-
-
Notifications
You must be signed in to change notification settings - Fork 3.5k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Trying to use with keycloak-passport #39
Comments
I haven't used that strategy before, but in theory they should all work (of course the oAuth spec is a bit vague on the details of profiles, so reality is different). The Can you see if your To debug you could hard code a user object response in getProfile(profile) {
console.log("Got profile from keycloak: ", profile)
return {
id: "123",
name: "J Smith"
email: "j.mith@example.com"
}
} The fields you need are 'id', 'name' and Another thing to watch for is some providers require explicit options, like providerOptions: {
scope: ['profile', 'email']
}, Next.js refreshes the output on the console so can be handy to do something like |
I've just looked at #38 raised by @mBeierl and I think the same issue impacts this strategy. https://github.com/exlinc/keycloak-passport It passes a different list of arguments in the callback I thought the method signature for this callback was standardised in all strategies (because it works this way in Google, Facebook and Twitter and a few others) but I guess not in the wild! It's easy to hack for a specific strategy (e.g. fork the strategy and change what it returns) as a workaround but I'm not sure what the best way to handle different responses in strategies like this is (as there is already too much complexity to configuration and I should be focusing on reducing it :-). I'll have a think and see what we can do! |
Thanks for looking into it 😄 Yeah trying that snippet in the |
It looks like it uses the library I'm not sure how you can solve this compatibility issue easily, with maybe having your own version of The keycloak-passport strategy doesn't seem to do too much, I wonder if a generic oAuth 2 module for Passport (other than err passport-oauth2… there seem to be a few at least!) might work in this case? |
Lookinking more likely I might just have go this route 😢
Not 100% sure by what you mean here 🤔 |
Hmm looking at the options that may not be as easy as I thought. Can you paste in your config for the provider from I think I have a fix I can suggest. |
Basically, in your strategyOptions: {
/* other options */
passReqToCallback: true
}, It seems the underlying module |
Oh wait boo, I just realised So err sorry something else is going on with the service. :-(
I would maybe as the maintainer of |
This is my config. No joy with the suggestion 😑 |
Thanks for the help. I will open an issue over @ |
Okies, so you can remove
(The |
😄 Nice one So removing the callback and setting my host to Not sure if this is related but if I click log out I now get this screen if trying to log in again: |
Hmm no that should not be related, but I'm not sure what's causing that. You might want to close down your browser, stop and start the service again and try and replicate it. In development mode, Next.js does hot-reloading and caches pages in Service Workers and browser behaviour can get weird if you stop and start things and the only way to clear it out is to close and re-open the browser. Both those things (which only happen in development mode on Next.js projects) cause weird page refreshes. PS: Thanks for reminding me a I need to fix a typo on that that example error page (just pushed that). |
Tried it in a new browser in production mode and no joy, still not allowing me to log in after logging out. Interestingly if I stop and start the server it authenticates me when I click sign in, so looks like it's not actually logging me out correctly. But as far as the original issue goes I think we can close it? I will do a bit more digging on this logging out issue and see can I get to the bottom of it. It seems like I am not actually being logged out. 😆 I'm terrible for typos so didn't even notice |
Thanks for all the help with this by the way! 💪 |
You welcome! And great yes, lets close this off so it's easy for anyone to follow if they find it when Googling in case they have the same thing. :-) Happy to help with the separate log out issue! The logout button code should be pretty simple, so hopefully won't involve too much debugging. You might want to take look at the |
Did you solve this or have a repo that has a basic implementation of nextjs + keycloak? |
I have been trying to use next-auth with this keycloak-passport Strategy. (I did have to modify the strategy's name to be lowercase to be able to test it out)
I can log in no problem and it creates a session. Only problem is,
getProfile()
doesn't seem to fire at all so the session just contains thecsrfSecret
but no user. Keycloak recognises I'm already logged in when trying to log in.Have been trying to debug through what could be happening but couldn't get to the bottom of it. Any direction on what might be the issue would be great. If I get it working would be happy to submit some documentation on it.
The text was updated successfully, but these errors were encountered: