Details

    • Story Points:
      3
    • Docs QE Status:
      NEW
    • QE Status:
      NEW

      Description

      File: securing_apps/topics/oidc/nodejs-adapter.adoc

      Documentation says you can check a realm role like:

      keycloak.protect( 'realm:admin' )

       

      However in the below commit this functionality was removed.

      https://github.com/keycloak/keycloak-nodejs-connect/commit/83bea17aff9f4c3d6adcdf88b3f1661be9b92c15#diff-ebff4aa33bf894b7c37bfc5a5d05a932

       

      I have had to add code to my project to work around this:

      function protect(role) {
        return (req, res, next) => {
          if (req.kauth.grant.access_token.hasRealmRole(role)) {
            return next();
          } else {
            return keycloak.accessDenied(req, res)
          }
        };
      }
      
      app.get('/service/admin', keycloak.protect(), protect("admin"), function (req, res) {
        res.json({message: 'admin'});
      });

        Gliffy Diagrams

          Attachments

            Activity

              People

              • Assignee:
                Unassigned
                Reporter:
                jcouperwhite Jamie Couperwhite
              • Votes:
                0 Vote for this issue
                Watchers:
                2 Start watching this issue

                Dates

                • Created:
                  Updated: