tuxiem / aspnetcore-keycloak Goto Github PK
View Code? Open in Web Editor NEWAuthorization with AspNetCore and Keycloak
License: GNU General Public License v3.0
aspnetcore-keycloak's People
Contributors
Stargazers
Watchers
Forkers
nanofabricfx christianponzoni-quix yvansuen fraternities welshdave fpasseggieri enrio damianzych alexandros-lykourgos rcarneironet devbox10 willassis pedrostefanogv charltonmartin-qc carlosmachel dsmila nakunxuanviet dev-hassan bensnead skillorganazer flaviotron donhuvy dlandi davidoster fbadaro jlnovais clementine72 fendamear simo061991 philaden huic-elm fahimalii 907080752 jarrydk chrisgya minhhungit dev-thinks dominikanetz santisjp jcii azzam2futuerdev mostafahassan101 frankodoom ivanwr1995 dgnoztrk lulzzz emmaroland32 sufyloo z3roco0l pgrondin27 pkuehnelaspnetcore-keycloak's Issues
Cannot access user and admin
I already set up with instructions, but not working.
It just show Access Denied
KeyCloak configuration
Whilst I get the project to compile, I consistently get an access denied error. This leads me to believe that something is not configured correctly on the keycloak console side. The readme doesnt contain what to actually configure with regards to roles, policies, claims, etc. The only mention of this is the Role Mapper but nothing else. Can you please provide how to configure a user in its entirety over and above the role mapper?
Is that possible to change realm before redirecting to keycloak?
Thanks tuxiem, the project saves me a lot of time. But I am still looking for a solution that a user could redirect to the correct realm of keycloak according to his username, is that possible?
The SSL connection could not be established, see inner exception
Can some one help me with this one? (.net 6 - Ubuntu)
IOException: Cannot determine the frame size or a corrupted frame was received.
System.Net.Security.SslStream.GetFrameSize(ReadOnlySpan<byte> buffer)
HttpRequestException: The SSL connection could not be established, see inner exception.
System.Net.Http.ConnectHelper.EstablishSslConnectionAsync(SslClientAuthenticationOptions sslOptions, HttpRequestMessage request, bool async, Stream stream, CancellationToken cancellationToken)
IOException: IDX20804: Unable to retrieve document from: '[PII of type 'System.String' is hidden. For more details, see https://aka.ms/IdentityModel/PII.]'.
Microsoft.IdentityModel.Protocols.HttpDocumentRetriever.GetDocumentAsync(string address, CancellationToken cancel)
InvalidOperationException: IDX20803: Unable to obtain configuration from: '[PII of type 'System.String' is hidden. For more details, see https://aka.ms/IdentityModel/PII.]'.
Microsoft.IdentityModel.Protocols.ConfigurationManager<T>.GetConfigurationAsync(CancellationToken cancel)
IOException: Cannot determine the frame size or a corrupted frame was received.
System.Net.Security.SslStream.GetFrameSize(ReadOnlySpan<byte> buffer)
System.Net.Security.SslStream.ReceiveBlobAsync<TIOAdapter>(TIOAdapter adapter)
System.Threading.Tasks.ValueTask<TResult>.get_Result()
System.Runtime.CompilerServices.ConfiguredValueTaskAwaitable<TResult>+ConfiguredValueTaskAwaiter.GetResult()
System.Net.Security.SslStream.ForceAuthenticationAsync<TIOAdapter>(TIOAdapter adapter, bool receiveFirst, byte[] reAuthenticationData, bool isApm)
System.Net.Http.ConnectHelper.EstablishSslConnectionAsync(SslClientAuthenticationOptions sslOptions, HttpRequestMessage request, bool async, Stream stream, CancellationToken cancellationToken)
HttpRequestException: The SSL connection could not be established, see inner exception.
