Uploaded image for project: 'Keycloak'
  1. Keycloak
  2. KEYCLOAK-10264

Node js Adapter // Ajax Calls Redirect (302) Issue

    XMLWordPrintable

Details

    • Bug
    • Status: Closed
    • Major
    • Resolution: Obsolete
    • 8.0.1
    • Backlog
    • Adapter - Node.js
    • None
    • Hide

      I have uploaded a folder that contains the base Keycloak node-js example updated in order to reproduce the problem. Inside that folder there is a document that i am writing all the steps in order to reproduce the bug and also a workaround that i found for this issue.

      As far as the affected versions i believe the all the keycloak-connect NPM modules do the same thing in the middle-ware function. I have checked the version 4.7 and the version 6.0.1 and they both have this issue.

      In addition i noticed that there is another Jira ticket for this issue here https://issues.jboss.org/browse/KEYCLOAK-2962?jql=project%20%3D%20KEYCLOAK%20AND%20text%20~%20JSF that never got resolved. Hopefully if we solve the problem here we can resolve and the other one.

      Show
      I have uploaded a folder that contains the base Keycloak node-js example updated in order to reproduce the problem. Inside that folder there is a document that i am writing all the steps in order to reproduce the bug and also a workaround that i found for this issue. As far as the affected versions i believe the all the keycloak-connect NPM modules do the same thing in the middle-ware function. I have checked the version 4.7 and the version 6.0.1 and they both have this issue. In addition i noticed that there is another Jira ticket for this issue here https://issues.jboss.org/browse/KEYCLOAK-2962?jql=project%20%3D%20KEYCLOAK%20AND%20text%20~%20JSF that never got resolved. Hopefully if we solve the problem here we can resolve and the other one.
    • NEW
    • NEW

    Description

      When you try to do an AJAX Request to a back-end API that uses the node-js-adapter of keycloak ( https://github.com/keycloak/keycloak-nodejs-connect )
      with an expired token, then the middle-ware tries to redirect to the login page but unfortunately ajax cant handle the 302 redirect from the middle-ware.

      After searching through the code of the middle-ware i found that this is happening in the forceLogin function in the protect.js file.

      One workaround that i found in order to solve this problem is to check if the request is typeof xhr and then send 401. By doing that the browser will redirect to login page. Of course i dont know if that is the correct way of doing that and for that i am opening a ticket.
      // Code that was added to forceLogin Function
      if(request.xhr)

      { response.sendStatus(401) }

      else

      { response.redirect(loginURL); }

      Attachments

        Activity

          People

            Unassigned Unassigned
            kschoinas konstantinos Schoinas (Inactive)
            Votes:
            1 Vote for this issue
            Watchers:
            4 Start watching this issue

            Dates

              Created:
              Updated:
              Resolved: