keycloak-nodejs-connect：无法获得授权码：400：请求错误

Question

设置：

我正在尝试获取demo code for keycloak-connect library to run，但失败了。

这就是我所做的：

• 独立下载并启动keycloak 4.7，设置管理员用户和密码
• 创建一个基本的公共客户
• 
• 创建用户
• 
• 在网络风暴中创建基本的快递应用
• 相关文件：

index.js

var createError = require('http-errors');


var express = require('express');
var path = require('path');
var cookieParser = require('cookie-parser');
var logger = require('morgan');

var session = require('express-session');
var Keycloak = require('keycloak-connect');

var memoryStore = new session.MemoryStore();

let keycloak = new Keycloak({ store: memoryStore });

var indexRouter = require('./routes/index');
var usersRouter = require('./routes/users');

var app = express();

app.set('trust proxy', 1); // trust first proxy
app.use(session({
    secret: 'keyboard cat',
    resave: false,
    saveUninitialized: true,
    cookie: { secure: true },
    store: memoryStore
}));

app.use( keycloak.middleware() );

// view engine setup
app.set('views', path.join(__dirname, 'views'));
app.set('view engine', 'pug');

app.use(logger('dev'));
app.use(express.json());
app.use(express.urlencoded({ extended: false }));
app.use(cookieParser());
app.use(express.static(path.join(__dirname, 'public')));


app.get('/$', function(req, res) {
    res.write('<a href="/secure">Secure</a>');
    res.end();
});

app.get( '/secure', keycloak.protect('realm:master'), function(req, res){
//Edit: keycloak.protect() gives the same result
    res.write("Yo!");
    res.end();
});

// catch 404 and forward to error handler
app.use(function(req, res, next) {
  next(createError(404));
});

// error handler
app.use(function(err, req, res, next) {
  // set locals, only providing error in development
  res.locals.message = err.message;
  res.locals.error = req.app.get('env') === 'development' ? err : {};

  // render the error page
  res.status(err.status || 500);
  res.render('error');
});

module.exports = app;

keycloak.json（复制/粘贴）

{
  "realm": "master",
  "auth-server-url": "http://localhost:8080/auth",
  "ssl-required": "external",
  "resource": "test",
  "public-client": true,
  "confidential-port": 0
}

package.json

{
  "name": "keycloak-test",
  "version": "0.0.0",
  "private": true,
  "scripts": {
    "start": "node ./bin/www"
  },
  "dependencies": {
    "cookie-parser": "~1.4.3",
    "debug": "~2.6.9",
    "express": "~4.16.0",
    "express-session": "^1.15.6",
    "http-errors": "~1.6.2",
    "keycloak-connect": "^4.7.0",
    "morgan": "~1.9.0",
    "pug": "2.0.0-beta11"
  }
}

问题：

在访问http://localhost:3000/secure时，我被重定向到keycloak登录表单，可以使用演示用户的用户凭据登录。

然后，我被重定向回/secure，并且网站显示Access denied并带有403 forbidden响应代码。 密钥斗篷控制台说

16:44:56,691 WARN  [org.keycloak.events] (default task-8) 
type=CODE_TO_TOKEN_ERROR, 
realmId=master, 
clientId=test, 
userId=xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx, 
ipAddress=127.0.0.1, 
error=invalid_code, 
grant_type=authorization_code, 
code_id=xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx, 
client_auth_method=client-secret

node.js控制台显示Could not obtain grant code: 400:Bad Request。

我在做什么错了？

Answer 1

您正在使用称为 getCarSpotsByArea(areaId: string) { this._carSpotService.getCarSpotsByAreaId(areaId) .subscribe( data => { this.carSpots = data; }, // Errors will call this callback instead: (err: HttpErrorResponse) => { if (err.error instanceof Error) { // A client-side or network error occurred. Handle it accordingly. console.log('An error occurred:', err.error.message); } else { // The backend returned an unsuccessful response code. // The response body may contain clues as to what went wrong, console.log(`Backend returned code ${err.status}, body was: ${JSON.stringify(err.error)}`); } } ); 的领域角色来保护资源/secure

  

app.get（'/ secure'，keycloak.protect（'realm：master'）

您需要创建主角色并分配给master，如下所示

Answer 2

此问题是npm keycloak-connect软件包的问题，​​当您使用npm安装时，安装必须得到警告，提示运行npm audit。

运行npm audit --force abd重新运行它将运行的应用程序。我被困在同一个问题上一天，而这件事对我来说是个救生员。

在安装npm后运行npm audit --force。

npm安装

npm审核--force