Closed Helena-Rajan closed 5 years ago
I've had good luck using keycloak-hapi
. For testing I will not register the auth plugin if I want to bypass it.
This is a good question, though: what is it about keycloak that makes it hard to bypass when using inject()
? I believe that providing credentials
to inject()
should automatically bypass auth.
I've had good luck using
keycloak-hapi
. For testing I will not register the auth plugin if I want to bypass it.
My routes have auth strategies specified like below:
method: 'GET', path: '/blahblah' config: { auth: { strategies: ['keycloak-jwt'], access: { scope: ['client-1:role-1'] }, handler: (req, h) => { return 'Blah Blah' } }
If I don't register the auth plugin, I'm unable to configure auth strategies for my routes. Getting the below errorr: "assertionError [ERR_ASSERTION]: Unknown authentication strategy keycloak-jwt in "
I'm using hapi 17.2.0 server. I'm using keycloak-jwt as the authentication strategy. Authentication is enabled for all the routes. I'm trying to unit test my hapi js routes using lab. I want to bypass authentication in unit test. So, I'm creating the test server using server.inject() by passing credentials in the options. const res = await server.inject({ method: 'GET', url: '/api/testApi', credentials: { email: 'xxx', name: 'xxx' } }); But, when I execute the test, my end points are failing with 403. Please let me know if I'm doing something wrong and also how to bypass keycloak-jwt based authentication..
Thanks.