Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

KeycloakOidcClient not connecting due to missing OidcOpMetadataResolver.load #689

Open
JulienSt opened this issue Aug 2, 2024 · 1 comment
Open

KeycloakOidcClient not connecting due to missing OidcOpMetadataResolver.load #689

JulienSt opened this issue Aug 2, 2024 · 1 comment

Comments

@JulienSt
Copy link
Contributor

JulienSt commented Aug 2, 2024

Hey me again,

after getting the scala demo for play working with the current master and scala3 and play3, I tried to connect to a local Keycloak with the KeycloakOidcClient. That does not seem to work. Connecting to the same keycloak instance with the normal OidcClient works though.

Here are the providing methods:

  @Provides
  def provideOidcClient: OidcClient = {
    val oidcConfiguration = new OidcConfiguration()
    oidcConfiguration.setClientId("id")
    oidcConfiguration.setSecret("secret")
    oidcConfiguration.setDiscoveryURI("working_url")
    oidcConfiguration.setPreferredJwsAlgorithm(JWSAlgorithm.RS256)
    oidcConfiguration.setPkceMethod(CodeChallengeMethod.S256)
    oidcConfiguration.setClientAuthenticationMethod(ClientAuthenticationMethod.CLIENT_SECRET_BASIC)
    val oidcClient = new OidcClient(oidcConfiguration)
    oidcClient.addAuthorizationGenerator(new RoleAdminAuthGenerator)
    oidcClient.addAuthorizationGenerator(new KeycloakRolesAuthorizationGenerator(oidcConfiguration.getClientId));
    oidcClient
  }

  @Provides
  def provideKeycloakClient: KeycloakOidcClient = {
    val config = new KeycloakOidcConfiguration("http://localhost:8088", "realm")
    config.setClientId("id")
    config.setSecret("secret")
    config.setDiscoveryURI("working_url")
    config.setPreferredJwsAlgorithm(JWSAlgorithm.RS256)
    config.setPkceMethod(CodeChallengeMethod.S256)
    config.setClientAuthenticationMethod(ClientAuthenticationMethod.CLIENT_SECRET_BASIC)
    val client = new KeycloakOidcClient(config)
    client.addAuthorizationGenerator(new RoleAdminAuthGenerator)
    client
  }

Using the keycloak version results in the following error:

[error] - controllers.CustomErrorHandler - Error occurrred
java.lang.NullPointerException: Cannot invoke "com.nimbusds.openid.connect.sdk.op.OIDCProviderMetadata.getAuthorizationEndpointURI()" because the return value of "org.pac4j.oidc.metadata.OidcOpMetadataResolver.load()" is null
	at org.pac4j.oidc.redirect.OidcRedirectionActionBuilder.buildAuthenticationRequestUrl(OidcRedirectionActionBuilder.java:135)
	at org.pac4j.oidc.redirect.OidcRedirectionActionBuilder.getRedirectionAction(OidcRedirectionActionBuilder.java:72)
	at org.pac4j.core.client.IndirectClient.getRedirectionAction(IndirectClient.java:136)
	at org.pac4j.core.engine.DefaultSecurityLogic.redirectToIdentityProvider(DefaultSecurityLogic.java:240)
	at org.pac4j.core.engine.DefaultSecurityLogic.perform(DefaultSecurityLogic.java:160)
	at org.pac4j.play.java.SecureAction.internalCall(SecureAction.java:93)
	at org.pac4j.play.java.SecureAction.call(SecureAction.java:72)
	at org.pac4j.play.scala.SecureAction.invokeBlock(Security.scala:73)
	at org.pac4j.play.scala.SecureAction.invokeBlock(Security.scala:70)
	at play.api.mvc.ActionBuilder$$anon$10.apply(Action.scala:434)
	at play.api.mvc.Action.apply$$anonfun$5(Action.scala:83)
	at play.api.mvc.BodyParser$.runParserThenInvokeAction$$anonfun$1(Action.scala:260)
	at play.api.libs.streams.StrictAccumulator.mapFuture$$anonfun$2$$anonfun$1(Accumulator.scala:167)
	at scala.util.Try$.apply(Try.scala:210)
	at play.api.libs.streams.StrictAccumulator.mapFuture$$anonfun$2(Accumulator.scala:167)
	at scala.Function1.$anonfun$andThen$1(Function1.scala:87)
	at scala.Function1.$anonfun$andThen$1(Function1.scala:87)
	at scala.Function1.$anonfun$andThen$1(Function1.scala:87)
	at play.api.libs.streams.StrictAccumulator.run(Accumulator.scala:198)
	at play.api.libs.streams.FlattenedAccumulator.run$$anonfun$2(Accumulator.scala:215)
	at scala.concurrent.impl.Promise$Transformation.run(Promise.scala:470)
	at org.apache.pekko.dispatch.BatchingExecutor$AbstractBatch.processBatch(BatchingExecutor.scala:73)
	at org.apache.pekko.dispatch.BatchingExecutor$BlockableBatch.run$$anonfun$1(BatchingExecutor.scala:110)
	at org.apache.pekko.dispatch.BatchingExecutor$BlockableBatch.run$$anonfun$adapted$1(BatchingExecutor.scala:119)
	at scala.concurrent.BlockContext$.withBlockContext(BlockContext.scala:94)
	at org.apache.pekko.dispatch.BatchingExecutor$BlockableBatch.run(BatchingExecutor.scala:119)
	at org.apache.pekko.dispatch.TaskInvocation.run(AbstractDispatcher.scala:59)
	at org.apache.pekko.dispatch.ForkJoinExecutorConfigurator$PekkoForkJoinTask.exec(ForkJoinExecutorConfigurator.scala:57)
	at java.base/java.util.concurrent.ForkJoinTask.doExec(ForkJoinTask.java:387)
	at java.base/java.util.concurrent.ForkJoinPool$WorkQueue.topLevelExec(ForkJoinPool.java:1312)
	at java.base/java.util.concurrent.ForkJoinPool.scan(ForkJoinPool.java:1843)
	at java.base/java.util.concurrent.ForkJoinPool.runWorker(ForkJoinPool.java:1808)
	at java.base/java.util.concurrent.ForkJoinWorkerThread.run(ForkJoinWorkerThread.java:188)

I am happy that the normal client works, so I am not planning to spend too much time with this issue. I just wanted to let you know, that this seems to be a problem
@leleuj
Copy link
Member

leleuj commented Aug 4, 2024

Thanks for letting me known.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@leleuj @JulienSt