Hi,
Editing this topic as I need help in working this out, this post describes the problem I'm having, is there more documentation on adminAuth anywhere or am I just missing something?
Any help here is much appreciated
Thanks
-------------------------------------------------Old Posts-------------------------------------------------
Hi,
I'm looking at using keycloak for authenticating my logon to my node-red.
Question: has anybody done this and is willing to share?
I get a error on the call back https://example.com/auth/strategy/callback:
Error: Unknown authentication strategy "keycloak"
at attempt (/usr/lib/node_modules/node-red/node_modules/passport/lib/middleware/authenticate.js:186:37)
at authenticate (/usr/lib/node_modules/node-red/node_modules/passport/lib/middleware/authenticate.js:362:7)
at Layer.handle [as handle_request] (/usr/lib/node_modules/node-red/node_modules/express/lib/router/layer.js:95:5)
at next (/usr/lib/node_modules/node-red/node_modules/express/lib/router/route.js:137:13)
at Route.dispatch (/usr/lib/node_modules/node-red/node_modules/express/lib/router/route.js:112:3)
at Layer.handle [as handle_request] (/usr/lib/node_modules/node-red/node_modules/express/lib/router/layer.js:95:5)
at /usr/lib/node_modules/node-red/node_modules/express/lib/router/index.js:281:22
at Function.process_params (/usr/lib/node_modules/node-red/node_modules/express/lib/router/index.js:335:12)
at next (/usr/lib/node_modules/node-red/node_modules/express/lib/router/index.js:275:10)
at SessionStrategy.strategy.pass (/usr/lib/node_modules/node-red/node_modules/passport/lib/middleware/authenticate.js:338:9)
I ran into basically the same issue when trying to set up the GitLab passport. The "unknown authentication strategy" is basically caused when the name property you provide does not match the name expected by the passport.authenticate() function as first argument. Note that proper capitalization matters. I don't know what your KeyCloak passport module requires, but e.g. for passport-gitlab (and passport-gitlab2!) name must be "gitlab", not "GitLab" or whatever else.
this could be from running behind a proxy (Traefik) doing the tls for my sites.
@sarosh maybe try setting you callbackURL to just /auth/strategy/callback and your host to the host url of the nodered server [but I don't know how keycloak can call back to a localhost???]
@sarosh my guess is the user you have in the users array has a username of admin - but it should be the username you are authenticating with keycloak, which I assume would more likely be an email address.