Hi all, i’m new to Keycloak and am trying to work with the nodejs client to enable several security features for an API gateway, such as mutual TLS and certificate-based authentication. To get a better feel of the possibilities i’ve been going through the keycloak-nodejs-connect code and the different features as tested with the run_tests.sh script.
Of the 57 tests (and 85 checks) it appears that 7 of these fail… but i can’t figure out why. All these errors happen for the confidential-client , for example for testing to refresh a grant and the access_token returned is equal to the original one (while it should be not equal), of to validate an invalid token and the actual response (a JWT) doesn’t match the expected one (false).
Is this what is supposed to happen? How can i fix it? Are these functions in the process of being deprecated and am i using run_tests.sh outside of its usecase? I assume run_tests.sh is meant for developers on the nodejs adapter, so i hoped it gave me an inside look… but with these errors it’s somewhat labyrinthine.
I hope someone has been testing things out as well and can help set me on the right direction
Kind regards
Paul