode);
> }
>
> The code looks like
> bC8OM0TwfbhYouM34M3RY2aZRYTywXZVAvKFABgvVRc.693363de-d6b5-4f88-b545-c6603023ee4c
>
> Then I would like to get an access token with that code! I use a Rest
> Template for that, making a POST request to the /openid-connect/token
> endpoint:
>
> ResponseEntity rssResponse = template.exchange(
>         "http://192.168.0.230:8080/auth/realms/master/protocol/"
> <http://192.168.0.230:8080/auth/realms/master/protocol/> +
>
> "openid-connect/token?grant_type=authoritation_code&client_id=web_service&code="+accessCode,
>         HttpMethod.POST,
>         null,
>         Object.class);
>
> However, I'm given a 401 unauthorized exception. What am I doing wrong?
> Thanks in advanced ;-)
>
> --
> Aritz Maeztu Otaño
> Departamento Desarrollo de Software
> <https://www.linkedin.com/profile/preview?vpa=pub&locale=es_ES>
> <http://www.tesicnor.com>
>
> Pol. Ind. Mocholi. C/Rio Elorz, Nave 13E 31110 Noain (Navarra)
> Telf.: 948 21 40 40
> Fax.: 948 21 40 41
> Antes de imprimir este e-mail piense bien si es necesario hacerlo: El
> medioambiente es cosa de todos.
>
> _______________________________________________
> keycloak-user mailing list
> keycloak-user at lists.jboss.org
> https://lists.jboss.org/mailman/listinfo/keycloak-user
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.jboss.org/pipermail/keycloak-user/attachments/20160113/01cdbb6f/attachment-0001.html

More information about the keycloak-user mailing list