网页在Cordova Android应用程序中不可用
[英]Webpage not available in Cordova Android app
问题描述
EDIT: I have been progressing through this problem and retracing all of my steps. 
编辑:我一直在解决这个问题并回顾我的所有步骤。 I am happy to reduce the size of this question and get more to the exact details if it is confusing. 我很乐意减少这个问题的大小,如果它令人困惑,可以获得更多详细信息。 Currently I am at the point where it seems like Keycloak only intends to redirect me to https://, which should be a Wildfly server configuration issue, as far as I can tell. 目前我看来Keycloak似乎只打算将我重定向到https://,这应该是一个Wildfly服务器配置问题,据我所知。
EDIT: I reduced my question, but this introduced confusion, so I rollbacked the question to what it was originally, the most relevant parts are at the bottom though, where I will note this 编辑:我减少了我的问题,但这引起了混乱,所以我将问题回滚到最初的问题,最相关的部分是在底部,但我会注意到这一点
I am tearing my hair out trying to figure out what might be causing this problem. 我正在试图找出可能导致这个问题的原因。
I've got the following error message on a simulator in Android studio: 我在Android studio的模拟器上收到以下错误消息:
I am using the identity management system Keycloak - I'll get back to that in a bit. 我正在使用身份管理系统Keycloak - 我会稍微回过头来看看。
I have tried changing my CSP to be very permissive: 我试过改变我的CSP是非常宽容的:
<meta http-equiv="Content-Security-Policy" content="default-src *; script-src 'self' 'unsafe-eval' 'unsafe-inline'; style-src 'self' 'unsafe-eval' 'unsafe-inline'; media-src *; img-src 'self' * data:"
/>
I have installed inappbrowser, I have set my intents and allow-navigations pretty liberally in my config.xml: 我已经安装了inappbrowser,我在config.xml中设置了我的意图和允许导航:
<allow-intent href="http://*/*" />
<allow-intent href="https://*/*" />
<allow-intent href="tel:*" />
<allow-intent href="sms:*" />
<allow-intent href="mailto:*" />
<allow-intent href="geo:*" />
<allow-intent href="gap://*" />
<allow-intent href="APPNAMEHERE://*/*" />
<allow-intent href="fb://*/*" />
<allow-intent href="http://stage.APPNAMEHERE.com://*/*" />
<allow-intent href="https://stage.APPNAMEHERE.com://*/*" />
<allow-navigation href="https://localhost/*"/>
<allow-navigation href="http://localhost/*"/>
<preference name="Hostname" value="localhost" />
<preference name="Scheme" value="https" />
<preference name="MixedContentMode" value="0" />
<access origin="*" />
<allow-navigation href="*" />
<allow-navigation href="localhost://*/*" />
<allow-navigation href="APPNAME://*/*" />
<allow-navigation href="fb://*/*" />
<allow-intent href="*" />
<allow-navigation href="*" />
<allow-intent href="http://*/*" />
<allow-intent href="https://*/*" />
<allow-intent href="*" />
Basically I have tried to make this app as permissive as possible, and still no luck authenticating. 基本上我试图让这个应用程序尽可能宽松,仍然没有运气验证。
But there's something weirder. 但有一些更奇怪的东西。
I have another, completely unrelated app, but which also uses this same identity management system. 我有另一个完全不相关的应用程序,但它也使用相同的身份管理系统。 I decided, on a lark, because I was desperate to try connecting against that service here, and it works flawlessly - no issues. 我决定,在一个百灵鸟,因为我迫切希望尝试连接这个服务,它完美无缺 - 没有问题。
I tried exporting the client from the other Keycloak (a bunch of configuration settings) and using them with minor changes, and no dice. 我尝试从其他Keycloak(一堆配置设置)导出客户端,并使用它们进行微小的更改,并且没有骰子。 Still the same error. 还是一样的错误。
I am just about tearing my hair out at this point, I've been continuously trying different things and clicking "login" for hours with the exact same result. 我只是在这个时候撕掉我的头发,我一直在尝试不同的东西,点击“登录”几个小时,结果完全相同。
What could possibly be preventing me from logging in? 什么可能阻止我登录?
