[keycloak-user] Authenticate a REST API with keycloak in express node js without using adapters

Sebastien Blanc sblanc at redhat.com
Sat Mar 4 02:16:56 EST 2017


Can you also show us your keycloak.json and show how you pass from the
frontend the token to the nodejs service ?


On Sat, Mar 4, 2017 at 8:07 AM, Saransh Kumar <skm.8896 at gmail.com> wrote:

> Hello Sebastien, Bruno
>
>
> Thanks for replying. :)
>
> Keycloak server: 2.5.1
> keycloak-connect: 2.5.3 (node js adapter)
>
> Rest API on express node js which is to be secured:-
>
> var express = require('express');var router = express.Router();var app = express();var Keycloak = require('keycloak-connect');var keycloak =new Keycloak();
>
> app.use( keycloak.middleware( {
> logout: '/logout',
> admin: '/',} ));
>
> router.get('/users',keycloak.protect(),function(req, res, next) {
>
>     res.send('Reached here');
>
> });
>
>
> The response is : Error 403 Forbidden.
>
> Note: I have also included the package.json in the root folder.
>
>
> Thanks in advance
>
>
> On Sat, Mar 4, 2017 at 4:41 AM, Bruno Oliveira <bruno at abstractj.org>
> wrote:
>
>> Last time I checked, the adapter works with bearer only. If you provide
>> the steps to reproduce, version of keycloak server, adapter version and the
>> error. That would help ;)
>>
>> On Fri, Mar 3, 2017, 8:05 PM Sebastien Blanc <sblanc at redhat.com> wrote:
>>
>>> Well the adapter works with bearer only , what is the error that you are
>>> getting ?
>>> Le ven. 3 mars 2017 à 21:26, Saransh Kumar <skm.8896 at gmail.com> a écrit
>>> :
>>>
>>> > Hii Sebastien,
>>> >
>>> > Actually, the node js kc adapter is not working with bearer auth only.
>>> > So, I need to verify the access token myself with keycloak in node js
>>> > without using node js adapter or any other adapters.
>>> > Please help me out in this  way.
>>> >
>>> > Thanks in advance.
>>> > Saransh
>>> >
>>> > On Sat, Mar 4, 2017 at 12:06 AM, Sebastien Blanc <sblanc at redhat.com>
>>> > wrote:
>>> >
>>> >
>>> >
>>> > On Fri, Mar 3, 2017 at 7:04 PM, Saransh Kumar <skm.8896 at gmail.com>
>>> wrote:
>>> >
>>> > Hello all,
>>> >
>>> > I have a REST API in express node js.
>>> > I want to secure it with keycloak bearer auth only.
>>> > So, a keycloak token would be recieved in the Authorization header of
>>> the
>>> > GET request to the REST API.
>>> > I have to verify the token with keycloak *without using any adapters.*
>>> > Please help me out in the process.
>>> >
>>> > Are you not allowed to add any extra packages ? Just lookup the source
>>> > code of the nodejs kc adapter and paste it into your app ;)
>>> >
>>> >
>>> >
>>> > Thanks in advance
>>> > Saransh
>>> > _______________________________________________
>>> > keycloak-user mailing list
>>> > keycloak-user at lists.jboss.org
>>> > https://lists.jboss.org/mailman/listinfo/keycloak-user
>>> >
>>> >
>>> >
>>> >
>>> _______________________________________________
>>> keycloak-user mailing list
>>> keycloak-user at lists.jboss.org
>>> https://lists.jboss.org/mailman/listinfo/keycloak-user
>>
>>
>


More information about the keycloak-user mailing list