Bug Keycloak & Bookstack Integration #4414

New Issue

Closed

opened 2026-02-05 08:50:31 +03:00 by OVERLORD · 6 comments

OVERLORD commented 2026-02-05 08:50:31 +03:00

Owner

Copy Link

Originally created by @gugigunawan on GitHub (Jan 18, 2024).

Attempted Debugging

• I have read the debugging page

Searched GitHub Issues

• I have searched GitHub for the issue.

Describe the Scenario

Hello Dan,

i write new issue for integration between Keycloak and BookStack as instruction you gave to me for opening new Issue.
The issue still the same, after make sure the Time Zone between Host and Docker Image is same but the Error have still appear.

I check the response after click "Login with Keycloak" is 200 but the page not redirect to BookStack Page instead have go back to home page.

Exact BookStack Version

v23.10.12

Log Content

No response

Hosting Environment

OS VM : 22.04 LTS
BookStack Image Version : v23.10.2

Originally created by @gugigunawan on GitHub (Jan 18, 2024). ### Attempted Debugging - [X] I have read the debugging page ### Searched GitHub Issues - [X] I have searched GitHub for the issue. ### Describe the Scenario Hello Dan, i write new issue for integration between Keycloak and BookStack as instruction you gave to me for opening new Issue. The issue still the same, after make sure the Time Zone between Host and Docker Image is same but the Error have still appear. <img width="887" alt="image" src="https://github.com/BookStackApp/BookStack/assets/9584750/66d48e9e-5f20-4e0c-81b8-cddc424d30e5"> I check the response after click "Login with Keycloak" is 200 but the page not redirect to BookStack Page instead have go back to home page. <img width="960" alt="image" src="https://github.com/BookStackApp/BookStack/assets/9584750/9e61561d-ff41-4c88-89fe-e867fca16522"> ### Exact BookStack Version v23.10.12 ### Log Content _No response_ ### Hosting Environment OS VM : 22.04 LTS BookStack Image Version : v23.10.2

OVERLORD added the 🐕 Support label 2026-02-05 08:50:31 +03:00

OVERLORD closed this issue 2026-02-05 08:50:32 +03:00

OVERLORD commented 2026-02-05 08:50:36 +03:00

Author

Owner

Copy Link

@ssddanbrown commented on GitHub (Jan 18, 2024):

Hi @gugigunawan,
How are you hosting Keycloak, have you checked the time of the Keycloak's host system/container?

@ssddanbrown commented on GitHub (Jan 18, 2024): Hi @gugigunawan, How are you hosting Keycloak, have you checked the time of the Keycloak's host system/container?

OVERLORD commented 2026-02-05 08:50:40 +03:00

Author

Owner

Copy Link

@gugigunawan commented on GitHub (Jan 22, 2024):

Hi,

i install Keycloak using this tutorial https://www.keycloak.org/getting-started/getting-started-zip
Yes, i already check it and already same TZ between Keycloak and Bookstack Server

@gugigunawan commented on GitHub (Jan 22, 2024): Hi, i install Keycloak using this tutorial https://www.keycloak.org/getting-started/getting-started-zip Yes, i already check it and already same TZ between Keycloak and Bookstack Server

OVERLORD commented 2026-02-05 08:50:43 +03:00

Author

Owner

Copy Link

@ssddanbrown commented on GitHub (Jan 22, 2024):

Yes, i already check it and already same TZ between Keycloak and Bookstack Server

The timezone should not matter.
Have you checked the actual time on the keycloak server? Is it aligned with the time on the BookStack server?

@ssddanbrown commented on GitHub (Jan 22, 2024): > Yes, i already check it and already same TZ between Keycloak and Bookstack Server The timezone should not matter. Have you checked the actual time on the keycloak server? Is it aligned with the time on the BookStack server?

