Route [keycloak.callback] not defined. - AuthServiceProvider

mariovalney / laravel-keycloak-web-guard

Simple Keycloak Guard to Laravel Web Routes - https://packagist.org/packages/vizir/laravel-keycloak-web-guard

146 stars 80 forks source link

Route [keycloak.callback] not defined. - AuthServiceProvider #45

Closed thomas2312 closed 3 years ago

thomas2312 commented 3 years ago

Hi.

I have the following Probem: I am trying to use the Laravel Authorization Gate in the boot method of the AuthServiceProvider.php

 public function boot(){
       $this->registerPolicies();
        if (Gate::denies('keycloak-web', 'auth')) {
            return abort(403);
        }
    }

If I try to access the page, I always get "Route [keycloak.callback] not defined.".

The following routes are defined in the the web.php:

Route::get('/login', [\Vizir\KeycloakWebGuard\Controllers\AuthController::class, 'login'])->name('keycloak.login');
Route::get('/callback', [\Vizir\KeycloakWebGuard\Controllers\AuthController::class, 'callback'])->name('keycloak.callback');
Route::post('/logout', [\Vizir\KeycloakWebGuard\Controllers\AuthController::class, 'logout'])->name('keycloak.logout');

Can you tell me, why the route is not definied?

mariovalney commented 3 years ago

Hi. Would you please try to run php artisan route:clear ?

https://stackoverflow.com/a/37879020

thomas2312 commented 3 years ago

It is not possible to do run php artisan route:clear, because I also get this Exception:

 Symfony\Component\Routing\Exception\RouteNotFoundException 

  Route [keycloak.callback] not defined.

  at C:\xampp\htdocs\laravel\vendor\laravel\framework\src\Illuminate\Routing\UrlGenerator.php:429

I can run the command, but I have to remove the following code from the AuthServiceProvider.php before:

 if (Gate::denies('keycloak-web', 'auth')) {
      return abort(403);
 }

But that was not the solution of my problem.

mariovalney commented 3 years ago

I was not able to reproduce the problem. I have two routes to check just login and to check Gate in my example environment and everything is OK.

You are not required to use Gate to make sure a URL is private. Indeed you should use gate to check the user has a specific role. In your case, are you trying to check the user has the 'auth' role in Keycloak?

After 5 minutes:

Now I figured you are using Gate in boot method. Why? I guess it's too early.

thomas2312 commented 3 years ago

Yes, a login should be only possible, if the user has the 'auth' role. I want to do this check as soon as possible.

mariovalney commented 3 years ago

Please. Try to do this in controller layer.

thomas2312 commented 3 years ago

Thank you. I solved it with a custom Middleware.