问题
I have a NodeJS application running which id like to protect with keycloak.
I've done everything like in other applications which are protected with KeyCloak (Roles, Scopes) and it just does not want to work.
My config.json :
{
"realm": "<Realm>",
"bearer-only": true,
"auth-server-url": "https://<URL>/auth",
"ssl-required": "external",
"resource": "<serviceName>",
"use-resource-role-mappings": true,
"confidential-port": 0
}
Then i set it up like this:
let memoryStore = new session.MemoryStore();
let keycloak = new Keycloak({ store: memoryStore });
and then on a route:
keycloak.protect('')
i also added this at the beginning:
app.use(keycloak.middleware({
logout: logoutUrl,
admin: '/'
}));
The bearer Token which is generated is doublechecked with JWT.IO which states that it is correct..
Any help?
thank you
回答1:
Just to answer this question for people who are stuck at the same point:
keycloak.protect(""); was the problem, as it searched for an role called "", but obviously it couldn't find one. Therefore it gave me an 403.
If you want the user to be authenticated, but he is not required to have any roles use keycloak.protect() with no argument.
回答2:
You need to add the Keycloak middleware
app.use(keycloak.middleware({
logout: logoutUrl,
admin: '/'
}));
https://stackoverflow.com/a/53705242/3405171
来源:https://stackoverflow.com/questions/53774891/keycloak-nodejs-always-get-403