i'm using keycloak (v. 10) for make authentication for existing spring (no boot library) application. I'am using the java-adapter from keycloak documentation i added the suggested configuration on my spring security config.
This is my keycloak.json file:
{
"realm": "cnp-server",
"auth-server-url": "http://localhost:8081/auth/",
"ssl-required": "external",
"resource": "cnpserver-client",
"public-client": true,
"confidential-port": 0
}
On this screen the configuration of keycloak client (is running on docker):
When i try to access to application, the browser make a redirection to:
http://localhost:8081/auth/realms/cnp-server/protocol/openid-connect/auth?response_type=code&client_id=cnpserver-client&redirect_uri=http%3A%2F%2Flocalhost%3A8088%2Fcnp_server_web_war%2Fsso%2Flogin&state=73ee7ebe-1949-4e94-9349-f3760f37bb4a&login=true&scope=openid
When i key the access credentials on prompt box, somethings going wrong; on Keycloak log:
WARN [org.keycloak.events] (default task-63) type=CODE_TO_TOKEN_ERROR, realmId=cnp-server, clientId=cnpserver-client, userId=null, ipAddress=192.168.32.1, error=invalid_code, grant_type=authorization_code, code_id=7972a766-f9be-4907-85a7-69e6d5d50cbf, client_auth_method=client-secret
On spring application log:
ERROR org.keycloak.adapters.OAuthRequestAuthenticator [OAuthRequestAuthenticator.java:337] - failed to turn code into token ERROR org.keycloak.adapters.OAuthRequestAuthenticator [OAuthRequestAuthenticator.java:338] - status from server: 400 ERROR org.keycloak.adapters.OAuthRequestAuthenticator [OAuthRequestAuthenticator.java:340] - {"error":"invalid_grant","error_description":"Code not valid"}
It's seems similar to this topic, but i don't make any personal configuration on redirect-uri (and i don't know how i can change that). Thanks
