Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

Error trying to connect from quarkus to keycloak

Tags:

quarkus

when starting up a quarkus service (v2.1.1), and trying to connect to a keycloak instance (v15.0.1) I am getting the following exception stack trace:

ERROR [io.qua.run.Application] (Quarkus Main Thread) Failed to start application (with profile dev): io.quarkus.oidc.common.runtime.OidcEndpointAccessException
    at io.quarkus.oidc.runtime.OidcProviderClient.getJsonWebKeySet(OidcProviderClient.java:75)
    at io.quarkus.oidc.runtime.OidcProviderClient.lambda$getJsonWebKeySet$0(OidcProviderClient.java:54)
    at io.smallrye.context.impl.wrappers.SlowContextualFunction.apply(SlowContextualFunction.java:21)
    at io.smallrye.mutiny.operators.uni.UniOnItemTransform$UniOnItemTransformProcessor.onItem(UniOnItemTransform.java:36)
    at io.smallrye.mutiny.vertx.AsyncResultUni.lambda$subscribe$1(AsyncResultUni.java:35)
    at io.vertx.mutiny.ext.web.client.HttpRequest$10.handle(HttpRequest.java:717)
    at io.vertx.mutiny.ext.web.client.HttpRequest$10.handle(HttpRequest.java:714)
    at io.vertx.ext.web.client.impl.HttpContext.handleDispatchResponse(HttpContext.java:371)
    at io.vertx.ext.web.client.impl.HttpContext.execute(HttpContext.java:358)
    at io.vertx.ext.web.client.impl.HttpContext.next(HttpContext.java:336)
    at io.vertx.ext.web.client.impl.HttpContext.fire(HttpContext.java:303)
    at io.vertx.ext.web.client.impl.HttpContext.dispatchResponse(HttpContext.java:265)
    at io.vertx.ext.web.client.impl.HttpContext.lambda$null$8(HttpContext.java:520)
    at io.vertx.core.impl.AbstractContext.dispatch(AbstractContext.java:96)
    at io.vertx.core.impl.AbstractContext.dispatch(AbstractContext.java:59)
    at io.vertx.core.impl.EventLoopContext.lambda$runOnContext$0(EventLoopContext.java:37)
    at io.netty.util.concurrent.AbstractEventExecutor.safeExecute(AbstractEventExecutor.java:164)
    at io.netty.util.concurrent.SingleThreadEventExecutor.runAllTasks(SingleThreadEventExecutor.java:472)
    at io.netty.channel.nio.NioEventLoop.run(NioEventLoop.java:497)
    at io.netty.util.concurrent.SingleThreadEventExecutor$4.run(SingleThreadEventExecutor.java:989)
    at io.netty.util.internal.ThreadExecutorMap$2.run(ThreadExecutorMap.java:74)
    at io.netty.util.concurrent.FastThreadLocalRunnable.run(FastThreadLocalRunnable.java:30)
    at java.base/java.lang.Thread.run(Thread.java:832)

Here are the configs I have put:

# OIDC Configuration
quarkus.oidc.auth-server-url=https://<HOST>/auth/realms/<REALM_NAME>
quarkus.oidc.client-id=<CLIENT_ID>
# quarkus.oidc.application-type=service
quarkus.oidc.credentials.secret=<SECRET>
quarkus.oidc.tls.verification=required

# Enable Policy Enforcement
quarkus.keycloak.policy-enforcer.enable=true

Anyone got an idea what's wrong here?

like image 627
ginccc Avatar asked Sep 10 '25 01:09

ginccc

1 Answers

Thanks to a comment above I found this quarkus config here to be helpful:

quarkus.log.min-level=DEBUG
quarkus.log.category."io.quarkus.oidc".level=DEBUG

Which gave me this error:

Caused by: org.keycloak.authorization.client.util.HttpResponseException: Unexpected response from server: 400 / Bad Request / Response from server: {"error":"invalid_client","error_description":"Bearer-only not allowed"}

So clearly, I had misconfigured the client inside keycloak. Too bad the original error message didn't give me that information by default.

like image 119
ginccc Avatar answered Sep 13 '25 11:09

ginccc

Sign in to Comment

Related questions

Logging HTTP requests and responses in quarkus resteasy
Default behavior of REST api. How multiple request to same api is handled
Arjuna warnings in the logs (multiple threads active)

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!