Handle csrf_detected error with omniauth and Keycloak
I am currently trying to use keycloak with a rails app using omniauth but without devise.
So here is my configuration:
Keycloak v22.0.3
omniauth-keycloak v1.5.1
omniauth v2.1.1
I followed everything from the omniauth and the keycloak-strategie documentation but I am currently facing an issue.
When I try to login my user, I received this error:
I tried to implement the rack_csrf from the omniauth documentation but it still does not work.
https://github.com/omniauth/omniauth#rack_csrf
my config/initializers/omniauth.rb file look like:
Rails.application.config.middleware.use OmniAuth::Builder do
options = {
site: 'http://localhost:8080', # L'URL de base de Keycloak
realm: 'SecondRealm', # Le nom de votre realm Keycloak
base_url: ''
}
provider :keycloak_openid, 'localApp', Rails.application.credentials.keycloak.client_secret, client_options: options,
name: 'keycloak'
end
OmniAuth::AuthenticityTokenProtection.default_options(key: "csrf.token", authenticity_param: "_csrf")
but it still does not work
So I tried to change the session management still from the omniauth documentation:
https://github.com/omniauth/omniauth#rails-api
My config/application.rb file look like that:
require_relative "boot"
require "rails/all"
Bundler.require(*Rails.groups)
module PocRailsReactKeycloak
class Application < Rails::Application
config.load_defaults 7.0
config.session_store :cookie_store, key: '_interslice_session'
config.middleware.use ActionDispatch::Cookies # Required for all session management
config.middleware.use ActionDispatch::Session::CookieStore, config.session_options
end
end
But it is still not working...
So if anyone has any clue about what can I do in order to make it work?
I have implemented this in Rails 7 application. I have used below gems for this
gem 'keycloak-api-rails',
gem 'omniauth',
gem 'omniauth-keycloak',
gem 'omniauth-rails_csrf_protection'
I think you need to add omniauth-rails_csrf_protection gem. Additionally while generating the login URL I have created state using SecureRandom.hex and stored it to session['omniauth.state'] = state and passed same state to login URL of Keycloak as well.
- How can I make Tailwind work on my component
- Generating an I18n attribute in a json jbuilder flow
- Two Ways to Include Associated Models in a Serializer
- How to automatically derive foreign key column names with polymorphic associations?
- Got the right node with Nokogiri, but need to search further
- How to set view context in Rails?
- Rails trying to connect to postgresql on port 5432, but it's configured for 5433
- Scraping all of the URLS of a page
- RESTful API Suggestions
- Rails: Undefined method `flash' for ActionDispatch::Request
- Rails: Converting URL strings to params?
- RapidAPI: undefined method `get_company' for "FB":String
- Check if record does NOT exist in Rails (from array of ids)?
- Grover.to_pdf: ReadableStream is not defined
- Webpacker can't find application.js in /app/public/packs/manifest.json and I can't precompile assets after deleting node_modules folder
- How are IDs for fixtures generated?
- Form does not get Submitted via Mechanize
- How do I ensure a Rails form submits only once after validating all fields?
- Path helpers generate paths with dots instead of slashes
- download github zip file and display contents in web app
- Rails money round cents up
- Rails form_with-helper: What is a :scope?
- Rails 7 asset pipeline SassC::SyntaxError with Tailwind
- Rails 7 error during application start - Zeitwerk-related errors
- Define and use a function within the same HAML file
- Invalid rendering array with locals and as by PropsTemplate gem
- Disqus Ajax is not taking different thread for diffrent posts in ruby on rails
- skip validation in parent class
- Rails: Form that sets up default values for an object?
- Rails strange parameter added on POST request