search

robsontenorio / laravel-keycloak-guard

🔑 Simple Keycloak Guard for Laravel
MIT License
434 stars 141 forks source link

[Keycloak error] Wrong number of segements #43

Closed mehrdad-shokri closed 3 years ago

mehrdad-shokri commented 3 years ago

I've successfully obtained an access token as follow: eyJhbGciOiJSUzI1NiIsInR5cCIgOiAiSldUIiwia2lkIiA6ICJSNnpnSXF6dHp4aVlVY25aR2JmOHBfLU5jams1VmhqNGprUzNndXdCb0pJIn0.eyJleHAiOjE2MjAyNTEyMTUsImlhdCI6MTYxNzY1OTIxNSwiYXV0aF90aW1lIjoxNjE3NjU3NDcwLCJqdGkiOiJiMDVjY2NjMi03N2RjLTQ3NmEtOGY2NS1jZDA1ZTc3OWFkOTUiLCJpc3MiOiJodHRwOi8vZGV2LnNoYW5iZS5pbzo4MDgwL2F1dGgvcmVhbG1zL3NoYW5iZSIsImF1ZCI6ImFjY291bnQiLCJzdWIiOiJkNTVkNzZhYS0wODY3LTQwZGUtYTVmNS00NTU4MWMyODhkNTIiLCJ0eXAiOiJCZWFyZXIiLCJhenAiOiJzaGFuYmUtYXBwIiwic2Vzc2lvbl9zdGF0ZSI6ImVlOWU4YzM3LWRlYmEtNDU5YS05OThiLWNhOWQ1OGRlMTZkZSIsImFjciI6IjEiLCJyZWFsbV9hY2Nlc3MiOnsicm9sZXMiOlsib2ZmbGluZV9hY2Nlc3MiLCJ1bWFfYXV0aG9yaXphdGlvbiJdfSwicmVzb3VyY2VfYWNjZXNzIjp7ImFjY291bnQiOnsicm9sZXMiOlsibWFuYWdlLWFjY291bnQiLCJtYW5hZ2UtYWNjb3VudC1saW5rcyIsInZpZXctcHJvZmlsZSJdfX0sInNjb3BlIjoib3BlbmlkIHByb2ZpbGUgb2ZmbGluZV9hY2Nlc3MgZW1haWwiLCJlbWFpbF92ZXJpZmllZCI6dHJ1ZSwibmFtZSI6Ik1laHJkYWQgU2hva3JpIiwicHJlZmVycmVkX3VzZXJuYW1lIjoiY29kZS5wb2V0OTVAZ21haWwuY29tIiwiZ2l2ZW5fbmFtZSI6Ik1laHJkYWQiLCJmYW1pbHlfbmFtZSI6IlNob2tyaSIsImVtYWlsIjoiY29kZS5wb2V0OTVAZ21 apparently firebase/jwt checks for . to segment token and this token has 1 . so 2 segments is generated(it should be 3)
Does keycloak has a special config to generate 3 segments? as far as I know this is an open id connect access token And I don't have any idea why it doesn't have 2 dots in it.

robsontenorio commented 3 years ago

What would be your use case? Because that is a valid Bearer token and can be used to request your API.

mehrdad-shokri commented 3 years ago

@robsontenorio I'm getting my token from a mobile app and sending request to my API with access token as Bearer token in Authorization token. But I get error. I've checked my Keycloak public key to be correct too.

robsontenorio commented 3 years ago

The mobile app it self get a token from a Keycloak Server?

That errors happens when the token you are providing to Laravel Keycloak guard is not in proper format.

mehrdad-shokri commented 3 years ago

@robsontenorio yes it does. Actually, when I send this request to my laravel app from mobile app itself everything works as expected but if I copy the access token and send it myself with Postman, it doesn't work! I don't know the reason but since there isn't any problem with this lib I'm going to close this.