admin管理员组文章数量:1323735
This is my first time working with Keycloak. I have prepared a Keycloak instance in my local machine in which I can create realm's, clients etc.
I found React + Keycloak examples of use, but none of them used PKCE flow.
I don't know how to configure Keycloak and React. I only know that the client application must be able to generate a code verifier and a code challenge.
I am looking for a simple example of implementing authorization using react and Keycloak which should follow the OAuth 2.0 Authorization Code Grant with PKCE Flow or tips on what to do on the React side and what on the Keycloak side to implement OAuth 2.0.
What I want to do:
- Setting up a Keycloack instance (ready)
- Registration of a public client in Keycloack (ready)
- Implementation of a simple login scenario in web (the scenario follow OAuth 2.0 Authorization Code Grant with PKCE Flow)
This is my first time working with Keycloak. I have prepared a Keycloak instance in my local machine in which I can create realm's, clients etc.
I found React + Keycloak examples of use, but none of them used PKCE flow.
I don't know how to configure Keycloak and React. I only know that the client application must be able to generate a code verifier and a code challenge.
I am looking for a simple example of implementing authorization using react and Keycloak which should follow the OAuth 2.0 Authorization Code Grant with PKCE Flow or tips on what to do on the React side and what on the Keycloak side to implement OAuth 2.0.
What I want to do:
- Setting up a Keycloack instance (ready)
- Registration of a public client in Keycloack (ready)
- Implementation of a simple login scenario in web (the scenario follow OAuth 2.0 Authorization Code Grant with PKCE Flow)
1 Answer
Reset to default 7(Old Keycloak UI)
Go to your Realm, and then to client and select your client:
- Set
Access Type
topublic
- Enabled
Standard Flow Enabled
- Add the appropriate
Valid redirect URIs
andWeb origins
- Go to
Advanced Settings
and in the fieldProof Key for Code Exchange Code Challenge Method
and selectS256
, and then click onSave
.
(New Keycloak UI)
Select your Realm, and then go to client and click in your client:
- Set
Client authentication
toOFF
- In
Authentication Flow
selectStandard flow
- Add the appropriate
Valid redirect URIs
andWeb origins
- Click on the
Save
button - Go to
Advanced
tab - Go to the section
Advanced Settings
and in the fieldProof Key for Code Exchange Code Challenge Method
and selectS256
, and then click onSave
.
On the adaptor of your React application add "enable-pkce": true.
From the keycloak documentation:
The KeycloakInstalled adapter supports the PKCE [RFC 7636] mechanism to provide additional protection during code to token exchanges in the OIDC protocol. PKCE can be enabled with the "enable-pkce": true setting in the adapter configuration. Enabling PKCE is highly remended, to avoid code injection and code replay attacks.
本文标签: javascriptHow implement React SPA authentication with Keycloak and PKCE flowStack Overflow
版权声明:本文标题:javascript - How implement React SPA authentication with Keycloak and PKCE flow? - Stack Overflow 内容由网友自发贡献,该文观点仅代表作者本人, 转载请联系作者并注明出处:http://www.betaflare.com/web/1742119492a2421630.html, 本站仅提供信息存储空间服务,不拥有所有权,不承担相关法律责任。如发现本站有涉嫌抄袭侵权/违法违规的内容,一经查实,本站将立刻删除。
发表评论