Keycloak AuthenticationFlowContext return 总是http协议

Question

我正在实施 Authenticator class 并使用 AuthenticationFlowContext。当我通过 HTTPS 引用服务器时，在 context.getUriInfo().getAbsolutePath() 中仍然保留 http://{hostname}/auth/... .

public void authenticate(AuthenticationFlowContext context) {

    String url = context.getUriInfo().getAbsolutePath()+"?client_id="+context.getClientSession().getClient().getClientId()
            +"&redirect_uri="+context.getClientSession().getNote("redirect_uri")
            +"&state="+context.getClientSession().getNote("state")
            +"&response_type="+context.getClientSession().getNote("response_type");

    try {
        url = URLEncoder.encode(url, "UTF-8");
    } catch (UnsupportedEncodingException e) {
        e.printStackTrace();
    }

    context.forceChallenge(Response.seeOther(URI.create(idpUrl+"idp/l?lvl=2&url="+url)).build());

}

Answer 1

您必须配置 keycloak server 和 nginx:

location /  {
       proxy_set_header Host                $host;
       proxy_set_header X-Real-IP           $remote_addr;
       proxy_set_header X-Forwarded-For     $proxy_add_x_forwarded_for;
       proxy_set_header X-Forwarded-Proto   $scheme;
       proxy_set_header X-Forwarded-Port    443;

       proxy_pass  http://localhost:8080;
    }

HTTPS 已启用。

Keycloak AuthenticationFlowContext return 总是http协议

Keycloak AuthenticationFlowContext return always http protocol

keycloak