Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Question: server side login with redirect? #18

Open
joelkuiper opened this issue Mar 15, 2021 · 2 comments
Open

Question: server side login with redirect? #18

joelkuiper opened this issue Mar 15, 2021 · 2 comments

Comments

@joelkuiper
Copy link

Hey! Great library 😃 , I wasn't aware of keycloak and it seems to be a good fit for my use case so I'm currently evaluating it. I was wondering if there are some pointers on how to get server-side auth with redirects working? Ideally I'd like to have some routes protected with the cookie/session set by Keycloak, and redirect to the login page if those are missing, without having to load the entire client-side library just for that redirect; however I wasn't sure if the library exposes this (couldn't find a "redirect-to-login" or something like it in the docs), or if it's even worth the trouble? Right now I'm using buddy-auth with http-kit, but not entirely set on that if yada would make these things easier

@jgrodziski
Copy link
Owner

Hi Joël,

Thanks. Sure you wouldn't want to load the js adapter just for redirect and the server side can handle that concern perfectly.
The general idea is to check the HTTP request with the token (either in cookie or header) and if the token is missing then redirecting towards Keycloak for login then get back with a token.
I would check the code of the Keycloak Servlet Adapter to see what are the different steps done with that adapter: KeycloakOIDCFilter.java

Feel free to submit a PR with a ring middleware that would just do that :)

@joelkuiper
Copy link
Author

Hey Jérémie, thank you for the pointers! I ended up hacking together a standard auth flow for use within ring that does redirects, however the code is really not production ready. But I've put what I have now in gist just for future reference! I may end up sending a pull request eventually if it seems like the code works as needed without obvious security mistakes 😉

https://gist.github.com/joelkuiper/8ebaf2a4ffebac071b3b7614ceae0249

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

No branches or pull requests

2 participants