Nodered API authentication using keycloak auth

Hi,

I am trying to achieve a GET operation on http://localhost/nodered/admin/flows and getting 401 error.

Curl Command for GET /flows operation
curl --request GET 'http://localhost/nodered/admin/flows' --header 'Authorization: Bearer '

Curl command to generate the keycloak token
curl http://localhost/auth/realms/smp/protocol/openid-connect/token --data 'client_id=nodered&grant_type=password&username=nodered&password=nodered1'

settings.js file used

.
.
.
var auth = require("node-red-auth-client");
auth.init({
    "authenticateFlows" : true,
    "authServerUrl": "http://localhost/auth",
    "realm" : "smp",
    "role": "flows.execute"
});

module.exports = {
.
.
.

    // nodered User name and password
    noderedUser : {
        userName : 'nodered',
        password : 'nodered1',
        noderedIp: '127.0.0.1'
    },

    // By default, the Node-RED UI is available at http://localhost:1880/
    // The following property can be used to specifiy a different root path.
    // If set to false, this is disabled.
    httpAdminRoot: '/nodered/admin',

    // Some nodes, such as HTTP In, can be used to listen for incoming http requests.
    // By default, these are served relative to '/'. The following property
    // can be used to specifiy a different root path. If set to false, this is
    // disabled.
    httpNodeRoot: '/nodered/flows',

    adminAuth: require("node-red-auth-keycloak")({
        sessionExpiryTime: 3600,
        realm: 'smp',
        authServerUrl: 'http://localhost/auth',
        callbackURL : 'http://localhost/nodered/admin'
    }),
        requireHttps: false,

    // The following property can be used to add a custom middleware function
    // in front of all http in nodes. This allows custom authentication to be
    // applied to all http in nodes, or any other sort of common request processing.
    httpNodeMiddleware: function(req,res,next) {
        if(auth.shouldAuthenticate()) {
            var promises = [];
            new Promise((resolve, reject) => {
                promises.push(auth.isAuthorized(req));
                Promise.all(promises).then(function(promiseResults) {
                    if(Array.isArray(promiseResults) && promiseResults.length == 1 && promiseResults[0] == true) {
                        next();
                    } else {
                        const error = new Error('Unauthorized access');
                        error.httpStatusCode = 401;
                        next(error);
                    }
                }).catch(function(err) {
                    const error = new Error('Unauthorized access');
                    error.httpStatusCode = 401;
                    next(error);
                });
            });
        } else {
            //Authorization is not needed because shouldAuthenticate is false
            next();
        }
    }
	.
	.
	.

We are trying to get flow details from /flows nodered API using keycloak auth token (bearer token).
Nodered API throws 401 error when keycloak access token is used.

Requesting your support here.

Where does node-red-auth-keycloak come from? I do not see it on the npm registry. Given you are using that to configure adminAuth, without any details then we don't know what configuration it's providing.

Please refer the attached file for node-red-auth-keycloak implementation.
node-red-auth-keycloak.txt (3.9 KB)

That doesn't answer where you got it from... who is the author ? you may need to contact them to get help as it's not part of the core project.