search

camunda-community-hub / zeebe-client-node-js

Node.js client library for Zeebe Microservices Orchestration Engine
https://camunda-community-hub.github.io/zeebe-client-node-js/
Apache License 2.0
152 stars 38 forks source link

Wrong Content-Type for OAuth #272

Closed AdrianErnstLGLN closed 2 years ago

AdrianErnstLGLN commented 2 years ago

Hello, today our team wanted to use the client together with keycloak. Keycloak expects the request for the token to have its payload with content-type x-www-form-urlencoded following the standard set here: https://openid.net/specs/openid-connect-core-1_0.html#TokenRequest.

The Node client sends the payload as json, so when i try to get a token the gateway responds with 415 Unsupported Media Type Error.

The go-zeebe-client and java-zeebe-client already use x-www-form-urlencoded as well

Here is the package the go-client is using: https://cs.opensource.google/go/x/oauth2/+/f2134210:internal/token.go;drc=f21342109be17cd214ecfcd33065b79cd571673e;l=159

Here is the function the java-zeebe-client is currently using:

private ZeebeClientCredentials fetchCredentials() throws IOException {
    final HttpURLConnection connection =
        (HttpURLConnection) authorizationServerUrl.openConnection();
    connection.setRequestMethod("POST");
    connection.setRequestProperty("Content-Type", "application/x-www-form-urlencoded");
    connection.setRequestProperty("Accept", "application/json");
    connection.setDoOutput(true);
    connection.setReadTimeout(toIntExact(readTimeout.toMillis()));
    connection.setConnectTimeout(toIntExact(connectionTimeout.toMillis()));
    connection.setRequestProperty("User-Agent", "zeebe-client-java/" + VersionUtil.getVersion());

    try (final OutputStream os = connection.getOutputStream()) {
      final byte[] input = payload.getBytes(StandardCharsets.UTF_8);
      os.write(input, 0, input.length);
    }

    if (connection.getResponseCode() != 200) {
      throw new IOException(
          String.format(
              "Failed while requesting access token with status code %d and message %s.",
              connection.getResponseCode(), connection.getResponseMessage()));
    }

    try (final InputStream in = connection.getInputStream();
        final InputStreamReader reader = new InputStreamReader(in, StandardCharsets.UTF_8)) {
      final ZeebeClientCredentials fetchedCredentials = CREDENTIALS_READER.readValue(reader);

      if (fetchedCredentials == null) {
        throw new IOException("Expected valid credentials but got null instead.");
      }

      return fetchedCredentials;
    }

Expected Behavior

Should send the payload to the Identity Provider using the correct Payload Content-Type

Current Behavior

Client sends the payload as json, and receives 415 Unsupported Media Type Error.

Possible Solution

Change the content-type to x-www-form-urlencoded and change the payload to form format. A Pull Request with the changes will follow shortly.

Steps to Reproduce

  1. Deploy Keycloak
  2. Create Keycloak-Client, Client-Secret, etc.
  3. Add Keycloak data to zeebe-client Constructor
  4. Try to authenticate using the zeebe-client