I'm having a problem using the connect-keycloak middleware with NodeJS, and there appears to be very little documentation online from people who have used it. This is based on 'A Full Example' from the official docs found here: http://keycloak.github.io/keycloak-nodejs/connect/
I am getting an unexpected error when testing with curl, relating to an undefined 'keycloak-token'. I can't find any references to this in my code or the source, nor anyone else with the same problem online. Can anyone see what I'm doing wrong?
The connect-keycloak object is included and instantiated as expected:
// app.js:
// module dependencies
var request = require('sync-request');
var fs = require('fs');
var restify = require('restify');
var Keycloak = require('connect-keycloak');
var session = require('express-session');
var memoryStore = new session.MemoryStore();
// Keycloak
var keycloak = new Keycloak({ store: memoryStore });
And the middleware is used:
var server = restify.createServer({
name: 'name',
version: '1.0.0'
});
server.use(restify.acceptParser(server.acceptable));
server.use(restify.queryParser());
server.use(restify.bodyParser());
server.use(keycloak.middleware({ logout: '/logout', admin: '/' }));
server.use(session({
secret: 'secret',
resave: false,
saveUninitialized: true,
store: memoryStore
}));
And the keycloak.protect method is in place:
server.get(/.*/, keycloak.protect(), restify.serveStatic({
'directory': './html',
'default': 'index.html'
}));
Yet this curl test:
curl -H "Content-Type: application/json" -X POST -d '{"query":"test"}' http://localhost:3000/trust-me-on-the-url-being-correct/thanks -i
Produces this unusual error (not the error I was hoping for):
POST -d '{"query":"car"}' http://localhost:3000/rest/keywords -i
HTTP/1.1 500 Internal Server Error
Content-Type: application/json
Content-Length: 87
Date: Thu, 03 Dec 2015 02:05:40 GMT
Connection: keep-alive
{"code":"InternalError","message":"Cannot read property 'keycloak-token' of undefined"}[addamnilemartin@localhost keyword]$
Keycloak.json is included in the same directory as app.js and should definitely not be the cause of the problem.
UPDATE:
I realised this was missing and added it:
// set session for keycloak
server.use(session({
secret: 'fsd78d7gdfgds',
resave: false,
saveUninitialized: true,
store: memoryStore
}));
Now the response when my POST had keycloak.protect() the error is:
curl -H "Content-Type: application/json" -X POST -d '{"query":"car"}' http://localhost:3000/blah/blah -i
curl: (52) Empty reply from server
Without keycloak.protect the response is the expected JSON, of course, as there is no attempt at authetication.
As it turns out, there was nothing wrong with this code. The problem was that the node modules I had installed via npm were out-dated, to a time before this middle-ware supported bearer-only authentication.
Moral of the story: keep your repositories up to date!
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With