[BUG] Dashy is unable to finishing signing with Keycloak
Opened this issue · 3 comments
Environment
Self-Hosted (Docker)
System
Arch based Chromium version 129.0.6668.101
Version
3.1.1
Describe the problem
When attempting to authenticate via Keycloak I get passed the sign in screen and then a 401 error is thrown blocking me from Keycloak
Additional info
Dashy Auth Config
auth:
enableKeycloak: true
keycloak:
serverUrl: 'https://account.flench.me'
realm: 'Nebulee'
clientId: 'keycloak-d'
Console Logs
Error with Permissions-Policy header: Origin trial controlled feature not enabled: 'private-state-token-redemption'.
Error with Permissions-Policy header: Origin trial controlled feature not enabled: 'private-state-token-issuance'.
Error with Permissions-Policy header: Unrecognized feature: 'browsing-topics'.
Error with Permissions-Policy header: Origin trial controlled feature not enabled: 'private-state-token-redemption'.
Error with Permissions-Policy header: Origin trial controlled feature not enabled: 'private-state-token-issuance'.
Error with Permissions-Policy header: Unrecognized feature: 'browsing-topics'.
Error with Permissions-Policy header: Origin trial controlled feature not enabled: 'private-state-token-redemption'.
Error with Permissions-Policy header: Origin trial controlled feature not enabled: 'private-state-token-issuance'.
Error with Permissions-Policy header: Unrecognized feature: 'browsing-topics'.
Error with Permissions-Policy header: Origin trial controlled feature not enabled: 'private-state-token-redemption'.
Error with Permissions-Policy header: Origin trial controlled feature not enabled: 'private-state-token-issuance'.
Error with Permissions-Policy header: Unrecognized feature: 'browsing-topics'.
KeycloakAuth.js:28
POST https://account.flench.me/realms/Nebulee/protocol/openid-connect/token 401 (Unauthorized)
C @ keycloak.mjs:776
(anonymous) @ keycloak.mjs:255
Promise.then
h @ keycloak.mjs:254
Promise.then
(anonymous) @ keycloak.mjs:319
Promise.then
(anonymous) @ keycloak.mjs:316
(anonymous) @ KeycloakAuth.js:28
value @ KeycloakAuth.js:27
f @ KeycloakAuth.js:87
(anonymous) @ main.js:73
Promise.then
56d7 @ main.js:65
l @ bootstrap:89
0 @ dashy.432463d9.js:1
l @ bootstrap:89
a @ bootstrap:45
(anonymous) @ bootstrap:267
(anonymous) @ dashy.432463d9.js:1
Show 5 more frames
Show less
CoolConsole.js:11
⚠️ Warning ⚠️ Failed to authenticate with Keycloak This is likely not an issue with Dashy, but rather your configuration.If you think it is a bug, please open a ticket on GitHub: https://git.io/JukXk
Please tick the boxes
- You have explained the issue clearly, and included all relevant info
- You are using a supported version of Dashy
- You've checked that this issue hasn't already been raised
- You've checked the docs and troubleshooting guide
- You agree to the code of conduct
Not sure if this is 100% related but I also have issues getting Keycloak to work. Keycloak works fine with other services but it just won't work with Dashy. However in my case there is just one (browser) console entry with "Failed to authenticate with Keycloak", the POST to the token endpoint returns 200 and Keycloak lists an active session.
I can also see IDENTITY/SESSION cookies for the auth domain Keycloak runs behind but no cookies for the domain pointing to Dashy, is this intended?
Seems like keycloak has been broken since some longer time.
Honestly I wouln't think this will get fixed in any near future, looking at the state of this project behind the curtains and the owner of this repo.
One solution is to use OIDC auth which (for now) still works, please see take a look at my answers to this issue.