Uploaded image for project: 'Nuxeo Platform'
  1. Nuxeo Platform
  2. NXP-32352

Add support of Keycloak 24.0.x

    XMLWordPrintable

    Details

    • Type: Bug
    • Status: Resolved
    • Priority: Major
    • Resolution: Fixed
    • Affects Version/s: 2023.0
    • Fix Version/s: 2023.10
    • Component/s: Authentication
    • Release Notes Summary:
      Nuxeo now supports Keycloak 24.0.x
    • Tags:
    • Backlog priority:
      800
    • Upgrade notes:
      Hide

      The following dependency (Keycloak BOM) has been removed:

      <dependency>
  <groupId>org.keycloak</groupId>
  <artifactId>keycloak-tomcat-adapter-dist</artifactId>
</dependency>

      in favor of:

      <dependency>
  <groupId>org.keycloak</groupId>
  <artifactId>keycloak-tomcat-adapter</artifactId>
</dependency>
<dependency>
  <groupId>org.keycloak</groupId>
  <artifactId>keycloak-common</artifactId>
</dependency>
<dependency>
  <groupId>org.keycloak</groupId>
  <artifactId>keycloak-crypto-default</artifactId>
</dependency>
<dependency>
  <groupId>org.keycloak</groupId>
  <artifactId>keycloak-policy-enforcer</artifactId>
</dependency>

      The version of these artifacts has been upgraded from 19.0.3 to 24.0.2.

      Show
      The following dependency (Keycloak BOM) has been removed: <dependency> <groupId>org.keycloak</groupId> <artifactId>keycloak-tomcat-adapter-dist</artifactId> </dependency> in favor of: <dependency> <groupId>org.keycloak</groupId> <artifactId>keycloak-tomcat-adapter</artifactId> </dependency> <dependency> <groupId>org.keycloak</groupId> <artifactId>keycloak-common</artifactId> </dependency> <dependency> <groupId>org.keycloak</groupId> <artifactId>keycloak-crypto-default</artifactId> </dependency> <dependency> <groupId>org.keycloak</groupId> <artifactId>keycloak-policy-enforcer</artifactId> </dependency> The version of these artifacts has been upgraded from 19.0.3 to 24.0.2.
    • Sprint:
      nxplatform #109
    • Story Points:
      5

      Description

      Steps to reproduce

      1. start keycloak as follows: 
         docker run --name test-keycloak23.0.4 -d -p 8086:8080 -e KEYCLOAK_ADMIN=admin -e KEYCLOAK_ADMIN_PASSWORD=admin quay.io/keycloak/keycloak:23.0.4 start-dev
      2. import the attached realmĀ nuxeo-realm.json
      3. Start nuxeo 2023.7.9 with the respective nuxeo-keycloak, use the following configuration: 
        nuxeo.keycloak.realm=nuxeorealm
nuxeo.keycloak.resource=nuxeo
nuxeo.keycloak.sslRequired=none
nuxeo.keycloak.publicClient=false
nuxeo.keycloak.confidentialPort=0
nuxeo.keycloak.authServerUrl=http://localhost:8086
nuxeo.keycloak.credentials.secret=eGEPEQNIH5AYUn5DflXoPMaNj4v1lotl
      4. login as test/test
      5. Nuxeo reports error: 
         [org.keycloak.adapters.OAuthRequestAuthenticator]    {"error":"invalid_grant","error_description":"Incorrect redirect_uri"}

      Expected behavior: everything runs smoothly after logging in

        Attachments

        1. login1.jpg
          login1.jpg
          280 kB
        2. login2.jpg
          login2.jpg
          298 kB
        3. login3.jpg
          login3.jpg
          259 kB
        4. nuxeo-realm.json
          70 kB

          Activity

            People

            • Votes:
              0 Vote for this issue
              Watchers:
              3 Start watching this issue

              Dates

              • Created:
                Updated:
                Resolved: