We read every piece of feedback, and take your input very seriously.
To see all available qualifiers, see our documentation.
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Hello Team,
Recently I have installed Apicurio Studio using helm chart https://github.com/Apicurio/apicurio-studio/tree/master/distro/helm Now, Apicurio Studio is installed successfuly but when I am trying to access the URL of apicurio studio it is redirecting to below URL
https://keyclock.xx.xx.net/auth/realms/apicurio/protocol/openid-connect/auth?response_type=code&client_id=apicurio-studio&redirect_uri=http%3A%2F%2F.xx.xx.net%2F&state=0a7ccfad-b813-4333-82fc-b415ba92f57d&login=true&scope=openid
If you notice in above URL it is getting redirected to http instead of https due to which we are getting following exception
2022-06-01 10:54:14,038 ERROR [org.keycloak.adapters.OAuthRequestAuthenticator] (default task-1) failed to turn code into token 2022-06-01 10:54:14,039 ERROR [org.keycloak.adapters.OAuthRequestAuthenticator] (default task-1) status from server: 400 2022-06-01 10:54:14,040 ERROR [org.keycloak.adapters.OAuthRequestAuthenticator] (default task-1) {"error":"invalid_grant","error_description":"Incorrect redirect_uri"
Now, we are using keycloak version 14.0.0 which is different from what is suggested in document https://apicurio-studio.readme.io/docs/setting-up-keycloak-for-use-with-apicurio Can this be a problem.
Not sure if this is configuration issue in realm. I have used the exact realm mentioned in the above doc.
Extra Info The above keycloak version is installed as part of microcks setup we have followed following helm chart for same and this works alright https://artifacthub.io/packages/helm/microcks/microcks
So, definately this is not the case as mentioned in https://stackoverflow.com/questions/32084604/why-is-keycloak-removing-the-ssl-in-the-redirect-uri Even I have tried configuring above on keycloak env variable ! But no luck.
Any help over here will be great.
cc: @EricWittmann
The text was updated successfully, but these errors were encountered:
I got this fixed. Solution for same is I have created virtual-service and added following
headers: request: set: x-forwarded-port: "443" x-forwarded-proto: https
Complete VirtualService.yaml for same.
kind: VirtualService apiVersion: networking.istio.io/v1alpha3 metadata: name: apicurio-studio-ui spec: hosts: # which incoming host are we applying the proxy rules to??? - "apicurio.preprod01.**" gateways: - apicurio-gateway http: - route: - destination: host: apicurio-studio-ui subset: original headers: request: set: x-forwarded-port: "443" x-forwarded-proto: https --- kind: DestinationRule apiVersion: networking.istio.io/v1alpha3 metadata: name: apicurio-studio-ui spec: host: apicurio-studio-ui subsets: - labels: module: apicurio-studio-ui name: original
Sorry, something went wrong.
Thank you for the initial report and then the self-fix for this issue, @anshulgargamway !
No branches or pull requests
Hello Team,
Recently I have installed Apicurio Studio using helm chart https://github.com/Apicurio/apicurio-studio/tree/master/distro/helm
Now, Apicurio Studio is installed successfuly but when I am trying to access the URL of apicurio studio it is redirecting to below URL
https://keyclock.xx.xx.net/auth/realms/apicurio/protocol/openid-connect/auth?response_type=code&client_id=apicurio-studio&redirect_uri=http%3A%2F%2F.xx.xx.net%2F&state=0a7ccfad-b813-4333-82fc-b415ba92f57d&login=true&scope=openid
If you notice in above URL it is getting redirected to http instead of https due to which we are getting following exception
2022-06-01 10:54:14,038 ERROR [org.keycloak.adapters.OAuthRequestAuthenticator] (default task-1) failed to turn code into token 2022-06-01 10:54:14,039 ERROR [org.keycloak.adapters.OAuthRequestAuthenticator] (default task-1) status from server: 400 2022-06-01 10:54:14,040 ERROR [org.keycloak.adapters.OAuthRequestAuthenticator] (default task-1) {"error":"invalid_grant","error_description":"Incorrect redirect_uri"
Now, we are using keycloak version 14.0.0 which is different from what is suggested in document https://apicurio-studio.readme.io/docs/setting-up-keycloak-for-use-with-apicurio
Can this be a problem.
Not sure if this is configuration issue in realm. I have used the exact realm mentioned in the above doc.
Extra Info
The above keycloak version is installed as part of microcks setup we have followed following helm chart for same and this works alright https://artifacthub.io/packages/helm/microcks/microcks
So, definately this is not the case as mentioned in https://stackoverflow.com/questions/32084604/why-is-keycloak-removing-the-ssl-in-the-redirect-uri
Even I have tried configuring above on keycloak env variable ! But no luck.
Any help over here will be great.
cc: @EricWittmann
The text was updated successfully, but these errors were encountered: