那些遇到过的问题

keycloak USER_INFO_REQUEST_ERROR 如果从另一个 docker 容器请求

MrS*_*man 6 docker keycloak docker-compose

所以我有一些可以一起工作的容器。此设置旨在作为我们的微服务的本地开发环境。我使用 keycloak 进行身份验证。这个获取 user_info 的简单请求

curl -H "Authorization: Bearer TOKEN" http://localhost:8080/auth/realms/main/protocol/openid-connect/userinfo
Run Code Online (Sandbox Code Playgroud)

如果请求是从我的机器“主机”到 keycloak 容器完成的,则可以工作,但如果我从任何 API 容器到 keyclaok 执行该请求,则它不起作用,我必须将 URL 中的主机从 localhost 更改为容器名称。从日志来看,我认为这是 CORS 的事情。

这些是 ok 调用“host->keycloak 容器”的日志

09:30:27,702 TRACE [org.keycloak.services.resources.Cors] (default task-1) No origin header ignoring
09:30:27,702 DEBUG [org.keycloak.transaction.JtaTransactionWrapper] (default task-1) JtaTransactionWrapper  commit
09:30:27,703 DEBUG [org.keycloak.transaction.JtaTransactionWrapper] (default task-1) JtaTransactionWrapper end
09:30:27,703 TRACE [org.keycloak.connections.jpa.DefaultJpaConnectionProvider] (default task-1) DefaultJpaConnectionProvider close()
09:30:28,129 DEBUG [org.keycloak.transaction.JtaTransactionWrapper] (default task-1) new JtaTransactionWrapper
09:30:28,129 DEBUG [org.keycloak.transaction.JtaTransactionWrapper] (default task-1) was existing? false
09:30:28,129 TRACE [org.keycloak.models.cache.infinispan.RealmCacheSession] (default task-1) realm by name cache hit: main
09:30:28,129 TRACE [org.keycloak.models.cache.infinispan.RealmCacheSession] (default task-1) by id cache hit: main
09:30:28,131 TRACE [org.keycloak.keys.DefaultKeyManager] (default task-1) Found key: realm=main kid=0C42WRjTe1IwYWqZIS_ITxm3tKFrTAbztybd6C9b7M0 algorithm=RS256 use=SIG
09:30:28,131 TRACE [org.keycloak.models.cache.infinispan.RealmCacheSession] (default task-1) client by name cache hit: dashboard
09:30:28,131 TRACE [org.keycloak.models.cache.infinispan.RealmCacheSession] (default task-1) client by id cache hit: dashboard
09:30:28,132 TRACE [org.keycloak.models.cache.infinispan.RealmCacheSession] (default task-1) by id cache hit: main
09:30:28,132 TRACE [org.keycloak.models.cache.infinispan.RealmCacheSession] (default task-1) client by id cache hit: dashboard
09:30:28,132 TRACE [org.keycloak.models.cache.infinispan.RealmCacheSession] (default task-1) by id cache hit: main
09:30:28,132 DEBUG [org.keycloak.models.sessions.infinispan.InfinispanUserSessionProvider] (default task-1) getUserSessionWithPredicate(540e8e5e-9385-4fd8-924d-f85c752770b4): found in local cache
09:30:28,132 TRACE [org.keycloak.models.cache.infinispan.UserCacheSession] (default task-1) getuserById 1a14f370-5db2-4b28-b5e7-a4bd5eb68d73
09:30:28,132 TRACE [org.keycloak.models.cache.infinispan.RealmCacheSession] (default task-1) client by id cache hit: dashboard
09:30:28,132 TRACE [org.keycloak.connections.jpa.DefaultJpaConnectionProviderFactory] (default task-1) Create JpaConnectionProvider
09:30:28,134 TRACE [org.keycloak.models.cache.infinispan.RealmCacheSession] (default task-1) client by id cache hit: dashboard
09:30:28,134 TRACE [org.keycloak.models.cache.infinispan.UserCacheSession] (default task-1) getuserById 1a14f370-5db2-4b28-b5e7-a4bd5eb68d73
09:30:28,134 TRACE [org.keycloak.models.cache.infinispan.UserCacheSession] (default task-1) return managedusers
09:30:28,134 TRACE [org.keycloak.models.cache.infinispan.UserCacheSession] (default task-1) getuserById 1a14f370-5db2-4b28-b5e7-a4bd5eb68d73
09:30:28,134 TRACE [org.keycloak.models.cache.infinispan.UserCacheSession] (default task-1) return managedusers
09:30:28,134 TRACE [org.keycloak.models.cache.infinispan.UserCacheSession] (default task-1) getuserById 1a14f370-5db2-4b28-b5e7-a4bd5eb68d73
09:30:28,134 TRACE [org.keycloak.models.cache.infinispan.UserCacheSession] (default task-1) return managedusers
