[keycloak-user] nodejs kc adapter: Grant validation failed. Reason: invalid token (expired)
Виталий Ищенко
betalb at gmail.com
Fri Sep 22 08:57:42 EDT 2017
Hi
I think your issue is related to CORS, check email with subject "Resolution
for 99% of CORS's problems" in this list
On Fri, Sep 22, 2017 at 3:51 PM Mehdi Sheikhalishahi <
mehdi.alishahi at gmail.com> wrote:
> Hi
>
> I have implemened an specific authorization policy by nodejs kc adapter to
> control access to a service.
>
> I get 302 http status code (that gets redirected to keycloak for security
> check), but it fails due to keycloak authorization/authentication check
> with keycloak. I have extended the lifespan of tokens, but no success.
>
> Here is browser console.
>
> XMLHttpRequest cannot load
>
> http://aam.testest.io/auth/realms/watersense/protocol/openid-connect/auth?cl
> …ated%2CservicePath%2C*%26auth_callback%3D1&scope=openid&response_type=code.
> Response to preflight request doesn't pass access control check: No
> 'Access-Control-Allow-Origin' header is present on the requested resource.
> Origin 'http://localhost:3000' is therefore not allowed access.
> login-status-iframe.html:53 XHR finished loading: GET "
>
> http://aam.testest.io/auth/realms/watersense/protocol/openid-connect/login-s
>
> …-iframe.html/init?client_id=dashboard&origin=http%3A%2F%2Flocalhost%3A3000".
>
>
> ------Nodejs console------------
> Validate grant failed
> Grant validation failed. Reason: invalid token (expired)
>
> -----------Code-------------
> const keycloak = new Keycloak("../keycloak.json");
>
> function servicePathProtection(accessLevel, getServicePath) {
> return keycloak.protect((token, req) => {
> const permissions = extractPermissions(req);
> const servicePath = getServicePath(req).toUpperCase();
> _______________________________________________
> keycloak-user mailing list
> keycloak-user at lists.jboss.org
> https://lists.jboss.org/mailman/listinfo/keycloak-user
More information about the keycloak-user
mailing list