Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

LogoutAllSessions : 403 Forbidden: unknown_error #347

Open
ksingh7 opened this issue Mar 29, 2022 · 1 comment
Open

LogoutAllSessions : 403 Forbidden: unknown_error #347

ksingh7 opened this issue Mar 29, 2022 · 1 comment
Labels
bug Something isn't working

Comments

@ksingh7
Copy link

ksingh7 commented Mar 29, 2022

Describe the bug
I am trying to use LogoutAllSessions method to logout. I am sure that i am passing the right parameter values , however i am getting 403 Forbidden unknown_error

To Reproduce
Steps to reproduce the behavior:

func keycloakClientLogoutAllSessions(accessToken string) error {

	keycloakClient := gocloak.NewClient(kCreds.hostname)
	restyClient := keycloakClient.RestyClient()
	restyClient.SetDebug(false)

	kCTX := context.Background()

	// Get userID
	userID, err := keycloakClient.GetUserInfo(
		kCTX, accessToken, kCreds.realm,
	)

	fmt.Println("AccessToken: ", accessToken)
	fmt.Println("Realm : ", kCreds.realm)
	fmt.Println("userID: ", *userID.Sub)
	fmt.Printf("%T", *userID.Sub)

	if err != nil {
		log.Error().Msgf("%v", "Error getting User ID", err)
		return err
	}

	err = keycloakClient.LogoutAllSessions(
		kCTX, accessToken, kCreds.realm, "67e55620-72fd-4963-a8a6-021d6376ad34",
	)

	if err != nil {
		log.Error().Msgf("%v", "keycloakClient.LogoutAllSessions() Error unable to logout client", err)
		return err
	}

	return nil

}

Expected behavior
LogoutAllSession should able to logout the user using the provided access token

Screenshots
image

Desktop (please complete the following information):

  • OS: [e.g. iOS] MacOS
  • Browser [e.g. chrome, safari] Chrome

Additional context
Add any other context about the problem here.
@ksingh7
Copy link
Author

ksingh7 commented Mar 29, 2022

FWIW , i tried to implement revoke token of my own and it works

func keycloakClientTokenRevoke(accessToken string) error {

	client := &http.Client{
		Timeout: time.Second * 10,
	}

	endpoint := kCreds.hostname + "auth/realms/" + kCreds.realm + "/protocol/openid-connect/revoke"

	data := url.Values{}
	data.Set("client_id", kCreds.clientId)
	data.Set("client_secret", kCreds.clientSecret)
	data.Set("token", accessToken)
	encodedData := data.Encode()
	fmt.Println(encodedData)

	req, err := http.NewRequest("POST", endpoint, strings.NewReader(encodedData))
	if err != nil {
		log.Error().Msgf("%v", "Error creating request", err)
		return err
	}
	req.Header.Add("Content-Type", "application/x-www-form-urlencoded")
	req.Header.Add("Content-Length", strconv.Itoa(len(data.Encode())))

	response, err := client.Do(req)

	if err != nil {
		log.Error().Msgf("%v", "Error sending request", err)
		return err
	}
	defer response.Body.Close()
	return nil
}

@Nerzal Nerzal added the bug Something isn't working label Apr 7, 2022
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
bug Something isn't working
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@Nerzal @ksingh7