witcom-gmbh / keycloak-authz-angular Goto Github PK
View Code? Open in Web Editor NEWSetup Keycloak Authorization for Angular applications
License: GNU General Public License v3.0
Setup Keycloak Authorization for Angular applications
License: GNU General Public License v3.0
Hey everyone!
I would like to know if this package is still actively maintained? If yes, is it possible to use the latest Angular version (14) for the peer dependencies?
Greets
Hi, I tried to follow the documentation and created my own Guard to check the user has permissions to see one specific page, this is what I have in my routing module:
const routes: Routes = [
{
path: '',
component: PurchaseComponent,
canActivate: [KeycloakPermissionGuard],
data: {
permissions: [
{
rsname: 'purchase',
scope: 'action'
}
]
}
}
];
And this is my code in the KeycloakPermissionGuard guard:
if (!this.authenticated) {
this.keycloakService.login();
return;
}
const requiredRoles = route.data.roles;
const requiredPermissions = route.data.permissions;
if (!(requiredPermissions && requiredPermissions.length > 0) && !(requiredRoles && requiredRoles.length > 0)) {
return resolve(true);
}
let granted: boolean = true;
if (requiredRoles) {
let roles = this.keycloakService.getUserRoles();
granted = requiredRoles.every(r => roles.indexOf(r) > -1);
}
if (granted && requiredPermissions) {
for (const requiredPermission of requiredPermissions) {
if (!this.keycloakAuthorization.checkAuthorization(requiredPermission)){
granted = false;
break;
}
}
}
resolve(granted);
While debugging in the browser, I noticed the guard got activated a lot of times, and every time it went it the 'not authenticated' if, and tried to log in into keycloak again and again. When the guard got activated, the keycloakService and keycloakAuthorizationService, where not initialized yet, and the token was not loaded, thus no permissions, at the end, after waiting for long, those services got initialized, and finally evaluated the permissions. So I wonder if I'm doing something wrong, or this is a bug in the library? How could I get rid of that problem? I would like to use permissions to check if user should see one specific page or get forbidden display shown.
zone.js:3243 POST http://localhost:8080/auth/realms/VMS/protocol/openid-connect/token 400 (Bad Request)
The response was client secret not provided in request
So i checked in postman passing authtoken
Checked the response token and i see the list of resources and scopes
can you provide an example ?
A declarative, efficient, and flexible JavaScript library for building user interfaces.
๐ Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. ๐๐๐
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google โค๏ธ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.