System.Net.Http.ConnectHelper.EstablishSslConnectionAsync(SslClientAuthenticationOptions sslOptions, HttpRequestMessage request, bool async, Stream stream, CancellationToken cancellationToken)
System.Threading.Tasks.ValueTask<TResult>.get_Result()
System.Runtime.CompilerServices.ConfiguredValueTaskAwaitable<TResult>+ConfiguredValueTaskAwaiter.GetResult()
System.Net.Http.HttpConnectionPool.ConnectAsync(HttpRequestMessage request, bool async, CancellationToken cancellationToken)
System.Threading.Tasks.ValueTask<TResult>.get_Result()
System.Runtime.CompilerServices.ConfiguredValueTaskAwaitable<TResult>+ConfiguredValueTaskAwaiter.GetResult()
System.Net.Http.HttpConnectionPool.CreateHttp11ConnectionAsync(HttpRequestMessage request, bool async, CancellationToken cancellationToken)
System.Threading.Tasks.ValueTask<TResult>.get_Result()
System.Runtime.CompilerServices.ConfiguredValueTaskAwaitable<TResult>+ConfiguredValueTaskAwaiter.GetResult()
System.Net.Http.HttpConnectionPool.AddHttp11ConnectionAsync(HttpRequestMessage request)
System.Threading.Tasks.TaskCompletionSourceWithCancellation<T>.WaitWithCancellationAsync(CancellationToken cancellationToken)
System.Threading.Tasks.ValueTask<TResult>.get_Result()
System.Runtime.CompilerServices.ConfiguredValueTaskAwaitable<TResult>+ConfiguredValueTaskAwaiter.GetResult()
System.Net.Http.HttpConnectionPool.GetHttp11ConnectionAsync(HttpRequestMessage request, bool async, CancellationToken cancellationToken)
System.Threading.Tasks.ValueTask<TResult>.get_Result()
System.Runtime.CompilerServices.ConfiguredValueTaskAwaitable<TResult>+ConfiguredValueTaskAwaiter.GetResult()
System.Net.Http.HttpConnectionPool.SendWithVersionDetectionAndRetryAsync(HttpRequestMessage request, bool async, bool doRequestAuth, CancellationToken cancellationToken)
System.Net.Http.DiagnosticsHandler.SendAsyncCore(HttpRequestMessage request, bool async, CancellationToken cancellationToken)
System.Threading.Tasks.ValueTask<TResult>.get_Result()
System.Runtime.CompilerServices.ConfiguredValueTaskAwaitable<TResult>+ConfiguredValueTaskAwaiter.GetResult()
System.Net.Http.RedirectHandler.SendAsync(HttpRequestMessage request, bool async, CancellationToken cancellationToken)
System.Net.Http.HttpClient.<SendAsync>g__Core|83_0(HttpRequestMessage request, HttpCompletionOption completionOption, CancellationTokenSource cts, bool disposeCts, CancellationTokenSource pendingRequestsCts, CancellationToken originalCancellationToken)
Microsoft.IdentityModel.Protocols.HttpDocumentRetriever.GetDocumentAsync(string address, CancellationToken cancel)
IOException: IDX20804: Unable to retrieve document from: '[PII of type 'System.String' is hidden. For more details, see
https://aka.ms/IdentityModel/PII
Microsoft.IdentityModel.Protocols.HttpDocumentRetriever.GetDocumentAsync(string address, CancellationToken cancel)
Microsoft.IdentityModel.Protocols.OpenIdConnect.OpenIdConnectConfigurationRetriever.GetAsync(string address, IDocumentRetriever retriever, CancellationToken cancel)
Microsoft.IdentityModel.Protocols.ConfigurationManager<T>.GetConfigurationAsync(CancellationToken cancel)
InvalidOperationException: IDX20803: Unable to obtain configuration from: '[PII of type 'System.String' is hidden. For more details
see https://aka.ms/IdentityModel/PII.
Microsoft.IdentityModel.Protocols.ConfigurationManager<T>.GetConfigurationAsync(CancellationToken cancel)
Microsoft.AspNetCore.Authentication.OpenIdConnect.OpenIdConnectHandler.HandleChallengeAsyncInternal(AuthenticationProperties properties)
Microsoft.AspNetCore.Authentication.OpenIdConnect.OpenIdConnectHandler.HandleChallengeAsync(AuthenticationProperties properties)
Microsoft.AspNetCore.Authentication.AuthenticationHandler<TOptions>.ChallengeAsync(AuthenticationProperties properties)
Microsoft.AspNetCore.Authentication.AuthenticationService.ChallengeAsync(HttpContext context, string scheme, AuthenticationProperties properties)
Microsoft.AspNetCore.Authorization.Policy.AuthorizationMiddlewareResultHandler.HandleAsync(RequestDelegate next, HttpContext context, AuthorizationPolicy policy, PolicyAuthorizationResult authorizeResult)
Microsoft.AspNetCore.Authorization.AuthorizationMiddleware.Invoke(HttpContext context)
Microsoft.AspNetCore.Authentication.AuthenticationMiddleware.Invoke(HttpContext context)
Microsoft.AspNetCore.Diagnostics.DeveloperExceptionPageMiddleware.Invoke(HttpContext context)
Request for advice on how to update context Tokens after refresh routine
Hi! Awesome work on this guide. I'm looking at ASP Net Core 7 version of the project which you added recently.
How to update the outcome of await context.GetTokenAsync("access_token")?
I have sort of middleware similar to below which takes care of renewing tokens if necessary:
public async Task InvokeAsync(HttpContext context)
{
// if not authenticated then just execute to next middleware and return
if (context.User.Identity?.IsAuthenticated != true)
{
await _next(context);
return;
}
// get username, for keycloak you need to regex this to get the clean username
var currentUserName = context.User.FindFirst(ClaimTypes.NameIdentifier)?.Value;
// logs an error so it's easier to find - thanks debug.
if (currentUserName != null) _logger.LogInformation($"Current user: {currentUserName}");
//Debug this line of code if you want to validate the content jwt.io
var accessToken = await context.GetTokenAsync("access_token");
var idToken = await context.GetTokenAsync("id_token");
var refreshToken = await context.GetTokenAsync("refresh_token");
// check if accessToken is expired
if (IsTokenExpired(accessToken))
{
var newAccessToken = await GetRefreshTokenAsync(refreshToken);
var serviceAccessToken = await GetTokenExchangeAsync(newAccessToken);
_logger.LogInformation("Access token is expired, refreshing token");
// how to update the outcome of `await context.GetTokenAsync("access_token")`?
}
// Call the next delegate/middleware in the pipeline.
await _next(context);
}Full code for middleware: https://gist.github.com/bangonkali/f3bf3641653bc41e24dd7560bd2e6c74
You can then apply this on your app using the following:
app.UseTokenExchange();Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
๐ Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. ๐๐๐
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google โค๏ธ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.