无法通过Keycloak对应用用户的登录进行验证。

huangapple go评论103阅读模式
英文:

Unable to authenticate the login of application user using Keycloak

问题

以下是翻译好的部分:

我正在进行将React应用与Keycloak集成的工作。我已经在我的本地机器上安装了Keycloak服务器版本11.0.2。我可以访问管理登录页面并创建管理员用户。我还使用Keycloak创建了一个自定义客户端和带有凭据的用户。我的React应用托管在本机的9000端口,而Keycloak则托管在8080(默认)端口上。现在,当我重定向到我的应用程序URL时,它会自动重定向到以下URL:

http://localhost:8080/auth/realms/{自定义领域}/protocol/openid-connect/auth?client_id={自定义客户端}&redirect_uri=http%3A%2F%2Flocalhost%3A9000%2F&state=r8yy83fdgd-27f8-4aa9-a679-01sfdsgd9&response_mode=fragment&response_type=code&scope=openid&nonce=27fedfgf89-66be-4484-bbcc-aabb4saddc4

URL正在呈现登录页面,但没有CSS。不确定为什么CSS没有被渲染出来。
此外,它没有进行身份验证并显示错误:

> 无法提交 /realms/{领域}/login-actions/authenticate

英文:

I am working over integration of React application with Keycloak. I have installed the Keycloak server version 11.0.2 over my local machine. I am able to access the administrative login and create the admin user. I have also created a custom client and user with credentials using the Keycloak. My react application is hosted over port 9000 of my machine and Keycloak over 8080 (default) port. Now, when I am redirecting to my application URL it is automatically redirecting to the below URL:

http://localhost:8080/auth/realms/{Custom_realm}/protocol/openid-connect/auth?client_id={Custom_Client}&redirect_uri=http%3A%2F%2Flocalhost%3A9000%2F&state=r8yy83fdgd-27f8-4aa9-a679-01sfdsgd9&response_mode=fragment&response_type=code&scope=openid&nonce=27fedfgf89-66be-4484-bbcc-aabb4saddc4

无法通过Keycloak对应用用户的登录进行验证。

URL is rendering the login page without the CSS. Not sure why the CSS is not getting rendered.
Also it is not authenticating and giving error

> Cannot POST /realms/{Realm}/login-actions/authenticate

答案1

得分: 3

我犯了一个错误,将“Realm Settings” -> “General” -> “Frontend URL”设置为该Realm所属应用程序的主页URL。

不要这样做。

清空该字段并保存后,问题得到了解决。

英文:

I made the mistake of setting "Realm Settings" -> "General" -> "Frontend URL" to the homepage URL of the application the realm was for.

Don't do that.

Emptying that field and saving it resolved the issue for me.

答案2

得分: 0

Keycloak会在重定向到登录页面之前检查Keycloak应用程序URL,以确定用户是否已登录到应用程序。

要调试登录页面在没有CSS的情况下呈现的问题,需要了解您在管理界面和服务器主题文件夹中对该领域主题设置所做的更改,因为在默认的Keycloak 11.0.2中,它会使用CSS进行渲染。

我尝试使用Postman和浏览器访问POST /authenticate,对我来说是有效的。

有效的CURL请求示例:

curl --location --request POST 'http://localhost:8080/auth/realms/test/login-actions/authenticate?session_code=pmE8VZtaYo4u5IN7vOQ_OLh9Ft_n-pftbBqzk9T2z-k&execution=7d28dd8f-6436-4280-a1da-51cbca5084c1&client_id=account&tab_id=hdEKLv2DNPg' \
--header 'Content-Type: application/x-www-form-urlencoded' \
--header 'Cookie: AUTH_SESSION_ID_LEGACY=16e87095-05df-4ca2-88c6-e0c7e2cf6199.milan-latitude-e5450; KEYCLOAK_SESSION_LEGACY=test/0805f781-d0e3-42cf-b34c-be110547d48c/16e87095-05df-4ca2-88c6-e0c7e2cf6199; KEYCLOAK_IDENTITY_LEGACY=eyJhbGciOiJIUzI1NiIsInR5cCIgOiAiSldUIiwia2lkIiA6ICI5YmMw...[此处省略剩余部分]

请注意,翻译中的某些特殊字符可能会受到格式的影响,但整体上应该是正确的翻译。

英文:

Keycloak redirecting to login page because keycloak application url check user logged in or not before redirecting to application.

