TNG/keycloak-mock

Enable basic authentification configuration

jutant-l opened this issue · 6 comments

First, i would like to configure this option :
"enable-basic-auth" : false,

In a second time i want to authorize request with header :
Authorization: basic BASE64(client-id + ':' + client-secret)

So can you add enable-basic-auth configuration and add a user registration ?

I am not quite sure what you would like to be able to do. Do you want to allow basic authentication in requests to your server, as can be configured in the Keycloak client settings via "enable-basic-auth" : true (https://www.keycloak.org/docs/latest/securing_apps/index.html#_java_adapter_config)? Or do you want to do a client registration on the keycloak (mock) server (https://www.keycloak.org/docs/latest/securing_apps/index.html#keycloak-representations)?

@jutant-l we have added support for confidential clients with release v0.9.0. Can you please check if this fits your use case?

@jutant-l we have added support for confidential clients with release v0.9.0. Can you please check if this fits your use case?

does it support acquiring a token for a confidential client doing a

POST realms/{realm}/protocol/openid-connect/token?client_id={client}&grant_type=client_credentials&client_secret={secret}
Headers: "Content-Type: application/x-www-form-urlencoded", "Accept: application/json"

i am trying 0.10.0 and it doesnt seem to work, but im not sure if im doing anything wrong..
it does work with Keycloak / Redhat SSO

Ah, I see. The initial implementation only supports Basic Auth. I'll put form based authentication to the todo list :)

Tech hint: https://datatracker.ietf.org/doc/html/rfc6749#section-2.3.1

Ah, I see. The initial implementation only supports Basic Auth. I'll put form based authentication to the todo list :)

Tech hint: https://datatracker.ietf.org/doc/html/rfc6749#section-2.3.1

Added a PR :)
#99

Fixed with version v0.11.0.