search

mauriciovigolo / keycloak-angular

Easy Keycloak setup for Angular applications.
MIT License
730 stars 280 forks source link

Issue with spring-cloud-gateway #500

Open cnestor1 opened 1 year ago

cnestor1 commented 1 year ago

Bug Report or Feature Request (mark with an x)

- [ ] bug report -> please search for issues before submitting
- [ ] feature request

Versions.

keycloak-angular: 13.0.0 angular: 15.2.7 keycloak: 12.0.4 spring-cloud-gateway: 3.1.6

Repro steps.

I have the following configuration in my Angular app:

keycloak.init({
              config: {
                // url: 'http://localhost:8080/auth',
                url: window.location.origin + '/auth',
                realm: 'angular-app-realm',
                clientId: 'angular-js-app-client',
              },
              initOptions: {
                onLoad: 'login-required',
              },
              loadUserProfileAtStartUp: true,
              bearerExcludedUrls: ['']
            }))

Keycloak is running on port 8080. If I use url: 'http://localhost:8080/auth',

The login process is fine. If I go through the spring-cloud-gateway url: window.location.origin + '/auth to reach Keycloak, I have the following error:

The log given by the failure.

Refused to display 'http://localhost:4200/' in a frame because it set 'X-Frame-Options' to 'deny'.

The issue is:

https://127.0.0.1:8085/auth/realms/IzoaKeycloak/protocol/openid-connect/3p-cookies/step1.html When this call goes through the gateway, it addsX-Frame-Options as DENY and I have a blank page as a result.

The same call through the Keycloak server directly doesn't contain the X-Frmae-Options header. http://127.0.0.1:8080/auth/realms/IzoaKeycloak/protocol/openid-connect/3p-cookies/step1.html

What is the recommended url to reach the Keycloak server? I would rather not expose its port directly and reach it through the gateway.