Errors following Keycloak Update

razvang · 14 February 2023 08:01

Hello,

We have an app which uses node red (node js app using module "node-red": "1.3.5") and integrates with a keycloak server running on one of our own AKS clusters. We've been running version 17.0.0 of keycloak and recently we've tried to update keycloak to 20.0.2. We've followed the Keycloak upgrade guide here: Upgrading Guide. From the Keycloak server standpoint the upgrade seems to have been a success (we are running the target version and all the data seems to be in place). However, as soon as we've upgraded keycloak we've started getting errors like:

2023-02-09 14:20:10,990 WARN  [org.keycloak.events] (executor-thread-36) type=REFRESH_TOKEN_ERROR, realmId=XXXXXX-XXXX...., clientId=XXXXX, userId=XXXXXX-XXXX-...., ipAddress=X.X.X.X, error=invalid_token, grant_type=refresh_token, refresh_token_type=Refresh, refresh_token_id=XXXXXXX-XXXX-..., client_auth_method=client-secret

2023-02-09 14:32:27,649 WARN  [org.keycloak.events] (executor-thread-36) type=CODE_TO_TOKEN_ERROR, realmId=XXXXXX-XXXX-..., clientId=XXXXX, userId=null, ipAddress=X.X.X.X, error=invalid_code, grant_type=authorization_code, code_id=XXXXXX-XXXX-..., client_auth_method=client-secret

2023-02-09 14:41:21,472 WARN  [org.keycloak.events] (executor-thread-37) type=USER_INFO_REQUEST_ERROR, realmId=XXXXXX-XXXX-..., clientId=XXXX, userId=null, ipAddress=X.X.X.X, error=user_session_not_found, auth_method=validate_access_token

One of the last items in the Keycloak Upgrade guide speaks about upgrading keycloak adapters. From what I understood these are essentially how your app integrates with Keycloak. Since we do this through node-red is it possible that since we've updated our keycloak server we would also have to update our node-red module and this errors are caused by the fact that we didn't do this?

Also, apologies if I am not posting this where I should.

marcus-j-davies · 14 February 2023 08:55

Hi @razvang, welcome to the forums.

Sorry, not entirely sure where Node RED fits into this?

Are you using a custom module to do Authentication in Node RED?
and are you saying you're using Node RED in an embedded manner in your own Node App?

if so, you may need to raise an issue with the author, or, as you said, update it.

Could you give us a bit more on the schematics?
what custom module are you using?

razvang · 14 February 2023 16:57

I am using a modified version of NodeRed with oidc authentication enabled to authenticate users. The module I am using for authentication in NodeRed is specifically aimed at oidc authentication using KeyCloak. This is the package I installed: https://www.npmjs.com/package/@exlinc/keycloak-passport

After updating KeyCloak, I get the errors mentioned above.

marcus-j-davies · 14 February 2023 17:17

Hi @razvang

Ok, my guess is the module/auth strategy you are using, likely falls foul of the most recent Keycloak server, The best course of action, is to raise an issue with the module developer or check if there is an update available for it?

system · 15 April 2023 17:18

This topic was automatically closed 60 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
OAuth/OpenID login with Keycloak General security	4	2925	8 December 2021
Error while implementing login with keycloak General security	5	639	4 August 2022
Node-RED integration with Keycloak gives Error self signed certificate General security	3	332	30 January 2023
OAuth/OpenID logout with Keycloak General security	9	1186	6 April 2022
adminAuth config for OpenID based Authentication on Keycloak General	3	1497	17 April 2021

Errors following Keycloak Update

Related Topics