Note, there's an iOS app that works perfectly on this same setup, so it's not the setup. 请注意,有一个iOS应用程序在这个相同的设置上完美运行,所以它不是设置。
I'm connecting via OIDC, if that helps anyone. 我通过OIDC连接,如果这有助于任何人。
I'm sorry I can't provide more information, I wish I could find something, anything to grasp at, but I'm completely lost here, it just seems to not be able to find localhost, no matter what I try. 对不起,我无法提供更多信息,我希望我能找到一些东西,有什么需要掌握,但我完全迷失在这里,它似乎无法找到localhost,无论我尝试什么。
Android console (there is nothing special I am seeing in the Chrome inspector): Android控制台(我在Chrome检查器中看到的并不特别):
2019-08-31 10:56:42.002 12062-12191/com.companyname.appname D/InAppBrowser: target = _blank
2019-08-31 10:56:42.003 12062-12062/com.companyname.appname D/InAppBrowser: in blank
2019-08-31 10:56:42.054 12062-12164/com.companyname.appname E/eglCodecCommon: glUtilsParamSize: unknow param 0x000088ef
2019-08-31 10:56:42.054 12062-12164/com.companyname.appname E/eglCodecCommon: glUtilsParamSize: unknow param 0x000088ef
2019-08-31 10:56:42.168 12062-12170/com.companyname.appname D/EGL_emulation: eglMakeCurrent: 0xf0677ba0: ver 3 0 (tinfo 0xd6778770)
2019-08-31 10:56:42.325 12062-12170/com.companyname.appname D/EGL_emulation: eglMakeCurrent: 0xf0677ba0: ver 3 0 (tinfo 0xd6778770)
2019-08-31 10:56:42.501 12062-12170/com.companyname.appname D/EGL_emulation: eglMakeCurrent: 0xf0677ba0: ver 3 0 (tinfo 0xd6778770)
Note, I have replaced the company name of the company this is for with "companyname" and the app name with "appname" 请注意,我已使用“companyname”替换了公司的公司名称,并使用“appname”替换了应用程序名称
EDIT: 编辑:
I am also noticing this error when trying a very basic keycloak implementation (the toy example here: https://github.com/keycloak/keycloak/blob/master/examples/cordova/www/index.html ) on my front end: 在我的前端尝试一个非常基本的keycloak实现(这里的玩具示例: https : //github.com/keycloak/keycloak/blob/master/examples/cordova/www/index.html )时,我也注意到了这个错误:
keycloak.js:1000 Uncaught (in promise) undefined
setError @ keycloak.js:1000
(anonymous) @ keycloak.js:1261
Channel.fire @ cordova.js:840
_eventHandler @ inappbrowser.js:53
cb @ inappbrowser.js:118
callbackFromNative @ cordova.js:290
(anonymous) @ VM68:1
The code in question, in keycloak.js, pertains to creating a native promise: 有问题的代码,在keycloak.js中,与创建本机承诺有关:
function createNativePromise() {
// Need to create a native Promise which also preserves the
// interface of the custom promise type previously used by the API
var p = {
setSuccess: function(result) {
p.success = true;
p.resolve(result);
},
setError: function(result) {
p.success = false;
p.reject(result);
}
};
Could it possibly be related to inappbrowser? 它可能与inappbrowser有关吗?
ACTUAL RELEVANT PART OF THE QUESTION 问题的实际相关部分
EDIT 2: Digging deeper down... 编辑2:深入挖掘......
The error is getting thrown here. 错误在这里被抛出。
So my guess is that it's due to my redirect url somehow being https://localhost rather than http://localhost , as this is what my redirect URI is. 所以我的猜测是,这是由于我的重定向url某种程度上是https:// localhost而不是http:// localhost ,因为这是我的重定向URI。
ref.addEventListener('loaderror', function(event) {
if (!completed) {
if (event.url.indexOf('http://localhost') == 0) {
var callback = parseCallback(event.url);
processCallback(callback, promise);
closeBrowser();
completed = true;
} else {
promise.setError();
closeBrowser();
}
}
});
https://localhost/#state=3bc5b8e8-ee17-4c78-861c-6fa62f5e353b&session_state=43d5518d-c278-4245-b181-899783fd2c6b&code=8e50a9c0-d1a6-4ecd-8e91-e85d92350900.43d5518d-c278-4245-b181-899783fd2c6b.863570ca-9c62-41a5-97bb-33880fe6c62d
Even when trying: 即使尝试:
keycloak.init({ onLoad: "check-sso", redirectUri: "http://localhost" })
I am still getting the redirect uri of https:// above, which I am strongly thinking is responsible for my error. 我仍然在上面获得https://的重定向uri,我强烈认为这是我的错误。
My strong guess at this point is that this may be related to a Keycloak (which uses Wildfly) configuration setting. 我在这一点上的强烈猜测是,这可能与Keycloak(使用Wildfly)配置设置有关。
Here is my server setup in Wildfly: 这是我在Wildfly中的服务器设置:
<server name="default-server">
<http-listener name="default" socket-binding="http" redirect-socket="http" proxy-address-forwarding="true" enable-http2="true"/>
<https-listener name="https" socket-binding="https" security-realm="ApplicationRealm" enable-http2="true"/>
<host name="default-host" alias="localhost">
<location name="/" handler="welcome-content"/>
<http-invoker security-realm="ApplicationRealm"/>
</host>
</server>
2 个解决方案
解决方案1
2 2019-09-02 03:09:24
I don't understand why do you think that could be due to a wildfly configuration... 我不明白为什么你认为这可能是由于野生动物配置...
