-
|
Hello, when adding
Thanks for looking into this. |
Beta Was this translation helpful? Give feedback.
Replies: 3 comments 1 reply
-
|
@kristofvb Hi, this is probably due to the fact that the tokens created in the test do not have an So if you update the test code to use one of those methods, it should work |
Beta Was this translation helpful? Give feedback.
-
|
HtmlUnit WebClient tests should continue working, it is just that you update the guide dealing with verifying bearer access tokens, code flow access tokens get this scope assigned to them automatically |
Beta Was this translation helpful? Give feedback.
-
|
Indeed. Using the following, works Anyway, in our code we didn't have to set it the property explicitly as it is set implicitly when role source is set to userinfo. So removing the setting solved it as well. |
Beta Was this translation helpful? Give feedback.
-
OK
Most likely tokens that are obtained without using the authorization code flow, and hence, without a user's concern, are not authorized to access a user profile by Keycloak... |
Beta Was this translation helpful? Give feedback.
Indeed.
Using the following, works
protected String getAccessToken(String userName) { return keycloakClient.getAccessToken(userName, userName, "backend-service", "secret", List.of("openid")); }This gives a null access token (which I also find strange)
protected String getAccessToken(String userName) { return keycloakClient.getAccessToken(userName, userName, "backend-service", "secret", List.of("profile", "openid")); }Anyway, in our code we didn't have to set it the property explicitly as it is set implicitly when role source is set to userinfo. So removing the setting solved it as well.