4 Replies Latest reply on Apr 25, 2017 11:09 AM by jmbarone

    Errai + KeyCloak


      Hi, I need to know if the stable version 3.2.5 works with latest keycloak version, 2.5.5.


      My errai app have a page with role LoginPage that have a link (/app-login) protected with the errai filter ErraiLoginRedirectFilter and goes to keycloak, authenticate the user and it's redirected back correctly. But then if i go to the secured page appears the LoginPage again as if the app don't be secured previously.


      I do anything and then i suspect an incompatibility between errai 3.2.5 and keycloak 2.5.5.


      Any idea?


        • 1. Re: Errai + KeyCloak

          I see an error on SecurityContextImpl (on the client) after right authentication on keycloak server,




          The AccesToken class extends IDToken that already extends JsonWebToken class and this has the method getAudience ... but i see the method have the @JsonIgnore annotation.


          Maybe errai are trying to create the user assuming the token contains the field Audience ... and it's not the case.

          • 2. Re: Errai + KeyCloak

            Well, after some time without work on this problem, i find that the problem exists in class KeyAuthenticationService.


            When try to create the keycloak user, on the method getKeycloakUserProperties, the property audience it's String[] but doesn't exits a constructor String, String[] on the inner class KeycloakProperty and it fails.


            The solution it's very simple ... add a constructor String, String[] on these inner class.


            These can be fixed on the stable release and on the new version 4?



            • 3. Re: Errai + KeyCloak

              Hi Jose,


              Thanks for looking into what the issue was. Could you please open a JIRA issue?



              • 4. Re: Errai + KeyCloak

                Ok Max, i opened https://issues.jboss.org/browse/ERRAI-1037 ... i hope i do it well :-)


                FYI i take the sources and then add a maven module with a "patch" on my project, (i delete the dependency with the "real" security-keycloak module and added to my "patch" module) and works like a charm.


                I simply add the (String, String[]) constructor on KeyAuthenticationService.KeycloakProperty taking the String[0] as implementation ... dirty ... but now i have keycloak security working.