Check please and provide more info: 请检查并提供更多信息:
- Trace your request from Cordova to Keycloak 跟踪您从科尔多瓦到Keycloak的请求
- What redirect_uri parameter is sent/requested? 发送/请求了什么redirect_uri参数?
- You can try enabling audit like this audit configuration to check the "redirect_uri" parameter. 您可以尝试启用此审核配置之类的审核以检查“redirect_uri”参数。
Keycloak receives a request with a valid redirect uri and then if you are a valid user and the redirect uri received matches with your client configuration... your app will be redirected to your requested redirect_uri. Keycloak接收带有效重定向uri的请求,然后如果您是有效用户并且重定向uri收到与您的客户端配置匹配...您的应用将被重定向到您请求的redirect_uri。
- Check your client and realm configuration ( example realm configuration for cordova apps ) 检查您的客户端和领域配置( cordova应用程序的示例域配置 )
Edited 1: about your wildfly standalone.xml : As I said before in comments, your http-listener attribute reditect-socket=“http” is a mistake. 编辑1:关于你的wildfly standalone.xml :正如我之前在评论中所说,你的http-listener属性reditect-socket =“http”是一个错误。 If you want to enable redirection to https replace “http” by “https”. 如果要启用重定向到https,请将“http”替换为“https”。 Otherwise remove it. 否则将其删除。
Attribute “proxy-address-forwarding” must to be used only when your keycloak are behind a reverse proxy (use of x-forwarded-* headers). 只有当您的keycloak位于反向代理后面时才使用属性“proxy-address-forwarding”(使用x-forwarded- * headers)。
I tested with Keycloak v6.0.1 and it works. 我使用Keycloak v6.0.1进行了测试,它确实有效。 It redirect to ' http://localhost '. 它重定向到' http:// localhost '。
Some points to take in mind: 需要注意的一些要点:
- don't work with platform 'browser' (use 'android') 不使用平台'浏览器'(使用'android')
- adding 'inappbrowser' and 'whitelist' plugins 添加'inappbrowser'和'whitelist'插件
- try with a new emulator/runtime instance. 尝试使用新的模拟器/运行时实例。
- don't tried with an external identity provider 不要尝试使用外部身份提供商
Tested with Keycloak v6.0.1 使用Keycloak v6.0.1进行测试
Steps that I followed to do a test with sample project: 我使用示例项目进行测试的步骤:
- Download Keycloak source from github source 从github 源代码下载Keycloak源代码
- Install last version of Android Studio and Gradle (add to PATH) 安装最新版本的Android Studio和Gradle(添加到PATH)
- Go to directory 'keycloak/examples/cordova' 转到目录'keycloak / examples / cordova'
- Download 'keycloak.js' from your Keycloak instance (eg. ' https://yourdomain:port/auth/js/keycloak.js ') and put in directory 'keycloak/examples/cordova/www' 从Keycloak实例下载'keycloak.js'(例如' https:// yourdomain:port / auth / js / keycloak.js ')并放入目录'keycloak / examples / cordova / www'
- Open your emulator from Android Studio (install your runtime eg. 'Pixel 2 Api 29'). 从Android Studio打开您的模拟器(安装您的运行时,例如'Pixel 2 Api 29')。
- Configure your realm 'example' (import new realm from file: 'keycloak/examples/cordova/example-realm.json') 配置你的领域'example'(从文件导入新领域:'keycloak / examples / cordova / example-realm.json')
- Run commands: 运行命令:
mkdir platforms plugins
cordova plugin add cordova-plugin-inappbrowser
cordova plugin add cordova-plugin-whitelist
cordova platform add android
cordova build android
cordova run android
PS: If you have some public test instance to check with it or PS:如果你有一些公共测试实例用它来检查或
解决方案2
0 2019-09-03 17:55:28
You'd likely need cordova-plugin-http2 or Cordova Advanced HTTP 2 , because of enable-http2="true" , the server wants to negotiate HTTP2 . 你可能需要cordova-plugin-http2或Cordova Advanced HTTP 2 ,因为enable-http2="true" ,服务器想要协商HTTP2 。 Setting enable-http2="false" would possibly circumvent the problem. 设置enable-http2="false"可能会解决问题。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.