Errors following Keycloak Update


We have an app which uses node red (node js app using module "node-red": "1.3.5") and integrates with a keycloak server running on one of our own AKS clusters. We've been running version 17.0.0 of keycloak and recently we've tried to update keycloak to 20.0.2. We've followed the Keycloak upgrade guide here: Upgrading Guide. From the Keycloak server standpoint the upgrade seems to have been a success (we are running the target version and all the data seems to be in place). However, as soon as we've upgraded keycloak we've started getting errors like:

2023-02-09 14:20:10,990 WARN  [] (executor-thread-36) type=REFRESH_TOKEN_ERROR, realmId=XXXXXX-XXXX...., clientId=XXXXX, userId=XXXXXX-XXXX-...., ipAddress=X.X.X.X, error=invalid_token, grant_type=refresh_token, refresh_token_type=Refresh, refresh_token_id=XXXXXXX-XXXX-..., client_auth_method=client-secret

2023-02-09 14:32:27,649 WARN  [] (executor-thread-36) type=CODE_TO_TOKEN_ERROR, realmId=XXXXXX-XXXX-..., clientId=XXXXX, userId=null, ipAddress=X.X.X.X, error=invalid_code, grant_type=authorization_code, code_id=XXXXXX-XXXX-..., client_auth_method=client-secret

2023-02-09 14:41:21,472 WARN  [] (executor-thread-37) type=USER_INFO_REQUEST_ERROR, realmId=XXXXXX-XXXX-..., clientId=XXXX, userId=null, ipAddress=X.X.X.X, error=user_session_not_found, auth_method=validate_access_token

One of the last items in the Keycloak Upgrade guide speaks about upgrading keycloak adapters. From what I understood these are essentially how your app integrates with Keycloak. Since we do this through node-red is it possible that since we've updated our keycloak server we would also have to update our node-red module and this errors are caused by the fact that we didn't do this?

Also, apologies if I am not posting this where I should.

Hi @razvang, welcome to the forums.

Sorry, not entirely sure where Node RED fits into this?

Are you using a custom module to do Authentication in Node RED?
and are you saying you're using Node RED in an embedded manner in your own Node App?

if so, you may need to raise an issue with the author, or, as you said, update it.

Could you give us a bit more on the schematics?
what custom module are you using?

I am using a modified version of NodeRed with oidc authentication enabled to authenticate users. The module I am using for authentication in NodeRed is specifically aimed at oidc authentication using KeyCloak. This is the package I installed:

After updating KeyCloak, I get the errors mentioned above.

Hi @razvang

Ok, my guess is the module/auth strategy you are using, likely falls foul of the most recent Keycloak server, The best course of action, is to raise an issue with the module developer or check if there is an update available for it?

This topic was automatically closed 60 days after the last reply. New replies are no longer allowed.