I have a docker compose file with odoo, postgres and keycloak running. They are on the same network, and I’m trying to add keycloak as an oauth client in odoo. The keycloak login works fine, and I even get back an access token, but it fails when fetching the userinfo url.

Here is my keycloak config:

and here is my odoo config for keycloak:

It redirects to browser correctly, I can login as well.
However, I get the following logs in keycloak afterwards:

2024-05-19 08:03:00,451 WARN  [org.keycloak.events] (executor-thread-40) type="USER_INFO_REQUEST_ERROR", realmId="ad0217fc-c845-4f32-80bb-0807dc533a49", clientId="null", userId="null", ipAddress="172.19.0.2", error="invalid_token", auth_method="validate_access_token"

and the following in odoo:

web-1  | 2024-05-19 08:03:00,452 1 ERROR test odoo.addons.auth_oauth.controllers.main: Exception during request handling
web-1  | Traceback (most recent call last):
web-1  |   File "/usr/lib/python3/dist-packages/odoo/addons/auth_oauth/controllers/main.py", line 139, in signin
web-1  |     _, login, key = request.env['res.users'].with_user(SUPERUSER_ID).auth_oauth(provider, kw)
web-1  |   File "/usr/lib/python3/dist-packages/odoo/addons/auth_oauth/models/res_users.py", line 124, in auth_oauth
web-1  |     validation = self._auth_oauth_validate(provider, access_token)
web-1  |   File "/mnt/extra-addons/auth_oauth_keycloak/models/res_users.py", line 38, in _auth_oauth_validate
web-1  |     validation = self._auth_oauth_rpc(oauth_provider.validation_endpoint, access_token, provider)
web-1  |   File "/mnt/extra-addons/auth_oauth_keycloak/models/res_users.py", line 32, in _auth_oauth_rpc
web-1  |     return requests.get(endpoint, params={'access_token': access_token}).json()
web-1  |   File "/usr/lib/python3/dist-packages/requests/models.py", line 900, in json
web-1  |     return complexjson.loads(self.text, **kwargs)
web-1  |   File "/usr/lib/python3.10/json/__init__.py", line 346, in loads
web-1  |     return _default_decoder.decode(s)
web-1  |   File "/usr/lib/python3.10/json/decoder.py", line 337, in decode
web-1  |     obj, end = self.raw_decode(s, idx=_w(s, 0).end())
web-1  |   File "/usr/lib/python3.10/json/decoder.py", line 355, in raw_decode
web-1  |     raise JSONDecodeError("Expecting value", s, err.value) from None
web-1  | json.decoder.JSONDecodeError: Expecting value: line 1 column 1 (char 0)
web-1  | 2024-05-19 08:03:00,454 1 INFO test werkzeug: 172.18.0.1 - - [19/May/2024 08:03:00] "GET /auth_oauth/signin?state=%7B%22d%22%3A+%22test%22%2C+%22p%22%3A+4%2C+%22r%22%3A+%22http%253A%252F%252Flocalhost%253A8069%252Fweb%22%7D&session_state=e084a837-a933-4760-9218-a238a6c8c1be&iss=http%3A%2F%2Fkeycloak%3A8080%2Frealms%2Ftest&access_token=eyJhbGciOiJSUzI1NiIsInR5cCIgOiAiSldUIiwia2lkIiA6ICItRU5nOW0tTHU1OExJbHd0SFFJRkJYakRYTUtqUDF6eXVrWEFpLTE2Tk9BIn0.eyJleHAiOjE3MTYxMDY2ODAsImlhdCI6MTcxNjEwNTc4MCwiYXV0aF90aW1lIjoxNzE2MTA1MTc5LCJqdGkiOiI2M2Q1ZDgzNi04NzAwLTRkNGMtYjc5OC02Y2QyNGExMmQyZTkiLCJpc3MiOiJodHRwOi8va2V5Y2xvYWs6ODA4MC9yZWFsbXMvdGVzdCIsImF1ZCI6ImFjY291bnQiLCJzdWIiOiJiYTZjZDdhYi1iY2ZkLTQ0NmQtYjQ2Yi0zNThmZWM5ZDNkYjQiLCJ0eXAiOiJCZWFyZXIiLCJhenAiOiJ0ZXN0aW5nIiwic2Vzc2lvbl9zdGF0ZSI6ImUwODRhODM3LWE5MzMtNDc2MC05MjE4LWEyMzhhNmM4YzFiZSIsImFjciI6IjAiLCJhbGxvd2VkLW9yaWdpbnMiOlsiaHR0cDovL2xvY2FsaG9zdDo4MDY5Il0sInJlYWxtX2FjY2VzcyI6eyJyb2xlcyI6WyJkZWZhdWx0LXJvbGVzLXRlc3QiLCJvZmZsaW5lX2FjY2VzcyIsInVtYV9hdXRob3JpemF0aW9uIl19LCJyZXNvdXJjZV9hY2Nlc3MiOnsiYWNjb3VudCI6eyJyb2xlcyI6WyJtYW5hZ2UtYWNjb3VudCIsIm1hbmFnZS1hY2NvdW50LWxpbmtzIiwidmlldy1wcm9maWxlIl19fSwic2NvcGUiOiJvcGVuaWQgcHJvZmlsZSBlbWFpbCIsInNpZCI6ImUwODRhODM3LWE5MzMtNDc2MC05MjE4LWEyMzhhNmM4YzFiZSIsImVtYWlsX3ZlcmlmaWVkIjp0cnVlLCJuYW1lIjoiT3pvbmUgQmhhdHRhcmFpIiwicHJlZmVycmVkX3VzZXJuYW1lIjoib3pvbmUuYmhhdHRhcmFpQGlzbGluZ3RvbmNvbGxlZ2UuZWR1Lm5wIiwiZ2l2ZW5fbmFtZSI6Ik96b25lIiwiZmFtaWx5X25hbWUiOiJCaGF0dGFyYWkiLCJlbWFpbCI6Im96b25lLmJoYXR0YXJhaUBpc2xpbmd0b25jb2xsZWdlLmVkdS5ucCJ9.SK6YN5xV1JgUDq7azJpubS6kYZQ4T_ca8xc6AM25Jop6TXWYG2V4PxFrKjMKqgPlWGWyf9m7goO8B6iWJ5VGE7kulNkAwyz4owWxsFo2k1LkwpVwHU3rzuU3Y9I2xwjYOq2-hXf2zIkVneZ3YscpF10IGqYqidDqb29cpsoC_l6CGHIKSBmQ8NMWThy-a4o4N-W140J4nv8BWvJZLyGM_QcJ7fyh-z4XoE2vTvmRwYn0nJTsGkKmBmzlLR-ZkDyD2Cj3Yfie7VKE242zdjNX-AKT8Q-Ula9IcvPyFRnGosxGgDZOTJZFJ_TEVaZmDTe6raQpux1-EiltwOzXj0v8yQ&token_type=Bearer&expires_in=900 HTTP/1.1" 303 - 2 0.001 0.013
web-1  | 2024-05-19 08:03:00,483 1 DEBUG test odoo.tools.translate: no translation language detected, skipping translation for "'Access Denied'"

I’ve tried changing the localhost:8069 in auth url to keycloak:8069 to connect to the docker service, as the issue is probably being caused due to one being run locally and another in a container, then adding “keycloak” to /etc/hosts as 127.0.0.1 . It did not help. I can fetch user info in curl by requesting to localhost with the token, but won’t work with the service name. I’ve also tried using localhost:8069 for userinfo url, but I get connection refused.