Quickstarts for action-token-authenticator / action-token-required-action not working #369
Comments
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
{{ message }}
Describe the bug
I added your quickstart solutions for action-tokens into our keycloak. After customizing the authentication flow / adding the required action to the user I was redirected to the expected page. But returning back into the authentication process always fails with the following warning:
2022-11-25 15:01:37,310 WARN [org.keycloak.events] (executor-thread-7) type=EXECUTE_ACTION_TOKEN_ERROR, realmId=Custom, clientId=null, userId=c7dbafb0-3cb7-4eea-9f63-7d6735181030, ipAddress=127.0.0.1, error=invalid_code, reason= 'Invalid action token operation', token_id=1758bf15-b194-47c0-b0f5-f37b1311aa50, action=external-app-notification, authSessionParentId=cc388b63-20de-4a45-96c2-d8c2b98eb6e0, authSessionTabId=9OWUQZyR0VU 2022-11-25 15:01:37,311 INFO [io.quarkus.http.access-log] (executor-thread-7) "127.0.0.1 [25/Nov/2022:15:01:37 +0100] "GET /auth/realms/Custom/login-actions/action-token?key=eyJhbGciOiJIUzI1NiIsInR5cCIgOiAiSldUIiwia2lkIiA6ICJmMW FkZjMxZi03NjY4LTQ5NTctODczNy0wMzgyMzY5MTZlZjgifQ.eyJleHAiOjE2NjkzODUxOTAsImlhdCI6MTY2OTM4NDg5MCwianRpIjoiMTc1OGJmMTUtYjE5NC00N2MwLWIwZjUtZjM3YjEzMTFhYTUwIiwiaXNzIjoiaHR0cDovL2xvY2FsaG9zdDo4MDgwL2F1dGgvcmVhbG1zL0N1c3RvbSIsImF1ZCI6 Imh0dHA6Ly9sb2NhbGhvc3Q6ODA4MC9hdXRoL3JlYWxtcy9DdXN0b20iLCJzdWIiOiJjN2RiYWZiMC0zY2I3LTRlZWEtOWY2My03ZDY3MzUxODEwMzAiLCJ0eXAiOiJleHRlcm5hbC1hcHAtbm90aWZpY2F0aW9uIiwibm9uY2UiOiIxNzU4YmYxNS1iMTk0LTQ3YzAtYjBmNS1mMzdiMTMxMWFhNTAiLCJhc HAtaWQiOiJ3aWRtdW5nc2Vya2xhZXJ1bmciLCJhc2lkIjoiYWNjb3VudC1jb25zb2xlIiwiYXNpZCI6ImFjY291bnQtY29uc29sZSJ9.YIci0Pqdxon0bJlbieddSHCILkLf7O-5JfsxhztoaHA&client_id=account-console&tab_id=9OWUQZyR0VU&app-token=%7BAPP_TOKEN%7D HTTP/1.1"Version
19.0.3
Expected behavior
I expected to return back into the authentication process started before, when returning back via the action-token-url.
Actual behavior
The only thing I see is a warning log:
2022-11-25 15:01:37,310 WARN [org.keycloak.events] (executor-thread-7) type=EXECUTE_ACTION_TOKEN_ERROR, realmId=Custom, clientId=null, userId=c7dbafb0-3cb7-4eea-9f63-7d6735181030, ipAddress=127.0.0.1, error=invalid_code, reason= 'Invalid action token operation', token_id=1758bf15-b194-47c0-b0f5-f37b1311aa50, action=external-app-notification, authSessionParentId=cc388b63-20de-4a45-96c2-d8c2b98eb6e0, authSessionTabId=9OWUQZyR0VU 2022-11-25 15:01:37,311 INFO [io.quarkus.http.access-log] (executor-thread-7) "127.0.0.1 [25/Nov/2022:15:01:37 +0100] "GET /auth/realms/Custom/login-actions/action-token?key=eyJhbGciOiJIUzI1NiIsInR5cCIgOiAiSldUIiwia2lkIiA6ICJmMW FkZjMxZi03NjY4LTQ5NTctODczNy0wMzgyMzY5MTZlZjgifQ.eyJleHAiOjE2NjkzODUxOTAsImlhdCI6MTY2OTM4NDg5MCwianRpIjoiMTc1OGJmMTUtYjE5NC00N2MwLWIwZjUtZjM3YjEzMTFhYTUwIiwiaXNzIjoiaHR0cDovL2xvY2FsaG9zdDo4MDgwL2F1dGgvcmVhbG1zL0N1c3RvbSIsImF1ZCI6 Imh0dHA6Ly9sb2NhbGhvc3Q6ODA4MC9hdXRoL3JlYWxtcy9DdXN0b20iLCJzdWIiOiJjN2RiYWZiMC0zY2I3LTRlZWEtOWY2My03ZDY3MzUxODEwMzAiLCJ0eXAiOiJleHRlcm5hbC1hcHAtbm90aWZpY2F0aW9uIiwibm9uY2UiOiIxNzU4YmYxNS1iMTk0LTQ3YzAtYjBmNS1mMzdiMTMxMWFhNTAiLCJhc HAtaWQiOiJ3aWRtdW5nc2Vya2xhZXJ1bmciLCJhc2lkIjoiYWNjb3VudC1jb25zb2xlIiwiYXNpZCI6ImFjY291bnQtY29uc29sZSJ9.YIci0Pqdxon0bJlbieddSHCILkLf7O-5JfsxhztoaHA&client_id=account-console&tab_id=9OWUQZyR0VU&app-token=%7BAPP_TOKEN%7D HTTP/1.1"How to Reproduce?
Just add your code of the quickstarts into an keycloak instance, either add the required action to a user and login or extend the authentication flow by the authenticator and then login.
Anything else?
No response
The text was updated successfully, but these errors were encountered: