node.jsexpresspostmankeycloakkeycloak-connect

I get keycloak login page while making an api call

I have an Node.js express app like this

require('dotenv').config();
const bodyParser = require('body-parser');

const express = require('express');
const {NodeAdapter} = require('ef-keycloak-connect');
const mongoose = require('mongoose');
const cors=require("cors");
const session = require('express-session');

const memoryStore = new session.MemoryStore();

const app = express();

const config = {
  "realm": "project-realm",
  "auth-server-url": "http://localhost:8080/",
  "ssl-required": "external",
  "resource": "project-api",
  "verify-token-audience": true,
  "credentials": {
      "secret": "pBjUYsFPRzjomsh3REeKsAhLJx0TEyWI"
  },
  "confidential-port": 0,
  "policy-enforcer": {}
}

// Keycloak config
const keycloak = new NodeAdapter(config);


app.use(cors({
  origin: '*',
}));

app.options('*', cors());

app.use(bodyParser.json());
app.use(bodyParser.urlencoded({ extended: false }));

app.use(session({
  secret: 'pBjUYsFPRzjomsh3REeKsAhLJx0TEyWI',
  resave: false,
  saveUninitialized: true,
  store: memoryStore
}));

app.use(keycloak.middleware());


const productsRouter = require('./routes/products');
app.use('/products', keycloak.protect(), productsRouter);

const adminRouter = require('./routes/adminRoute');
app.use('/admin', keycloak.protect('admin'), adminRouter);

When I get a token and try to make an API call with postman using the token as token bearer in authorization in the response I get keycloak login page enter image description here

What might be the cause of the problem here?

Solution

  • My keycloak config wrong. I forgot to make a client scope with Audience mapper, give it accurate settings and add it to client.