OAuth 2.0 flow using Keycloak with a back-end and front-end?
I'm working on a project that consists of:
- A back-end in Java (JEE project deployed on Wildfly)
- Front-end developed in Angular
- Keycloak for authorization and authentication
What I need to do is:
- Access my Angular app, which communicates with my backend calling its APIs(e.g GET, POST, PUT, DELETE)
- Go to the Login Page, authentication is done by Keycloak, so I get directed to Keycloak login page.
- Login is successfull ----> I get redirected to my Angular landing page, now I can navigate my Angular app.
The frontend is talking with the backend via RESTful APIs, and I need to use OAuth2.0/OPENID standard flow, which means I'm gonna first get the auth code and the the access token/refresh token to stay connected.
My backend is already configurated with Keycloak through the Wildfly adapter given on Keycloak official site, and through web.xml and keycloak.json both in WEB-INF folder.
So known that I'm able to get the auth code via the Valid Redirect URIs given by Keycloak, how can I configure my whole project to get the 3 points written above? Do I need two clients on my Realm in Keycloak?
Can someone please explain me how I can I setup the whole flow using Keycloak?
Thanks a lot!
do you know?
how many words do you know
See also questions close to this topic
-
How to get only one question to the preview page in survey management website in angular?
I am using querystring to h=get the questions on preview page but I am not able to get one question on 1st page and 2nd on another page after clicking next button.
Querystring
const queryString = { SurveyId: 1, PageNo: 0, PageSize: 20 }; -
@Host() or ng-container incompatibility between angular 9 and 10
Here are two live examples on stackblitz:
To check the difference between them, open console and notice that:
In form-error-control-name.directive.ts line 22:
For angular 9, this.parent.control is not null For angular 10, this.parent.control will throw error
What is the difference? I checked angular 10 update doc but don't know which incompatibility this is.
Thanks!
-
How can I delete a row by its SKU instead of its ID?
I try to delete the row using the sku of the product. I'm using spring boot and angular. I got an error when I added the sku on my button like this one
(click)="onDeleteProductBySku(deleteClick?.sku)"it said that theProperty 'sku' does not exist on type '(product: Product) => void'.. On my command prompt, I got this error. How can I solve this problem?Error: product/product.component.html:50:109 - error TS2339: Property 'sku' does not exist on type '(product: Product) => void'. 50 <button class="btn btn-outline-danger btn-sm me-2" (click)="onDeleteProductBySku(deleteClick?.sku)">Delete</button> product/product.component.ts:12:16 12 templateUrl: './product.component.html', ~~~~~~~~~~~~~~~~~~~~~~~~~~ Error occurs in the template of component ProductComponent.ProductsController.java --> This is working on the postman.
//Delete a product record using sku //http://localhost:8080/products/deletebysku?sku=12345678 @DeleteMapping("/products/deletebysku") @ResponseBody private void deleteProductBySku(@RequestParam String sku){ productsService.deleteProductBySku(sku); }product.component.ts
public deleteProduct!: Product; public onDeleteProductBySku(sku: string): void { this.productServive.deleteProductBySku(sku).subscribe( (response: void) => { this.messageShow(); console.log(response); this.getAllProduct(); }, (error: HttpErrorResponse) => { this.errorMessage(error.message); } ); } public deleteClick(product: Product) { this.deleteProduct = product; console.log("delete by sku"); }product.service.ts
public deleteProductBySku(sku: string): Observable<void> { return this.http.delete<void>(`${this.apiServerUrl}/products/deletebysku?sku=${sku}`); }product.component.html
<button class="btn btn-outline-danger btn-sm me-2" (click)="onDeleteProductBySku(deleteClick?.sku)">Delete</button> -
DELETE operation javascript fetch() with REST API firebase
I use the following API request in order to delete all texts (so called cps) of one section (one section contains many cps)
await fetch(`https://12345-default-rtdb.europe- west1.firebasedatabase.app/cps/${userId}.json?section_id=${mysection}`,{method:'DELETE', // });userId is correct, mysections is the current sectionId, section_id is the key of the sectionId in the JSON document. (eg: -N09gWdyQlV7OsPpEx7t or -N09g_HjbcFCQFBiIX0A see below) In this example all cps of all sections are being deleted. So the conditional query does not work.
What is going wrong here? Thanks!
The tree within firestore looks like this:
cps -> user1 -> -N09gWdyQlV7OsPpEx7t
cps -> user1 -> -N09g_HjbcFCQFBiIX0A
....
-
REST client API data types with laravel
What form of data should I choose as input for a rest api with laravel? form-data, raw, urlencoded or others?
-
APP_NAME wants additional access to your Google account
What is throwing me off here is the keyword additional. Users are seeing this screen every time they sign in with Google. Shouldn't they only see it once (the first time)?
I'm using the Google 3P Authorization JavaScript Library for websites.
I followed this documentation in my implementation.
It just seems weird to me that the screen says "additional access" but then doesn't list any additional permission requests.
Anyone have any idea what could be causing this? Or is this the expected behavior?