To debug your login page rendering without css need to know what changes you have done in that realm theme setting from admin and server themes folder because in default keycloak 11.0.2 it's rendering with css.

Tried to hit POST /authenticate from postman and browser it's working for me.

Authenticate working CURL REQUEST:

curl --location --request POST 'http://localhost:8080/auth/realms/test/login-actions/authenticate?session_code=pmE8VZtaYo4u5IN7vOQ_OLh9Ft_n-pftbBqzk9T2z-k&execution=7d28dd8f-6436-4280-a1da-51cbca5084c1&client_id=account&tab_id=hdEKLv2DNPg' \
--header 'Content-Type: application/x-www-form-urlencoded' \
--header 'Cookie: AUTH_SESSION_ID_LEGACY=16e87095-05df-4ca2-88c6-e0c7e2cf6199.milan-latitude-e5450; KEYCLOAK_SESSION_LEGACY=test/0805f781-d0e3-42cf-b34c-be110547d48c/16e87095-05df-4ca2-88c6-e0c7e2cf6199; KEYCLOAK_IDENTITY_LEGACY=eyJhbGciOiJIUzI1NiIsInR5cCIgOiAiSldUIiwia2lkIiA6ICI5YmMwNGZkOS1kZDQ3LTRhZmUtOWM1NC0wZWQ1NGFmMmU1MWIifQ.eyJleHAiOjE2MDE1NjYxMjksImlhdCI6MTYwMTUzMDEyOSwianRpIjoiYmJmNmE4ZmQtYzBjMi00MWQxLWJkMGEtY2MwZmVmNmViMzYxIiwiaXNzIjoiaHR0cDovL2xvY2FsaG9zdDo4MDgwL2F1dGgvcmVhbG1zL3Rlc3QiLCJzdWIiOiIwODA1Zjc4MS1kMGUzLTQyY2YtYjM0Yy1iZTExMDU0N2Q0OGMiLCJ0eXAiOiJTZXJpYWxpemVkLUlEIiwic2Vzc2lvbl9zdGF0ZSI6IjE2ZTg3MDk1LTA1ZGYtNGNhMi04OGM2LWUwYzdlMmNmNjE5OSIsInN0YXRlX2NoZWNrZXIiOiIxV0pWUUN5cDRfcEJJQzZpNENRWnZKMzk2aFBhREdoYmNjWXlDT3VTUm13In0.bteyEEAhIWzbi2MdJAwp9ndCXsTPtjHiGBtMYUglWR0; oauth2_authentication_csrf_insecure=MTYwMDc3ODA2MnxEdi1CQkFFQ180SUFBUkFCRUFBQVB2LUNBQUVHYzNSeWFXNW5EQVlBQkdOemNtWUdjM1J5YVc1bkRDSUFJRFZoTlRaaU1qWTJZVEF6TWpRMk1HUmhaV0pqWWpJNU5UbGtOekl5TURRMXwGvq0FY6TUmmWfUmzaDwnTBf9KC-1Ni5N5pc4IXVcBIQ==; oauth2_consent_csrf_insecure=MTYwMDc3ODIzNXxEdi1CQkFFQ180SUFBUkFCRUFBQVB2LUNBQUVHYzNSeWFXNW5EQVlBQkdOemNtWUdjM1J5YVc1bkRDSUFJRGt3T0RCaVlXSTFZVFJqTVRSbE5HTTVaREUxWldZMFptTTVaREl5TUdNeXxmdLHoVF_3zSxhHR8F2zez-Q37wde7ZnPkb_wt_o-T9g==' \
--data-urlencode 'username=milan' \
--data-urlencode 'password=password'

huangapple
  • 本文由 发表于 2020年10月1日 13:04:19
  • 转载请务必保留本文链接:https://go.coder-hub.com/64149366.html
匿名

发表评论

匿名网友

:?: :razz: :sad: :evil: :!: :smile: :oops: :grin: :eek: :shock: :???: :cool: :lol: :mad: :twisted: :roll: :wink: :idea: :arrow: :neutral: :cry: :mrgreen:

确定