09:30:28,134 TRACE [org.keycloak.models.cache.infinispan.UserCacheSession] (default task-1) getuserById 1a14f370-5db2-4b28-b5e7-a4bd5eb68d73
09:30:28,134 TRACE [org.keycloak.models.cache.infinispan.UserCacheSession] (default task-1) return managedusers
09:30:28,134 TRACE [org.keycloak.models.cache.infinispan.UserCacheSession] (default task-1) getuserById 1a14f370-5db2-4b28-b5e7-a4bd5eb68d73
09:30:28,134 TRACE [org.keycloak.models.cache.infinispan.UserCacheSession] (default task-1) return managedusers
09:30:28,134 TRACE [org.keycloak.models.cache.infinispan.UserCacheSession] (default task-1) getuserById 1a14f370-5db2-4b28-b5e7-a4bd5eb68d73
09:30:28,134 TRACE [org.keycloak.models.cache.infinispan.UserCacheSession] (default task-1) return managedusers
09:30:28,134 TRACE [org.keycloak.models.cache.infinispan.UserCacheSession] (default task-1) getuserById 1a14f370-5db2-4b28-b5e7-a4bd5eb68d73
09:30:28,134 TRACE [org.keycloak.models.cache.infinispan.UserCacheSession] (default task-1) return managedusers
09:30:28,135 TRACE [org.keycloak.models.cache.infinispan.UserCacheSession] (default task-1) getuserById 1a14f370-5db2-4b28-b5e7-a4bd5eb68d73
09:30:28,135 TRACE [org.keycloak.models.cache.infinispan.UserCacheSession] (default task-1) return managedusers
09:30:28,135 TRACE [org.keycloak.models.cache.infinispan.UserCacheSession] (default task-1) getuserById 1a14f370-5db2-4b28-b5e7-a4bd5eb68d73
09:30:28,135 TRACE [org.keycloak.models.cache.infinispan.UserCacheSession] (default task-1) return managedusers
09:30:28,135 TRACE [org.keycloak.models.cache.infinispan.UserCacheSession] (default task-1) getuserById 1a14f370-5db2-4b28-b5e7-a4bd5eb68d73
09:30:28,135 TRACE [org.keycloak.models.cache.infinispan.UserCacheSession] (default task-1) return managedusers
09:30:28,135 TRACE [org.keycloak.models.cache.infinispan.UserCacheSession] (default task-1) getuserById 1a14f370-5db2-4b28-b5e7-a4bd5eb68d73
09:30:28,135 TRACE [org.keycloak.models.cache.infinispan.UserCacheSession] (default task-1) return managedusers
09:30:28,135 TRACE [org.keycloak.models.cache.infinispan.UserCacheSession] (default task-1) getuserById 1a14f370-5db2-4b28-b5e7-a4bd5eb68d73
09:30:28,135 TRACE [org.keycloak.models.cache.infinispan.UserCacheSession] (default task-1) return managedusers
09:30:28,135 TRACE [org.keycloak.models.cache.infinispan.UserCacheSession] (default task-1) getuserById 1a14f370-5db2-4b28-b5e7-a4bd5eb68d73
09:30:28,135 TRACE [org.keycloak.models.cache.infinispan.UserCacheSession] (default task-1) return managedusers
09:30:28,135 TRACE [org.keycloak.models.cache.infinispan.UserCacheSession] (default task-1) getuserById 1a14f370-5db2-4b28-b5e7-a4bd5eb68d73
09:30:28,135 TRACE [org.keycloak.models.cache.infinispan.UserCacheSession] (default task-1) return managedusers
09:30:28,135 TRACE [org.keycloak.models.cache.infinispan.UserCacheSession] (default task-1) getuserById 1a14f370-5db2-4b28-b5e7-a4bd5eb68d73
09:30:28,135 TRACE [org.keycloak.models.cache.infinispan.UserCacheSession] (default task-1) return managedusers
09:30:28,135 TRACE [org.keycloak.models.cache.infinispan.UserCacheSession] (default task-1) getuserById 1a14f370-5db2-4b28-b5e7-a4bd5eb68d73
09:30:28,135 TRACE [org.keycloak.models.cache.infinispan.UserCacheSession] (default task-1) return managedusers
09:30:28,136 TRACE [org.keycloak.events] (default task-1) type=USER_INFO_REQUEST, realmId=main, clientId=dashboard, userId=1a14f370-5db2-4b28-b5e7-a4bd5eb68d73, ipAddress=172.18.0.1, auth_method=validate_access_token, signature_required=false, username=salmanadmin, requestUri=http://localhost:8080/auth/realms/main/protocol/openid-connect/userinfo, cookies=[]
Run Code Online (Sandbox Code Playgroud)

