Uploaded image for project: 'WildFly'
  1. WildFly
  2. WFLY-15633

OIDC client adapter doesn't work with Bearer tokens.


    • Icon: Bug Bug
    • Resolution: Duplicate
    • Icon: Major Major
    • None
    • 25.0.0.Final, 25.0.1.Final
    • REST, Security
    • None
    • Migration

      This issue is similar to WFLY-15485.

      After upgrading from 24 to 25 and switching from the Keycloak client adaptor to the built-in OIDC client adapter, the REST services can't be accessed by using the header Authorization: Bearer access_token.  The setup initially uses the web login (redirect to Keycloak) to obtain the access token (via code grant) so, unlike WFLY-15485, the setup is not a bearer-only.  Nevertheless, doing a simple GET to the REST service with a valid access token returns with a 200 OK status, but the content is the HTML body of the login page. 



      • The same Keycloak 15.0.2 server is used for testing between Wildfly 24 and 25.
      • Browser access works fine and calling the same simple REST service via the browser works as well.
      • REST services with no auth-constraints (used as public web-hooks) work fine.

            fjuma1@redhat.com Farah Juma
            tristann9@gmail.com Tristan Everitt (Inactive)
            4 Vote for this issue
            4 Start watching this issue