T
TanStack2w ago
conscious-sapphire

Is it possible to forward keycloak client cookie in server context?

Hi, we have SPA react/vite app, that uses keycloak. When we navigate the root of our app, it redirects to preconfigured keycloak login page and users can get cookie through regular username/password or through socials providers (e.g office 365 account). When login process is finished it redirects back to the root of our app. When users clicks through the app, and different API's are fired, native fetch functions uses include: 'credentials, and cookie is set in request header automatically. There is no single keycloak library used in React. Now, we like to experiment a bit with Tanstack start, but this client keycloak auth, looks pain in the butt, as I've tried various ideas 'somehow' to forward the cookie, or Tanstack Start somehow to know about that cookie, but no solution works. Can anyone give some ideas, how to proceed, or is this possible? Or I need some API endpoint, that will do much the same, now the out of the box login page is doing? Tried something like this but cookie is not available 
const headers = createIsomorphicFn()
    .client(() => ({}))
    .server(() => getRequestHeaders());
const headers = createIsomorphicFn()
    .client(() => ({}))
    .server(() => getRequestHeaders());
Headers: Headers {
host: 'localhost:3000',
connection: 'keep-alive',
'sec-ch-ua-platform': '"Windows"',
'user-agent': 'Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36',
'sec-ch-ua': '"Chromium";v="142", "Brave";v="142", "Not_A Brand";v="99"',
'sec-ch-ua-mobile': '?0',
accept: '/',
'sec-gpc': '1',
'sec-fetch-site': 'same-origin',
'sec-fetch-mode': 'cors',
'sec-fetch-dest': 'manifest',
referer: 'http://localhost:3000/',
'accept-encoding': 'gzip, deflate, br, zstd',
'accept-language': 'en-US,en;q=0.9'
}
Headers: Headers {
host: 'localhost:3000',
connection: 'keep-alive',
'sec-ch-ua-platform': '"Windows"',
'user-agent': 'Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36',
'sec-ch-ua': '"Chromium";v="142", "Brave";v="142", "Not_A Brand";v="99"',
'sec-ch-ua-mobile': '?0',
accept: '/',
'sec-gpc': '1',
'sec-fetch-site': 'same-origin',
'sec-fetch-mode': 'cors',
'sec-fetch-dest': 'manifest',
referer: 'http://localhost:3000/',
'accept-encoding': 'gzip, deflate, br, zstd',
'accept-language': 'en-US,en;q=0.9'
}
5 Replies
wee-brown
wee-brown2w ago
where does the cookie get set after login? valid on which domain / path?
conscious-sapphire
conscious-sapphireOP2w ago
@Manuel Schiller I can see it in the the devtools in the application tab....
wee-brown
wee-brown2w ago
by that question i mean: this question needs more details about your setup. ideally, provide a complete reproducer that is cloneable and runnable directly to help you debug this
conscious-sapphire
conscious-sapphireOP2w ago
Not possible, just my question, is if u are stuck with some client cookie (no matter what kind of auth u use).... and u like to migrate to SSR framework.... How u can achieve that? I'm talking about complex auth process, not just simple route returning JWT or bearer token... I don't have any auth integration from the app...
wee-brown
wee-brown2w ago
typically you would let the SSR framework set and read the cookie in between

Did you find this page helpful?