这些是针对失败的调用“api 容器 -> keycloak 容器”


09:27:23,898 DEBUG [org.keycloak.transaction.JtaTransactionWrapper] (default task-1) JtaTransactionWrapper  commit
09:27:23,898 DEBUG [org.keycloak.transaction.JtaTransactionWrapper] (default task-1) JtaTransactionWrapper end
09:27:25,335 DEBUG [org.keycloak.transaction.JtaTransactionWrapper] (default task-1) new JtaTransactionWrapper
09:27:25,335 DEBUG [org.keycloak.transaction.JtaTransactionWrapper] (default task-1) was existing? false
09:27:25,336 TRACE [org.keycloak.models.cache.infinispan.RealmCacheSession] (default task-1) realm by name cache hit: main
09:27:25,336 TRACE [org.keycloak.models.cache.infinispan.RealmCacheSession] (default task-1) by id cache hit: main
09:27:25,337 TRACE [org.keycloak.keys.DefaultKeyManager] (default task-1) Found key: realm=main kid=0C42WRjTe1IwYWqZIS_ITxm3tKFrTAbztybd6C9b7M0 algorithm=RS256 use=SIG
09:27:25,337 TRACE [org.keycloak.events] (default task-1) type=USER_INFO_REQUEST_ERROR, realmId=main, clientId=null, userId=null, ipAddress=172.18.0.9, error=invalid_token, auth_method=validate_access_token, requestUri=http://keycloak:8080/auth/realms/main/protocol/openid-connect/userinfo, cookies=[]
Run Code Online (Sandbox Code Playgroud)

我的 docker-compose.yml 看起来像这样

version: "3"

services:
  db:
    ports:
      - "5439:5432"
    image: postgres
    volumes:
      - ./postgres/:/var/lib/postgresql/data
    environment:
      POSTGRES_PASSWORD: ****
      POSTGRES_DB: keycloak

  keycloak:
    build:
      context: ../at_keycloak
      dockerfile: Dockerfile
    environment:
      DB_VENDOR: POSTGRES
      DB_ADDR: db
      DB_DATABASE: keycloak
      DB_USER: postgres
      DB_SCHEMA: public
      DB_PASSWORD: ****
      KEYCLOAK_USER: admin
      KEYCLOAK_PASSWORD: admin
      KEYCLOAK_LOGLEVEL: ALL
      # ROOT_LOGLEVEL: ALL
    ports:
      - 8080:8080
    depends_on:
      - db

  at_core_backend:
    restart: unless-stopped
    depends_on:
      - keycloak
      - db
    ports:
      - "3000:3000"
    environment:
      KEYCLOAK_SERVER_URL: http://keycloak:8080/auth/
Run Code Online (Sandbox Code Playgroud)

归档时间:

查看次数:

2534 次

最近记录:

5 年,1 月 前
相关归档
如何使用phpStorm调试我的docker容器 23
如何发送到docker-py容器的stdin? 11
具有docker容器的独立群集上的Spark SPARK_PUBLIC_DNS和SPARK_LOCAL_IP 10
安装 GNU-Parallel:如何从 docker build 输入“will cite”? 9
让cron在php上运行:7-fpm图像 8
如何修复 Windows 中的“VirtualBox 接口具有活动连接”错误? 8
docker安装问题安装后找不到文件 6
无法从 pgadmin 连接到 postgres db(都在 docker 上运行)? 6
连接错误 mariadb + wordpress 与 docker 5
错误:yaml.scanner.ScannerError:扫描简单密钥时 3
难疑归档
在JavaScript中创建GUID/UUID? 3915
如何测试私有函数或具有私有方法,字段或内部类的类? 2593
为什么我不应该在PHP中使用mysql_*函数? 2432
什么是Android上的"上下文"? 1872
如何检查SQL Server表中是否存在列? 1792
我在哪里可以找到有关在JavaScript中格式化日期的文档? 1381
最优雅的方法来检查Python中的字符串是否为空? 1282
如何使用jQuery按名称选择元素? 1160
为特定提交生成git补丁 1144
如何查看运行我的脚本的Python版本? 1099