[prev in list] [next in list] [prev in thread] [next in thread] 

List:       keycloak-user
Subject:    [keycloak-user] (no subject)
From:       hmidi.slim2 () gmail ! com (hmidi slim)
Date:       2018-03-06 18:46:45
Message-ID: CAMsqVxvvqAW2BQvBvHnNPwAD31jJ3QF-cdto0AX9tnbnkyabVw () mail ! gmail ! com
[Download RAW message or body]

Hi,
I'm trying to protect some resources of my node.js app using RBAC mechanism.

I have creted a realm called MyApp and a user called user, then I create
some realm roles such as: res_r (read resource), res_u (update resource),
res_d (delete_resource), res_c(create resource).

Then I tried to give the user User the realm roles: res_r

After I configure keycloak using keycloak-connect, I added:

const router = require('express').Router();
router.get('resource', keycloak.protect('realm: res_r'), handler)

However I'm not able to read the resource. I decode the authorization with
jwt I got in the token:
"realm_access": {
    "roles": [
      "res_r",
      "uma_authorization",
    ]
  },
  "resource_access": {
    "account": {
      "roles": [
        "manage-account",
        "manage-account-links",
        "view-profile"
      ]
    }
  },

How can I fix the probelm?

[prev in list] [next in list] [prev in thread] [next in thread]