Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Is there a way to enforce authorization check in this plugin? #47

Open
Okanmercan99 opened this issue May 15, 2024 · 0 comments
Open

Is there a way to enforce authorization check in this plugin? #47

Okanmercan99 opened this issue May 15, 2024 · 0 comments

Comments

@Okanmercan99
Copy link

Okanmercan99 commented May 15, 2024
edited
Loading

Hi,

I have configured a Keycloak client named nexxus-backend as a confidential client and set up some permissions on specific endpoints. These permissions check whether the user belongs to a specific group, and if not, the user should not be able to access the defined resources (endpoints). However, it appears that the plugin is not enforcing these permissions on the specified endpoints.

Is there a way to ensure that these permissions are enforced? Below are my Keycloak settings. Thank you for your assistance!

const opt: KeycloakOptions = {
    appOrigin: 'http://localhost:3000',
    keycloakSubdomain: 'localhost:8080/realms/master',
    clientId: 'nexxus-backend',
    clientSecret: '5A5mx19rMDW5d1TrC7nei2TDCmPoAVT5',
    unauthorizedHandler: (req, resp) => {
      console.log('hello world!')
      resp.status(401).send('Invalid request')
    }
  }

  //Add keycloak settings to the Fastify instance
  await fastify.register(keycloak, opt);

Addition:

Here my resource defined in Keycloak:
image
policy:
image
and permission:
image
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@Okanmercan99