Hello Everyone,
I am trying to configure my Keycloak server for OAuth2 with PKCE.
I have followed various tutorials and I followed these steps:
- Create Realm ( test )
- Create Client (test-client )
- Set Client Authentication OFF → public
- Choose Standard Flow
- Set Redirect URI (http://localhost:4200)
- Set Proof Key for Code Exchange Code Challenge Method → S256
- Enable Register Flow in Realm Settings
Now I try to access my register page with a URL I am creating in a small script (python):
import base64
import hashlib
import os
def generate_code_challenge():
# Generate a random code_verifier
code_verifier = base64.urlsafe_b64encode(os.urandom(40)).decode('utf-8').replace('=', '')
# Create a code_challenge based on the code_verifier
code_challenge = hashlib.sha256(code_verifier.encode('utf-8')).digest()
code_challenge = base64.urlsafe_b64encode(code_challenge).decode('utf-8').replace('=', '')
return code_challenge
code_challenge = generate_code_challenge()
auth_url = (
"http://localhost:8080/auth/realms/test/protocol/openid-connect/auth?"
"client_id=test-client&"
"response_type=code&"
"scope=openid&"
"redirect_uri=http://localhost:4200&"
f"code_challenge={code_challenge}&"
"code_challenge_method=S256"
)
register_url = (
"http://localhost:8080/auth/realms/test/protocol/openid-connect/registrations?"
"client_id=test-client&"
"response_type=code&"
"scope=openid&"
"redirect_uri=http://localhost:4200&"
f"code_challenge={code_challenge}&"
"code_challenge_method=S256"
)
print(auth_url)
print(register_url)
I get the following urls:
When I try to enter them I get a Page not found. This worked in an earlier version I have used before 17.0.0.
I am using version 23.0.1 now.
Thank you in advance.
Regards,
Angelo from Germany