OVERLORD commented 2026-02-05 08:50:48 +03:00

Author

Owner

Copy Link

@gugigunawan commented on GitHub (Jan 23, 2024):

Yes, it's actually same between those 2 Servers and i use NTP Server for Sync Time between Bookstack and Keycloak Server

Any suggestion beside time problem for this problem ?

Best Regards,

@gugigunawan commented on GitHub (Jan 23, 2024): Yes, it's actually same between those 2 Servers and i use NTP Server for Sync Time between Bookstack and Keycloak Server Any suggestion beside time problem for this problem ? Best Regards,

OVERLORD commented 2026-02-05 08:50:51 +03:00

Author

Owner

Copy Link

@ssddanbrown commented on GitHub (Jan 23, 2024):

Any suggestion beside time problem for this problem ?

Not anything else easy to check. The next step would be doing some deeper inspection into what your keycloak server is providing to BookStack, to inspect the iat value of the OIDC ID Token.

Here's the relevant code in BookStack which throws this error:
295cd01605/app/Access/Oidc/OidcIdToken.php (L208-L212)

Just before this, we check that the iat is set, so it should be there.
We then check the time given is within a certain window, with a fair bit of leeway (2 mins forward, 1 day back).
We'd need to see what iat is being provided in your token to understand anything more.
There's not a direct easy way to dump that though, without going inside the container to modify code at the point reflected above.

@ssddanbrown commented on GitHub (Jan 23, 2024): > Any suggestion beside time problem for this problem ? Not anything else easy to check. The next step would be doing some deeper inspection into what your keycloak server is providing to BookStack, to inspect the `iat` value of the OIDC ID Token. Here's the relevant code in BookStack which throws this error: https://github.com/BookStackApp/BookStack/blob/295cd0160525125bbd7756d7ad07392ae7201cb8/app/Access/Oidc/OidcIdToken.php#L208-L212 Just before this, we check that the `iat` is set, so it should be there. We then check the time given is within a certain window, with a fair bit of leeway (2 mins forward, 1 day back). We'd need to see what `iat` is being provided in your token to understand anything more. There's not a direct easy way to dump that though, without going inside the container to modify code at the point reflected above.

OVERLORD commented 2026-02-05 08:50:53 +03:00

Author

Owner

Copy Link

@ssddanbrown commented on GitHub (Mar 9, 2024):

Since there's been no further follow-up I'm going to close this. If you need further help just respond to my previous comment.

@ssddanbrown commented on GitHub (Mar 9, 2024): Since there's been no further follow-up I'm going to close this. If you need further help just respond to my previous comment.

Sign in to join this conversation.

