Menu
I'm trying to authenticate my flutter app to keycloak through openid_client
following the repo example, I've wrote an authentication function like this
authenticate() async {
// parameters here just for the sake of the question
var uri = Uri.parse('https://keycloak-url/auth/realms/myrealm');
var clientId = 'my_client_id';
var scopes = List<String>.of(['openid', 'profile']);
var port = 4200;
var redirectUri = Uri.parse('http://localhost:4200');
var issuer = await Issuer.discover(uri);
var client = new Client(issuer, clientId);
urlLauncher(String url) async {
if (await canLaunch(url)) {
await launch(url, forceWebView: true);
} else {
throw 'Could not launch $url';
}
}
var authenticator = new Authenticator(client,
scopes: scopes,
port: port,
urlLancher: urlLauncher,
redirectUri: redirectUri);
var c = await authenticator.authorize();
closeWebView();
var token= await c.getTokenResponse();
print(token);
return token;
}
when I call the function, a webview popup appears and I can login through keycloak, but when the popup closes I get this error at the c.getTokenResponse():
Exception has occurred. NoSuchMethodError (NoSuchMethodError: The getter 'length' was called on null. Receiver: null Tried calling: length)
inspecting the Credential c, I can see that the TokenResponse has only "state", "session_state" and "code" fields
what am I missing?
366
The Keycloak authentication module is a pre-configured OAuth 2.0 auth module that lets users log in to Hub and any connected service with their Keycloak credentials.
Keycloak supports both OpenID Connect (an extension to OAuth 2.0) and SAML 2.0. When securing clients and services the first thing you need to decide is which of the two you are going to use. If you want you can also choose to secure some with OpenID Connect and others with SAML.
I've been answered on github (link), so I'll copy the solution here:
On mobile devices you should use the PKCE flow. This is automatically selected when you omit the redirect uri in the Authenticator constructor.
So, it should be:
var authenticator = new Authenticator(client,
scopes: scopes,
port: port,
urlLancher: urlLauncher,);
Make sure you add the uri http://localhost:4200/ (including the trailing slash) to Valid Redirect URIs in keycloak.
Make sure you add the uri http://localhost:4200/ (including the trailing slash) to Valid Redirect URIs in keycloak.
154
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With