search

mariovalney / laravel-keycloak-web-guard

Simple Keycloak Guard to Laravel Web Routes - https://packagist.org/packages/vizir/laravel-keycloak-web-guard
146 stars 80 forks source link

Unauthenticated after callback #3

Closed nghia-le closed 5 years ago

nghia-le commented 5 years ago

I installed the package and setup as in readme. First time I tried to access my protected page, it redirected me to the keycloak auth page, which was as expected. But after login, it redirected me to the previous page, but then it couldn't authenticate me and finally returning an error exception:

InvalidArgumentException Route [keycloak.login] not defined.

In the vendor\vizir\laravel-keycloak-web-guard\src\Controller\AuthController.php , in the callback(), after if (Auth::validate($token)), i tried to print out Auth:user() then run /login again (to have it go to the keycloak server and run again the token), it printed out the user information properly.

Any idea please?

mariovalney commented 5 years ago

Hi. There are two points here.

First, let's check this "keycloak.login" not defined.

Are you able to check the file and line number it's happening? Which Laravel version are you using?

I just run a fresh Laravel install and it's all ok here. Please, check my files (only the changed code... it's not the complete file):

// app/Providers/RouteServiceProvider.php

protected function mapWebRoutes()
{
    Route::middleware('keycloak-web')
         ->namespace($this->namespace)
         ->group(base_path('routes/web.php'));
}
// config/auth.php

'guards' => [
    'web' => [
        'driver' => 'keycloak-web',
        'provider' => 'users',
    ],
],

'providers' => [
    'users' => [
        'driver' => 'keycloak-users',
        'model' => Vizir\KeycloakWebGuard\Models\KeycloakUser::class,
    ],
],
nghia-le commented 5 years ago

Thank you for the quick support. @mariovalney The "keycloak.login" issue, somehow, it's gone. maybe after i clear cache, view, route in laravel.

I'm using version Laravel 5.7.28. So I have 2 routes, one is the base route "/", this route is public. The other one is "/home", which is protected. For that reason I did not put "keycloak-web" in the mapWebRoutes but remains "web". I put my protected "home" route inside keycloak-web instead:

Route::group(['middleware' => 'keycloak-web'], function () {
    Route::get('/home', 'HomeController@index')->name('home');
});

Now when I first went to "/login" page, it redirected me to the keycloak auth site, which is good. After logging in, it redirected me back to site but with the error "localhost redirected you too many times." . The last route was "/login". I guess it redirected me to the protected route, but failed to authenticate on my site so it redirected me back to the keycloak auth server, but because my session was still there so it redirected again to my protected route and the loop went on.

I tried to debug in the callback() function and found that Auth::validate($token) is true and Auth::user() actually returned my Keycloak user properly.

Mnikoei commented 5 years ago

You should use "web" middleware instead of StartSession::class in KeycloakWebServiceProvider.php registerRoutes() method .

nghia-le commented 5 years ago

You should use "web" middleware instead of StartSession::class in KeycloakWebServiceProvider.php registerRoutes() method .

Excellent. This solves the issue. And this is not written in the readme file. Thank you very much.