-
How to use Google OAuth2.0 without out-of-band (OOB)
I have created new OAuth 2.0 Client IDs (application type = Desktop app). Then downloaded the OAuth client JSON file. Put the file into the folder where my code is looking. When I run the code locally on my PC it`s try to open following URL:
https://accounts.google.com/o/oauth2/auth?client_id={my_client_id}&redirect_uri=http%3A%2F%2Flocalhost%3A8080%2F&scope={my_scope}&access_type=offline&response_type=codeand that is what I expect. Since the downloaded OAuth client has the parameter "redirect_uris":["http://localhost"]. So I expected the same thing when I ran this same code on the ubuntu server, but nope. The URL it proposes me visit is
https://accounts.google.com/o/oauth2/auth?client_id={my_client_id}&redirect_uri=urn%3Aietf%3Awg%3Aoauth%3A2.0%3Aoob&scope={my_scope}&access_type=offline&response_type=codeAnd here is the problem, I don't understand what I have to do to make my server pass this authorization. I already tried to manually change this parameter of redirect_uris before visiting the destination to the same one I had on my local computer - to http%3A%2F%2Flocalhost%3A8080%2F, but I got this error in the browser:
Who can help me? What should I do?
-
JSP Form submit never reaches servlet/controller
I am creating a website in which i need to use request Object to achieve crud functionality against a database using MVC pattern. Website is hosted locally with WildFly 26.0.1. However, every time i click a submit button on the website i only get "not found" on a new page. I have a few .jsp pages and a servlet + a bunch of backend code. The following is my form in employee.jsp:
<form action=Controller method="get"> Employee ID :<br> <input type="text" name="empId" id="empId"> <br> First name :<br> <input type="text" name="fName" id="fName"> <br> Last name :<br> <input type="text" name="lName" id="lName"> <br> Salary :<br> <input type="text" name="salary" id="salary"> <br> Store ID :<br> <input type="text" name="storeId" id="storeID"> <br><br> <input type="submit" value="Find" class="button black padding-large large margin-top"> <input type="submit" value="Create" class="button black padding-large large margin-top"> <input type="submit" value="Update" class="button black padding-large large margin-top"> <input type="submit" value="Delete" class="button black padding-large large margin-top"> </form>and this is a snippet of the servlet code in Controller.java:
@WebServlet("/Controller") public class Controller extends HttpServlet { private static final long serialVersionUID = 1L; @EJB FacadeLocal facade; protected void doGet (HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException { System.out.println("reached doGet"); String method = request.getParameter("submit"); System.out.print(method); if(method.equals("Create")) { createEmp(request, response); } private void createEmp(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException { System.out.print("create emp called"); String empId = request.getParameter("empId"); String fName = request.getParameter("fName"); String lName = request.getParameter("lName"); int salary = Integer.parseInt(request.getParameter("salary")); String storeId = request.getParameter("storeId"); Employee e = new Employee(empId, fName, lName, salary, storeId); facade.createEmp(e);I believe all my backend code should work, it's just that for some reason, the doGet is never called and thus my createEmp and facade functions don't do anything. I've experimented with different variations of calling a doPost/super/init first but to no avail.
My web.xml looks like this:
<?xml version="1.0" encoding="UTF-8"?> <web-app xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns="http://xmlns.jcp.org/xml/ns/javaee" xsi:schemaLocation="http://xmlns.jcp.org/xml/ns/javaee http://xmlns.jcp.org/xml/ns/javaee/web-app_4_0.xsd" id="WebApp_ID" version="4.0"> <display-name>MyWebProject</display-name> <welcome-file-list> <welcome-file>index.html</welcome-file> <welcome-file>index.jsp</welcome-file> <welcome-file>index.htm</welcome-file> <welcome-file>default.html</welcome-file> <welcome-file>default.jsp</welcome-file> <welcome-file>default.htm</welcome-file> </welcome-file-list> <servlet> <servlet-name>Controller</servlet-name> <jsp-file>/home.jsp</jsp-file> </servlet> <servlet-mapping> <servlet-name>Controller</servlet-name> <url-pattern>/src.main.webapp.*.jsp</url-pattern> </servlet-mapping> </web-app>What can I do to try and solve this?
-
Jboss wildfly is using default docker default address instead of server address when doing soap requests
I'm using Jboss wildfly to serve a soap service. I have deployed it to the server using docker. When providing a URL for the WSDL my server address of 10.1.20.31, the server works fine. But when trying to test the SOAP endpoint with SOAP UI the address I'm getting is http://172.17.0.2 (after importing the wsdl) which is the default docker IP and makes the SOAP endpoint unusable. I've tried creating a network with the docker network command, I've tried providing the in the standalone.xml but with no success.
-
KeyCloak Mixed Configuration Issue with AWS ECS and ALB
I am struggeling with a "smalL" problem during my ECS configuration.
I have the following Infrastructure
ECS Fargate (Serverless)
- Service which deploys 2 container (Application and KeyCloak)
- ALB with SSL enabled.
When I open keyclauk.domain.de I am able to access keycloak. (I have attached an AWS Cert) When I try to access keycloak internally from application container to keycloak container I get an Error Message (Mixed Content: The page at 'url' was loaded over HTTPS, but requested an insecure resource 'url/auth'. This request has been blocked; the content must be served over HTTPS.)
I already configured Service Discovery and trying to communicate through this own dns zone task.service which seems to work but still get this issue.
Does anyone similar problems or advices?
Thanks!
-
asking Keycloak if authenticated
How can I ask Keycloak if I am authenticated in the current session? I cannot find anything about that in the REST-API.
I think I need this to share authentications between Cypress tests (so one login for all tests does suffice) as described here. Sample code:
validate() { cy.request('/api/user').its('status').should('eq', 200) },