-
Notifications
You must be signed in to change notification settings - Fork 27
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
CH02 - Invoke Service return 403 but myrole is added to access_token #19
Comments
Seeing the same issues. Did you manage to resolve it? |
Staring for a bit into the source code of keycloak-node-connect I think I figured out the issue in my case. Since it was something I created it might not be the same in your case but maybe it helps someone else. The issue was I changed this line
to this
Since I thought the realm has to be the name of the realm. But it is a description where the role should be looked for. The algorithm of the keycloak protector is here and the check for the role Here is the working function with couple of printouts that might help you debug.
|
I am having the same issue, any solutions? |
For me the problem was that in docker it wasn't working but running npm start directly was OK. |
I have a bit of a strange issue where "myrole" is added to the access_token but Invoke Service function still return "403 - Access Denied"
"Show Access Token"
![image](https://private-user-images.githubusercontent.com/118165311/274375396-9eae8c9d-1660-4631-9d73-815c7c4251bf.png?jwt=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpc3MiOiJnaXRodWIuY29tIiwiYXVkIjoicmF3LmdpdGh1YnVzZXJjb250ZW50LmNvbSIsImtleSI6ImtleTUiLCJleHAiOjE3MTg3NjgyMDcsIm5iZiI6MTcxODc2NzkwNywicGF0aCI6Ii8xMTgxNjUzMTEvMjc0Mzc1Mzk2LTllYWU4YzlkLTE2NjAtNDYzMS05ZDczLTgxNWM3YzQyNTFiZi5wbmc_WC1BbXotQWxnb3JpdGhtPUFXUzQtSE1BQy1TSEEyNTYmWC1BbXotQ3JlZGVudGlhbD1BS0lBVkNPRFlMU0E1M1BRSzRaQSUyRjIwMjQwNjE5JTJGdXMtZWFzdC0xJTJGczMlMkZhd3M0X3JlcXVlc3QmWC1BbXotRGF0ZT0yMDI0MDYxOVQwMzMxNDdaJlgtQW16LUV4cGlyZXM9MzAwJlgtQW16LVNpZ25hdHVyZT1jNmIxZmQ3MTFiZWQ2ZGFlNGZhMTkxZTAxNzkxMzQzY2U0YzdjYTJhODY5NWFhMmZlZmIxMWE1OTZjNmFhYzY3JlgtQW16LVNpZ25lZEhlYWRlcnM9aG9zdCZhY3Rvcl9pZD0wJmtleV9pZD0wJnJlcG9faWQ9MCJ9.8kwNILrVXhVFGvdsEMXUxe-DSubycShqyUhSDpayqnU)
Text after pressing "Invoke Service" button at http://localhost:8000/
![image](https://private-user-images.githubusercontent.com/118165311/274375469-c305d598-20b5-4fca-9caf-4cbc53dbe0ab.png?jwt=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpc3MiOiJnaXRodWIuY29tIiwiYXVkIjoicmF3LmdpdGh1YnVzZXJjb250ZW50LmNvbSIsImtleSI6ImtleTUiLCJleHAiOjE3MTg3NjgyMDcsIm5iZiI6MTcxODc2NzkwNywicGF0aCI6Ii8xMTgxNjUzMTEvMjc0Mzc1NDY5LWMzMDVkNTk4LTIwYjUtNGZjYS05Y2FmLTRjYmM1M2RiZTBhYi5wbmc_WC1BbXotQWxnb3JpdGhtPUFXUzQtSE1BQy1TSEEyNTYmWC1BbXotQ3JlZGVudGlhbD1BS0lBVkNPRFlMU0E1M1BRSzRaQSUyRjIwMjQwNjE5JTJGdXMtZWFzdC0xJTJGczMlMkZhd3M0X3JlcXVlc3QmWC1BbXotRGF0ZT0yMDI0MDYxOVQwMzMxNDdaJlgtQW16LUV4cGlyZXM9MzAwJlgtQW16LVNpZ25hdHVyZT1jOTBiM2U2Zjg3MTI0MTIyZGJmNmQ0NzNlYWZkYjYwYjllOGY4NzZhMTA0YmZmODkzZmVhNjZmNTQ2NzY3MmUzJlgtQW16LVNpZ25lZEhlYWRlcnM9aG9zdCZhY3Rvcl9pZD0wJmtleV9pZD0wJnJlcG9faWQ9MCJ9.o0gTDOO26f8x6nuAlcllLIPuzBqbQT8vmk3dUR4plh0)
The text was updated successfully, but these errors were encountered: