Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Incorrect function is used in 'keycloak-admin-client' library in getToken function #19879

Closed
2 tasks done
lexakozakov opened this issue Apr 21, 2023 · 5 comments · Fixed by #20000
Closed
2 tasks done

Incorrect function is used in 'keycloak-admin-client' library in getToken function #19879

lexakozakov opened this issue Apr 21, 2023 · 5 comments · Fixed by #20000
Assignees
@hmica
Labels
area/adapter/javascript impact/high kind/bug Categorizes a PR related to a bug team/ui
Milestone
21.1.2

Comments

@lexakozakov
Copy link

Before reporting an issue

  • I have searched existing issues
  • I have reproduced the issue with the latest release

Area

adapter/javascript

Describe the bug

It looks like it's just a simple mistake - 'atob' function is used instead of 'btoa'

Version

2022.9

Expected behavior

'btoa' function should be used

Actual behavior

'atob' function is used

How to Reproduce?

just run getToken function

Anything else?

No response
@lexakozakov lexakozakov added kind/bug Categorizes a PR related to a bug status/triage labels Apr 21, 2023
@hmica
Copy link
Contributor

hmica commented Apr 27, 2023

Hi, I got the same issue while upgrading to admin@21.1.1

it's seems there is an error in auth.ts

keycloak/js/libs/keycloak-admin-client/src/utils/auth.ts

Lines 80 to 83 in f7988a6

headers.set(
"Authorization",
atob(credentials.clientId + ":" + credentials.clientSecret)
);

The correct header should be something like this :

 headers.set("Authorization","Basic "+btoa(credentials.clientId + ":" + credentials.clientSecret));

Thank you

hmica added a commit to hmica/keycloak that referenced this issue Apr 27, 2023
@hmica
Update auth.ts
7230f4b 
Correct getToken error

This fix a regression on migration from Axios To FetchAPI
Credential header must be encoded not decoded.

This fix keycloak#19879
@hmica hmica mentioned this issue Apr 27, 2023
Merged
@lexakozakov
Copy link
Author

BTW, authorization does not work properly even the function is changed to btoa.

clientId and clientSecret should be sent in request body.

https://github.com/lexakozakov/keycloak/blob/main/js/libs/keycloak-admin-client/src/utils/auth.ts#L66

@jonkoops
Copy link
Contributor

Hi @hmica, would you be willing to submit a pull request to fix this? We'll try to backport it to a patch release.

@jonkoops
Copy link
Contributor

I see you already did, will take a look at it 👍

@jonkoops jonkoops added this to the 21.1.2 milestone Apr 27, 2023
@guesant
Copy link

guesant commented Apr 30, 2023

Same issue here.

DOMException [InvalidCharacterError]: Invalid character

@jonkoops jonkoops mentioned this issue May 5, 2023
Closed
2 tasks
jonkoops pushed a commit to hmica/keycloak that referenced this issue May 16, 2023
@hmica @jonkoops
Update auth.ts
e0aacd4 
Correct getToken error

This fix a regression on migration from Axios To FetchAPI
Credential header must be encoded not decoded.

This fix keycloak#19879
jonkoops pushed a commit that referenced this issue May 16, 2023
@hmica
Ensure client secret is encoded properly in Authorization header (#…
7502a31 
…20000)

Closes #19879
jonkoops pushed a commit to jonkoops/keycloak that referenced this issue May 25, 2023
@hmica @jonkoops
Ensure client secret is encoded properly in Authorization header (k…
f6c5e14 
…eycloak#20000)

Closes keycloak#19879
jonkoops pushed a commit to jonkoops/keycloak that referenced this issue May 25, 2023
@hmica @jonkoops
Ensure client secret is encoded properly in Authorization header
8be6d20 
Backports keycloak#19879
@jonkoops jonkoops mentioned this issue May 25, 2023
Merged
jonkoops added a commit that referenced this issue May 25, 2023
@jonkoops @hmica
Ensure client secret is encoded properly in Authorization header (#…
f90559a 
…20557)

Backports #19879

Co-authored-by: Mica Hallin <mica.hallin@gmail.com>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@hmica hmica

Labels
area/adapter/javascript impact/high kind/bug Categorizes a PR related to a bug team/ui
Projects
None yet
Milestone
21.1.2
Development

Successfully merging a pull request may close this issue.

Update auth.ts hmica/keycloak
4 participants
@lexakozakov @jonkoops @hmica @guesant