[V3] Keycloak Auth Provider returns 404

Questions and Answers
1
System Information
  • Strapi Version:
  • Operating System:
  • Database:
  • Node Version:
  • NPM Version:
  • Yarn Version:

Keycloak 404 issue with Strapi V3

MIrror of External Provider in Kubernetes returns 404 (Keycloak) · Issue #11309 · strapi/strapi · GitHub

I’m limited because of new user regulation, so in the github link you can find more screenshots, like the keycloak screenshot.

Describe the Issue

I’m struggling with this problem since 1 month. I hope you can help me with this issue.

I’ve added Keycloak as an external provider, like in the examples and the merge request related to keycloak.

I’ve also checked the flow with
Understanding the login flow

So i have 3 different pods in my local kubernetes cluster:

  • Keycloak Server (auth.example.c0m)
  • Strapi Server (cms.example.c0m)
  • Frontend Server (example.c0m) → example login react app

its not in the cloud, i just changed hosts file.

Steps to reproduce the behavior

  1. Add “keycloak” to example react app
  2. Click on keycloak-login-button in react app
  3. Request to cms.example.c0m/connect/keycloak
  4. Login to keycloak
  5. See error

Redirect URL: http$://cms.example.c0m/auth/keycloak/callback
Response: http$://cms.example.c0m/connect/keycloak/callback?code=abcdsffasdfassdf
→ 404 Not Found

When i refresh 3 times, i get CONNECTION_REFUSED and no_access_token error.

Its stuck in Step 4.

  1. Once done, Github redirects the tab to the backend URL:http$://strapi.website.com/connect/github/callback?code=abcdef.

Expected behavior

Same as “Understanding the login flow”

Screenshots

918×645 22 KB

Code snippets

bootstrap.js

    keycloak: {
      enabled: true,
      icon: 'key',
      key: '',
      secret: '',
      oauth: 2,
      authorize_url: `https://auth.example.com/auth/realms/Example/protocol/openid-connect/auth`,
      access_url:    `https://auth.example.com/auth/realms/Example/protocol/openid-connect/token`,
      callback: `${strapi.config.server.url}/auth/keycloak/callback`,
      scope: ['openid']
    },

providers.js

    case 'keycloak': {
      const keycloak = new Purest({
        provider: 'keycloak',
        config: {
          'keycloak': {
            'http://auth.example.com/auth/realms/Example/': {
              '__domain': {
                'auth': {
                  'auth': {
                    'bearer': '[0]'
                  }
                }
              },
              '{endpoint}': {
                '__path': {
                  'alias': '__default'
                }
              }
            }
          }
        }
      });

server.js

module.exports = ({ env }) => ({
  host: env('HOST', '0.0.0.0'),
  port: env.int('PORT', 1337),
  url: env('', 'https://cms.example.com'),
  admin: {
    auth: {
      secret: env('ADMIN_JWT_SECRET', 'xx'),
    },
  },
});

System

  • Kubernetes
  • Strapi version: strapi/strapi:latest
  • Database: mysql 5.6.51
  • Operating system: Windows 11

Additional context

Side notes:

  • Cms is definitely working, i can access the admin panel when accessing “cms.example.c0m”. I’ve also inserted my ClientSecret and ID.

  • The App folder is mapped to local volume, so i can change the application source code.

  • Keycloak login flow works fine with Postman OpenID (without strapi in the middle).

  • I want to manage all users in keycloak instead of strapi.