Hi all,
I need help with a Nuxt.js based frontend, which should use OAuth2 authentication code flow for authorization. Basically I don't want to use a SessionHandler and a CookieHandler on the Vert.x server side to prevent having to store state on the server (for scalability reasons in the future).
- Basically I have a button which should execute a GET request on click to
https://localhost:9443/user/authenticate. - On the server side the route will redirect to Keycloak for a login site. Then keycloak will redirect back to a given URL.
- The frontend will now have to extract the generated "code" from Keycloak and make another POST request to
https://localhost:9443/tokento get a JWT token.
Something like this:
axios.post('https://localhost:9443/token', {
"code": this.code,
"redirect_uri": this.redirect_uri //extra meta data needed
}).then(response => {
var access_token = JSON.parse(response.request.response).access_token
this.createNewResource(access_token)
})
Basically it should work like this Gist of a React component
However, I'm totally stuck as I'm super new to the frontend stuff.
It is this issue:
Vue.js Auth Component
#31
We need a component, which extracts the code from the redirected to URL (from the OAuth2 auth code flow) and exchange this code with a token (/token) endpoint on the SirixDB HTTP-Server. This token then needs to be sent in subsequent requests, so we can probably store it in the store!?
I've tried some things in a branch, but I'm currently getting an internal server error (500) from Node.js and I have no clue why.
The Node.js server is running on port 3005 so I had all sorts of issues with CORS and a self signed certificate (for testing purposes)...
Setting up the SirixDB HTTP-Server and Keycloak should be doable via docker-compose. Have a look at the REST-API documentation.
Maybe someone has done a similar login already with Nuxt.js, would be great π
Update:24.10.: Added a CORS-Handler on the Vert.x server. Now I'm running into a docker problem: How do I address a host, which is not in the docker-network (the Nuxt.js application / the Node.js server running on localhost:3005):
GET http://keycloak:8080/auth/realms/sirixdb/protocol/openid-connect/auth?redirect_uri=http%3A%2F%2Fkeycloak%3A3005&response_type=code&client_id=sirix net::ERR_NAME_RESOLUTION_FAILED
commons.app.js:1001 Uncaught (in promise) Error: Network Error
at createError (commons.app.js:1001)
at XMLHttpRequest.handleError (commons.app.js:536)
createError @ commons.app.js:1001
handleError @ commons.app.js:536
Promise.then (async)
login @ index.js:42
click @ index.js:82
invokeWithErrorHandling @ commons.app.js:15696
invoker @ commons.app.js:16021
invokeWithErrorHandling @ commons.app.js:15696
Vue.$emit @ commons.app.js:17719
handleClick @ vendors.app.js:15399
invokeWithErrorHandling @ commons.app.js:15696
invoker @ commons.app.js:16021
original._wrapper @ commons.app.js:20744
kind regards
Johannes
Top comments (11)
I've managed to use the Nuxt.js axios module now. I got rid of the internal server error. However, axiom for instance doesn't seem to use the baseURL specified.
Hi
I am not a vue expert and I have started to use vue very recently (switched from ng 1). But I also gone through the same type of issues and most of the time I had no clue over certain errors.
** Changes to nuxt.config.js wont be detected until you restart the prcoess.
P.S.
I would highly recommend the dotenv module for easier env level configurations
github.com/nuxt-community/dotenv-m...
Okay, Update: I had to add the browserBaseURL:
browserBaseURL: '127.0.0.1:9443'
However, the strange thing is
This somehow produces an OPTIONS HTTP-request instead of a GET HTTP-request.
It seems the whole axios module configuration isn't recognized:
And request is sent to localhost:3005 instead with headers:
Code is simply:
Yes: github.com/sirixdb/sirix-web-front...
Yeah, I'm trying to learn Nuxt.js, Vue.js, TypeScript and D3.js, but I'm eager to learn :-)
Mhh.. couldn't find anything odd (but I am not familiar with TypeScript (ES only)
Here is my working setup (minimal code)
gist.github.com/zspine/efa32262b12...
Oh wow, can you make a PR maybe? :-)
I think Vert.x also has to send an HTTP-Header for CORS, to allow any origin: Access-Control-Allow-Origin: *
And the error is different with Chrome (I've used Firefox until now):
GET 127.0.0.1:9443/user/authorize net::ERR_CERT_AUTHORITY_INVALID
because of a self-signed certificate :(
However, so with your code it's already working!? π That would be beyond awesome :)
I wish I can be more helpful but unfortunately busy with a deadline. :( That was just a copy paste from my current project and it uses server side httponly cookie based authentication.
I think your custom axios plugin doing the right thing with "new https.Agent" configuration. You can apply the same thing to nuxt axios module.
aww, thanks for the hints :)
Hmm, does someone, know why the host could not be resolved when the Vert.x server redirects to Keycloak?
keycloak:8080/auth/realms/sirixdb/...
At least in the docker network it is for instance reachable by the server service (Vert.x based HTTP-Server), but not from the "frontend backend server", that is Node.js.
My docker-compose file:
I've added a section in the README how to set things up with docker-compose...