Login/Register
NodeJS - connect-keycloak middleware empty response error
Asked Answered
Solved node.jsoauth-2.0keycloakmiddlewarenode.js-connect
O

1

7

I'm having a problem using the connect-keycloak middleware with NodeJS, and there appears to be very little documentation online from people who have used it. This is based on 'A Full Example' from the official docs found here: http://keycloak.github.io/keycloak-nodejs/connect/

I am getting an unexpected error when testing with curl, relating to an undefined 'keycloak-token'. I can't find any references to this in my code or the source, nor anyone else with the same problem online. Can anyone see what I'm doing wrong?

The connect-keycloak object is included and instantiated as expected:

// app.js:
// module dependencies
var request = require('sync-request');
var fs = require('fs');
var restify = require('restify');
var Keycloak = require('connect-keycloak');
var session = require('express-session');
var memoryStore = new session.MemoryStore();

// Keycloak
var keycloak = new Keycloak({ store: memoryStore });

And the middleware is used:

var server = restify.createServer({
    name: 'name',
    version: '1.0.0'
});

server.use(restify.acceptParser(server.acceptable));
server.use(restify.queryParser());
server.use(restify.bodyParser());
server.use(keycloak.middleware({ logout: '/logout', admin: '/' }));

server.use(session({
    secret: 'secret',
    resave: false,
    saveUninitialized: true,
    store: memoryStore
}));

And the keycloak.protect method is in place:

server.get(/.*/, keycloak.protect(), restify.serveStatic({
    'directory': './html',
    'default': 'index.html'
}));

Yet this curl test:

curl -H "Content-Type: application/json" -X POST -d '{"query":"test"}' http://localhost:3000/trust-me-on-the-url-being-correct/thanks -i

Produces this unusual error (not the error I was hoping for):

 POST -d '{"query":"car"}' http://localhost:3000/rest/keywords -i
HTTP/1.1 500 Internal Server Error
Content-Type: application/json
Content-Length: 87
Date: Thu, 03 Dec 2015 02:05:40 GMT
Connection: keep-alive

{"code":"InternalError","message":"Cannot read property 'keycloak-token' of undefined"}[addamnilemartin@localhost keyword]$

Keycloak.json is included in the same directory as app.js and should definitely not be the cause of the problem.

I realised this was missing and added it:

// set session for keycloak
server.use(session({
    secret: 'fsd78d7gdfgds',
    resave: false,
    saveUninitialized: true,
    store: memoryStore
}));

Now the response when my POST had keycloak.protect() the error is:

curl -H "Content-Type: application/json" -X POST -d '{"query":"car"}' http://localhost:3000/blah/blah -i
curl: (52) Empty reply from server

Without keycloak.protect the response is the expected JSON, of course, as there is no attempt at authetication.

Oedipus answered 3/12, 2015 at 2:12 Comment(0)
O
3

As it turns out, there was nothing wrong with this code. The problem was that the node modules I had installed via npm were out-dated, to a time before this middle-ware supported bearer-only authentication.

Moral of the story: keep your repositories up to date!

Oedipus answered 7/12, 2015 at 8:18 Comment(4)
How exactly does your code look? Is everything in the same class? I'm really stuck with this, ThanksYahwistic
@Yahwistic are you using the connect-keycloak npm package shown in the link above (version 0.0.16)? If so, switch to the update keycloak-connect (version 0.0.17) here. There was a problem with the previous version by which the npm package didn't match the updated version on Git, resulting in the above error.Oedipus
Yup im using the latest version. This is actually my server/boot/root.js fileYahwistic
Yep, but still no luck :( I just posted this, any ideas? #37056589Yahwistic

© 2022 - 2024 — McMap. All rights reserved.