From keycloak-user  Tue Mar 06 18:46:45 2018
From: hmidi.slim2 () gmail ! com (hmidi slim)
Date: Tue, 06 Mar 2018 18:46:45 +0000
To: keycloak-user
Subject: [keycloak-user] (no subject)
Message-Id: <CAMsqVxvvqAW2BQvBvHnNPwAD31jJ3QF-cdto0AX9tnbnkyabVw () mail ! gmail ! com>
X-MARC-Message: https://marc.info/?l=keycloak-user&m=154803630030547

Hi,
I'm trying to protect some resources of my node.js app using RBAC mechanism.

I have creted a realm called MyApp and a user called user, then I create
some realm roles such as: res_r (read resource), res_u (update resource),
res_d (delete_resource), res_c(create resource).

Then I tried to give the user User the realm roles: res_r

After I configure keycloak using keycloak-connect, I added:

const router = require('express').Router();
router.get('resource', keycloak.protect('realm: res_r'), handler)

However I'm not able to read the resource. I decode the authorization with
jwt I got in the token:
"realm_access": {
    "roles": [
      "res_r",
      "uma_authorization",
    ]
  },
  "resource_access": {
    "account": {
      "roles": [
        "manage-account",
        "manage-account-links",
        "view-profile"
      ]
    }
  },

How can I fix the probelm?