using JWTAuthInterceptor in Nuxeo Java Client

Hello,

I finally succeeded to use Keycloak as a identity provider for my Nuxeo using the openid package. I can now connect using JWT Token generated by Keycloak and get all my user infos even groups ! Now I am trying to use Nuxeo Java Client to do the same thing. Here is my code :

NuxeoClient nuxeoClient = new NuxeoClient .Builder() .url(url) .connectTimeout(connectTimeout) .readTimeout(readTimeout) .interceptor(new JWTAuthInterceptor(token)) .authentication(new JWTAuthInterceptor(token)) .schemas(“*“) .connect();

But I am always getting errors (401 not authorized).

Did I forget something ?

I am using Nuxeo LTS 2021 / Nuxeo Java Client 3.11.0 / Keycloak 19.0.1 / JDK 11.

Regards.

0 votes

1 answers

635 views

ANSWER

Copy URL

Ghazi HAKIM

Hello Kevin Leturc , can you please help me ? Thanks.

08/19/2022

ANSWERS

Hello,

I'm not sure the JWTAuthInterceptor is working with the Keycloak provider. The interceptor works with the JWT secret configured on Nuxeo side, see https://doc.nuxeo.com/client-java/3.11/authentication/#jwt-authentication

Maybe you need to create your own interceptor for this use case, how do you succeed to authenticate with a Keycloak token, do you have a curl command example?

Thanks

1 votes

Copy URL

Ghazi HAKIM

Thank you Kevin Leturc for your response, you are right, openid plugin don't secure api with jwt token, it's just used to authenticate to Nuxeo. So I used the nuxeo-platform-login-keycloak project (with some modifications in code) and now it's working for me using JWTAuthInterceptor in Java Client. Regards.

08/25/2022

Authentication Required

using JWTAuthInterceptor in Nuxeo Java Client

Invite people to answer

What's new in Quandora?