You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Enable keycloak bearer interceptor.
If the user is not logged in and a call is made to the backend where a bearer can be added, then the user is redirected to the login page.
Desired functionality.
I have an endpoint that can be called by anonymous as well as logged in users. Depending on the ID they pass, they can have anonymous access or need to be logged in. The problem is that the http interceptor provided by this lib always forces the user to login when enableBearerInterceptor is set to true. I added my own interceptor for now, but I'm willing to create a PR for this if you agree that the access token should only be added to the request when the user is actually logged in. It could also be an option in the KeycloakOptions.
The text was updated successfully, but these errors were encountered:
Hi @Mawi137. Thanks for the issue and indeed this is a problem in the actual implementation. I'm working on the new version of the library and I'm changing a little bit the interceptor configurations.
The idea of adding the access token only if the user is logged in is great and we could add it on the current version, just the configuration on KeycloakOptions part maybe could be left for now. Your PR is very welcomed.
Bug Report or Feature Request (mark with an
x
)Versions.
angular: 8.0.3
keycloak-angular: 7.0.1
keycloak-js: 4.8.3
Repro steps.
Enable keycloak bearer interceptor.
If the user is not logged in and a call is made to the backend where a bearer can be added, then the user is redirected to the login page.
Desired functionality.
I have an endpoint that can be called by anonymous as well as logged in users. Depending on the ID they pass, they can have anonymous access or need to be logged in. The problem is that the http interceptor provided by this lib always forces the user to login when
enableBearerInterceptor
is set totrue
. I added my own interceptor for now, but I'm willing to create a PR for this if you agree that the access token should only be added to the request when the user is actually logged in. It could also be an option in theKeycloakOptions
.The text was updated successfully, but these errors were encountered: