Keycloak nodeJS总是得到403 [英] Keycloak nodeJS always get 403

问题描述

我有一个运行NodeJS的应用程序，该应用程序的ID很喜欢用密钥斗篷进行保护.

I have a NodeJS application running which id like to protect with keycloak.

我已经完成了其他所有由KeyCloak(角色，作用域)保护的应用程序中的工作，而它只是不想工作.

I've done everything like in other applications which are protected with KeyCloak (Roles, Scopes) and it just does not want to work.

我的config.json:

My config.json :

{
 "realm": "<Realm>",
 "bearer-only": true,
 "auth-server-url": "https://<URL>/auth",
 "ssl-required": "external",
 "resource": "<serviceName>",
 "use-resource-role-mappings": true,
 "confidential-port": 0
}

然后我将其设置如下:

let memoryStore = new session.MemoryStore();
let keycloak = new Keycloak({ store: memoryStore });

然后在路线上:

keycloak.protect('')

我也在开始时添加了它:

i also added this at the beginning:

app.use(keycloak.middleware({
    logout: logoutUrl,
    admin: '/'
}));

使用JWT.IO仔细检查生成的承载令牌，该令牌表明它是正确的.

The bearer Token which is generated is doublechecked with JWT.IO which states that it is correct..

有帮助吗?

谢谢

推荐答案

只为那些被困在同一地点的人回答这个问题:

Just to answer this question for people who are stuck at the same point:

keycloak.protect(");是问题所在，因为它正在寻找一个名为"的角色，但显然找不到.因此它给了我403.

keycloak.protect(""); was the problem, as it searched for an role called "", but obviously it couldn't find one. Therefore it gave me an 403.

如果您希望对用户进行身份验证，但不要求他具有任何角色，请使用不带参数的keycloak.protect().

If you want the user to be authenticated, but he is not required to have any roles use keycloak.protect() with no argument.

这篇关于Keycloak nodeJS总是得到403的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！