I've recently been using Keycloak for my Angular web app and I have encountered an error or a bug, perhaps.
I tried pressing regenerate registration access token in the master realm as in the screenshot below.
Keycloak server client panel (testing purposes)
But after that, the admin panel started crashing with constant refreshes (infinite loop) and the following error getting posted: keycloak error
I don't know what to do. Is there a way of reseting my keycloak without losing my data / settings?
My problem is similar to this one: keycloak keep on refreshing after login. Sadly it does not have comments this is why I'm asking for help.
Thank you!
Update: I have tried the
checkLoginIframe: false
solution in my angular app but it is still stuck in the infinite loop
Related
I am currently experiencing an issue regarding JWT refreshing causing a 401 and thus a logout on the client-side. A JWT refresh token that was once used is discarded and can't be used for subsequent refreshes, that seems to be the standard so that's what I'm going with, however it's possible that you send out a JWT refresh and by the time the JWT refresh response comes back that the app (Android or iOS) is already shut down. This causes that the next time you open the app that you're using an outdated JWT token causing a 401.
This has been shown to happen when you accidentally open the app, notice you opened the wrong app and by the time you closed it already sent out a refresh on the JWT token but you close it early enough for the response to never come back (this issue is exacerbated when you have a weak internet connection as the response time is even bigger) and thus next time you send out a refresh the refresh JWT is no longer valid.
If it helps the situation in any way, we're developing the app in Flutter/Dart for both Android, iOS and Web. The server-side is created using NodeJS and Express.
This can also happen if you just close the app when the app just sent out a refresh token after normal usage of the app so this seems like an edge-case that I am not sure how to fix.
Previously we used Firebase Auth for the app, but we moved away from that, and Firebase Auth seemed to never log out users due to issues like this so there must be a solution, only I don't know what the solution would be.
Is there anything I am missing that could help solve this edge-case?
Thank you for your time!
I need help in clearing the user session in an Auth0 flutter app.
The problem is I have gone through the necessary procedures but whenever I log out from the app and log in again, I'm unable to enter the credentials to log me back into the app. It just logs me in as if the user session has been stored somewhere even after calling the secureStorage.deleteAll() function. I added the login prompt but the problem still persists.
Any help will be deeply appreciated
EDIT...
I'm using flutter_secure_storage and flutter_appauth packages
Clearing the application session is not enough, logout also from Auth0.
See step 2. Auth0 Session Layer for details.
I watched the recent Youtube video intro to Keycloak and have been following along with the examples used here: https://github.com/stianst/keycloak-containers-demo
I have it all working fine, and I am trying to test what this might look like with more applications. So I have added an additional Jenkins app to the mix and configured it to use the OIDC plugin for authentication. Was easy and works great. So now I have one realm with two clients, jenkins and the js-console. I am seeing some unexpected behaviors and wondering if I am doing something wrong or just have a fundamental misunderstanding about what Keycloak can provide.
I am not getting SSO. If I access the js-console app and login and then open the URL for Jenkins I am redirected to Keycloak and have to login again. I was expecting SSO to happen here. Doesn't Keycloak set a cookie or something so that I would be logged in to the second app? Thinking out loud .. could the fact that I am not using SSL be the issue? Maybe the cookie is marked as secure?
I went ahead and added Github login like in the demo. From what I can tell this will only work with one client. Both my clients get the same login screen so both have the login with Github option available, but the redirect URL's can only be configured for one of the clients. Is there a solution for this so that you could have many clients sharing the same realm and allow login via social login?
I would like to eventually test a SAML provider like Okta and am wondering if I will run into the same problem with that as I did with Github?
We faced with issue originally on the BB app. We stuck in browser whenever we use auth URL:
http://www.facebook.com/dialog/oauth?scope=publish_stream%2Coffline_access&redirect_uri=http%3A%2F%2Fwww.facebook.com%2Fconnect%2Flogin_success.html&response_type=token&display=touch&client_id=127229817336080
Interesting what is wrong with the response because even desktop browser stuck.
We submitted issue to FB but still are looking for workaround. Any thoughts/ideas are appreciated.
Nothing wrong here, I just authed your app without problems....
whats wrong ?
i just installed your app with 2 extra permissions (posting as me & offline access token)
(just remember offline access token will be not available try to use long time tokens )
Even we faced similar type of problems in authenticating our FB App. Authentication window use to hang up and nothing use to happen and symptoms were same as you are facing. Probably this may not be the answer to your problem but it might be worth knowing that FB SDK have such issues if your application runs on non-standard ports. The standard ports are 80 and 443. Once we started running our app on these ports the error was gone.
I am using the standard commenting link and facebook api from github. For some reason today it decided that any page with comments will go into an infinite refresh. I added the line for Oauth 2 and it didn't solve the problem.
It has worked fine for several months, but the problem started today for no reason. Only happens when the person is logged into facebook.
Most commonly I find this occurs because something in the session borked up.
So you have a partial connection and it loops to complete the connection but its expired and doesn't clean down properly.
Clearing your session cookies and restarting the session, and it not looping will indicate this is the problem and additional code will need to be added to detect a bad/partial session.
Possibly just a bug in the code, or a temporary problem with the Facebook API.