Closed brucetony closed 3 months ago
brucetony
commented
3 months ago This issue derives from cookies being blocked by the browser when not using HTTPS domains. This does not occur when using localhost or 0.0.0.0 or 127.0.0.1 (all are allowed to be http), but custom domains without SSL certificates cause the browser to refuse passing the oidc cookie in an insecure manner. Perhaps a solution can be found, but for now the oidc-client-ts was implemented for the workshop
brucetony
commented
3 months ago This turned out to be a combination of a couple things, but the original problem of it not working when keycloak isn't secure remains. However, I realized that if all ports are forwarded from k8s, this error also occurred because the UI containers in k8s could not contact the keycloak container. I worked around this by specifying different keycloak endpoints depending on if the user needs access (e.g. in browser) or if the UI just needs to contact the keycloak service directly within k8s to get the JWT.
There is an issue when logging in when using docker or k8s. It tries to use the callback page, but fails