hey does anyone know how to get this working? ```t...
# orm-help
b
hey does anyone know how to get this working?
Copy code
typeDefs: [KeycloakTypeDefs, "./src/schema.graphql"],
schemaDirectives: KeycloakSchemaDirectives,
KeycloakTypeDefs or KeycloakSchemaDirectives
im not sure which one, comes with an
@auth
type but i dont know how to use it in my schema file
l
Hey I’m using Keycloak and it works fine for me… What exactly doesn’t work for you?
b
Oh I just found it out right now, not sure what the issue was exactly but i think it has to do with that im using a .graphql file for my schema So i just added the directives in that file directly
l
yup, if you want to use the directives they have to be on your schema.. you also have auth() and hasRole() methods to use on your resolvers if you want use them programatically
b
thanks!
bit of another thing, im trouble understanding how to set up the configuration for KC with the package that got me hear(yoga)
l
in which part?
b
hmm if i got it right i need to instantiate the configuration with keycloak-connect first but im not sure how to do that with this library
(i mean i know how to set up the configuration itself, just not the actual instantiating part)
l
this?
Copy code
const keycloak = new Keycloak({ scope: 'openid' });
b
thats all? along with the connection config?
l
Copy code
const server = new GraphQLServer({
	typeDefs: [typeDefs, KeycloakTypeDefs],
	schemaDirectives: KeycloakSchemaDirectives,
	resolvers,
	context: ({ request }) => {
		return {
			kauth: new KeycloakContext({ req: request }),
		};
	},
});
and this for graphql server
the first snippet will load the configuration file if it is present on project root folder
b
oh that was easy, guess i completely missed that in the docs
l
yup, the “tricky” part is get keycloak correctly configured.. took me a day to figure it out
b
got any tips on that?
l
just have one client to your backend app as confidential… then if you want to use RBAC to your permissions I’d suggest you to create groups, assign roles to the group and then add users to desired group.. it’s easier to maintain when the number of roles start growing
b
thats a pretty good tip, also do you know how i actually test it now?
l
create a user directly on keycloak, use postman to get a token and use it on graphql playground
b
gotcha
hmm i got the token but it still says im not authenticated
l
can you post here your keycloak.json?
b
{
    
"realm": "PakZe",
    
"bearer-only": true,
    
"auth-server-url": "<http://localhost:8080/auth/>",
    
"ssl-required": "external",
    
"resource": "PakzeApi",
    
"confidential-port": 0
  
}
l
cannot be bearer-only
and it should have a credentials property
with a secret
b
ah
no, still not working(i got a new token after changing the settings)
l
I also got this problem but not sure I solved it… I know that I extended token expiry time
b
is the expiry time in seconds or milisec?
l
secs
might be useful to go to keycloak-connect on node_modules and check try/catch blocks and print /throw the actual error instead os generated one
I know, awful debug but I had to do it in the beginning
b
i have no idea where to look
l
it’s probably somewhere near grant middleware on grant attacher util
b
this is as deep as i can trace it
exports.auth = (next) => (root, args, context, info) => {
    
if (!context[KeycloakContext_1.CONTEXT_KEY] || !context[KeycloakContext_1.CONTEXT_KEY].isAuthenticated()) {
        `const error = new Error(
User not Authenticated
);`         
error.code = "UNAUTHENTICATED";
        
throw error;
    
}
    
return next(root, args, context, info);
};
l
Copy code
node_modules/keycloak-connect/middleware/grant-attacher.js
Copy code
node_modules/keycloak-connect/keycloak.js line 306
in this file there are some try/catch blocks.. print the error in the catch block
b
you sure you mean try/catch? because i cannot find any in that file
l
Copy code
node_modules/keycloak-connect/
not the one for graphql
which version do you have?
b
yup im in the node module one
l
search for
Keycloak.prototype.getGrant
b
8.0.2
l
uuuhh, I’m @10.0.0
b
well that might make sense then
no mine is 10 too(looked at the wrong package file)
Copy code
/*! ignore */
Keycloak.prototype.getGrant = function (request, response) {
  console.log("test")
  var rawData;

  for (var i = 0; i < this.stores.length; ++i) {
    rawData = this.stores[i].get(request);
    if (rawData) {
      // store = this.stores[i];
      break;
    }
  }

  var grantData = rawData;
  if (typeof (grantData) === 'string') {
    grantData = JSON.parse(grantData);
  }

  if (grantData && !grantData.error) {
    var self = this;
    return this.grantManager.createGrant(JSON.stringify(grantData))
      .then(grant => {
        self.storeGrant(grant, request, response);
        return grant;
      })
      .catch(() => { return Promise.reject(new Error('Could not store grant code error')); });
  }

  return Promise.reject(new Error('Could not obtain grant code error'));
};
l
yup, print the error on catch block
b
nothing is logging, not even a random string at the start of that function
its failing before that
l
try to get up in the chain of middlewares
search for `Keycloak.prototype.middleware`in keycloak.js
b
what am i looking for there?
cant get anything to log from there out either
l
where are you checking the prints? it has to be on the terminal where your app is running, not on the browser
b
i am yeah
l
can you try to print something in
Keycloak.prototype.middleware
b
nothing will print fromt here
l
just to be sure print something in the constructor.. that one has to be printed for sure
also, let’s continue this on PM maybe? 😅