No Branch/Tag Specified

Branches Tags

development

further_theme_development

l10n_development

release

llm_only

vectors

v25-11

docker_env

drawio_rendering

user_permissions

ldap_host_failover

svg_image

prosemirror

captcha_example

fix/video-export

v25.12.3

v25.12.2

v25.12.1

v25.12

v25.11.6

v25.11.5

v25.11.4

v24.11.4

v25.11.3

v25.11.2

v25.11.1

v25.11

v25.07.3

v25.07.2

v25.07.1

v25.07

v25.05.2

v25.05.1

v25.05

v25.02.5

v25.02.4

v25.02.3

v25.02.2

v25.02.1

v25.02

v24.12.1

v24.12

v24.10.3

v24.10.2

v24.10.1

v24.10

v24.05.4

v24.05.3

v24.05.2

v24.05.1

v24.05

v24.02.3

v24.02.2

v24.02.1

v24.02

v23.12.3

v23.12.2

v23.12.1

v23.12

v23.10.4

v23.10.3

v23.10.2

v23.10.1

v23.10

v23.08.3

v23.08.2

v23.08.1

v23.08

v23.06.2

v23.06.1

v23.06

v23.05.2

v23.05.1

v23.05

v23.02.3

v23.02.2

v23.02.1

v23.02

v23.01.1

v23.01

v22.11.1

v22.11

v22.10.2

v22.10.1

v22.10

v22.09.1

v22.09

v22.07.3

v22.07.2

v22.07.1

v22.07

v22.06.2

v22.06.1

v22.06

v22.04.2

v22.04.1

v22.04

v22.03.1

v22.03

v22.02.3

v22.02.2

v22.02.1

v22.02

v21.12.5

v21.12.4

v21.12.3

v21.12.2

v21.12.1

v21.12

v21.11.3

v21.11.2

v21.11.1

v21.11

v21.10.3

v21.10.2

v21.10.1

v21.10

v21.08.6

v21.08.5

v21.08.4

v21.08.3

v21.08.2

v21.08.1

v21.08

v21.05.4

v21.05.3

v21.05.2

v21.05.1

v21.05

v21.04.6

v21.04.5

v21.04.4

v21.04.3

v21.04.2

v21.04.1

v21.04

v0.31.8

v0.31.7

v0.31.6

v0.31.5

v0.31.4

v0.31.3

v0.31.2

v0.31.1

v0.31.0

v0.30.7

v0.30.6

v0.30.5

v0.30.4

v0.30.3

v0.30.2

v0.30.1

v0.30.0

v0.29.3

v0.29.2

v0.29.1

v0.29.0

v0.28.3

v0.28.2

v0.28.1

v0.28.0

v0.27.5

v0.27.4

v0.27.3

v0.27.2

v0.27.1

v0.27

v0.26.4

v0.26.3

v0.26.2

v0.26.1

v0.26.0

v0.25.5

v0.25.4

v0.25.3

v0.25.2

v0.25.1

v0.25.0

v0.24.3

v0.24.2

v0.24.1

v0.24.0

v0.23.2

v0.23.1

v0.23.0

v0.22.0

v0.21.0

v0.20.3

v0.20.2

v0.20.1

v0.20.0

v0.19.0

v0.18.5

v0.18.4

v0.18.3

v0.18.2

v0.18.1

v0.18.0

v0.17.4

v0.17.3

v0.17.2

v0.17.1

v0.17.0

v0.16.3

v0.16.2

v0.16.1

v0.16.0

v0.15.3

v0.15.2

v0.15.1

v0.15.0

v0.14.3

v0.14.2

v0.14.1

v0.14.0

v0.13.1

v0.13.0

v0.12.2

v0.12.1

v0.12.0

v0.11.2

v0.11.1

v0.11.0

v0.10.0

v0.9.3

v0.9.2

v0.9.1

v0.9.0

v0.8.2

v0.8.1

v0.8.0

v0.7.6

v0.7.5

v0.7.4

v0.7.3

0.7.2

v.0.7.1

v0.7.0

v0.6.3

v0.6.2

v0.6.1

v0.6.0

v0.5.0

Labels

Clear labels

🎨 Design

📖 Docs Update

🐛 Bug

🐛 Bug

:cat2:🐈 Possible duplicate

💿 Database

☕ Open to discussion

💻 Front-End

🐕 Support

🚪 Authentication

🌍 Translations

🔌 API Task

🏭 Back-End

⛲ Upstream

🔨 Feature Request

🛠️ Enhancement

🛠️ Enhancement

🛠️ Enhancement

❤️ Happy feedback

🔒 Security

🔍 Pending Validation

💆 UX

📝 WYSIWYG Editor

🌔 Out of scope

🔩 API Request

:octocat: Admin/Meta

🖌️ View Customization

❓ Question

🚀 Priority

🛡️ Blocked

🚚 Export System

♿ A11y

🔧 Maintenance

> Markdown Editor

pull-request

Mirrored from GitHub Pull Request

No Label 🐕 Support

Milestone

No items

No Milestone

Projects

Clear projects

No project

Assignees

Clear assignees

OVERLORD

No Assignees

1 Participants

Notifications

Subscribe

Due Date

No due date set.

Dependencies

No dependencies set.

Reference: starred/BookStack#4414