I’m trying to set up an openId Connect authentication for an existing javalin API and would like to use it through SwaggerUI.
I’m using Javalin (5.6.2), javalin-pac4j (6.0.0), oidc-pac4j (5.7.1), keycloak (21.1.2).
private fun setUpAuthentication(properties: Properties): AuthenticationConfig {
val config: KeycloakOidcConfiguration = KeycloakOidcConfiguration()
config.setClientId(properties.get(KEYCLOAK_ID))
config.setSecret(properties.get(KEYCLOAK_SECRET))
config.setRealm(properties.get(KEYCLOAK_REALM))
config.setBaseUri(properties.get(KEYCLOAK_BASE_URI))
config.setClientAuthenticationMethod(ClientAuthenticationMethod.CLIENT_SECRET_BASIC)
val keyCloakClient = KeycloakOidcClient(config)
val clients = Clients(properties.get(API_BASE_URL)+"/callback", keyCloakClient)
return AuthenticationConfig(clients)
}
val callback: CallbackHandler = CallbackHandler(authenticationConfig);
app.get("/callback", callback);
app.post("/callback", callback);
val securityHandler: SecurityHandler = SecurityHandler(authenticationConfig, "KeycloakOidcClient")
app.before("/keycloak", securityHandler)
app.get("/keycloak") { ctx ->
ctx.result("Hello Keycloak !")
}
I can login via Keycloak from the SwaggerUI interface but my current error is a “TypeError: NetworkError when attempting to fetch resource.” in my swagger interface when I use the /keycloak protected route.
It seems that the session is identified. A JsessionID and a pac4jCsrfToken are recuperated and I can see this trace in my log :
11:12:41.814 [JettyServerThreadPool-23] DEBUG org.eclipse.jetty.server.HttpChannel -- COMMIT for /keycloak on HttpChannelOverHttp@1cc85432{s=HttpChannelState@2cfde2de{s=HANDLING rs=COMPLETING os=COMMITTED is=IDLE awp=false se=false i=false al=0},r=2,c=false/false,a=HANDLING,uri=http://localhost:7000/keycloak,age=545}
302 null HTTP/1.1
Date: Thu, 28 Sep 2023 09:12:41 GMT
Content-Type: text/plain
Access-Control-Allow-Headers: authorization
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Vary: Origin
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Pragma: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
X-Content-Type-Options: nosniff
X-Frame-Options: DENY
X-XSS-Protection: 1; mode=block
Set-Cookie: JSESSIONID=node0l9d44z66vuuo1mrptt2e3y21l0.node0; Path=/; HttpOnly; SameSite=Lax
Set-Cookie: pac4jCsrfToken=1133544cd0794346af30ff85d05a539e; Domain=localhost; Path=/; SameSite=Lax; Secure; HttpOnly
Location: https://user.my-domain.fr/realms/realName/protocol/openid-connect/auth?scope=openid+profile+email&response_type=code&redirect_uri=http%3A%2F%2Flocalhost%3A7000%2Fcallback%3Fclient_name%3DKeycloakOidcClient&state=34b61a70ef&code_challenge_method=S256&client_id=agatha-web&code_challenge=dO5ryDr8FO8EKQbt00X8QmPwCMW4V329rOSY-Uv0mqE
11:12:41.814 [JettyServerThreadPool-23] DEBUG org.eclipse.jetty.server.Request -- Response Request[OPTIONS http://localhost:7000/keycloak]@71b358e8 committing for session Session@4b2b3220{id=node0l9d44z66vuuo1mrptt2e3y21l0,x=node0l9d44z66vuuo1mrptt2e3y21l0.node0,req=1,res=true}
but afterward it just end up as a TimeoutException and I don’t find any angle to debug it further.
Thanks for your help