authentication - Keycloak Angular 2 - Check authenticated status Keycloak object -

i'm implementing keycloak authentication service in angular 2 project. use service logging in, logging out etc.

authenticating user , logging out seems work. i'm trying protect routes. have working authguard. check if user logged in (in authguard), have isauthenticated() method in service. service:

import { injectable } '@angular/core';  declare let keycloak: any;  @injectable() export class keycloakservice {   private keycloak = new keycloak('app/keycloak/keycloak.json');    constructor() {     this.keycloak.init({onload: 'check-sso'});     console.log(this.keycloak);   }    public login() {     this.keycloak.login();   }    public logout() {     this.keycloak.logout();   }    public isauthenticated() {     return this.keycloak.authenticated;   } } 

flow: user logs in, user tries reach protected route, authguard checks if user logged in via isauthenticated().

note: don't want authenticate user complete angular app. routes.

problem

after user logs in, user redirected angular app. after this, isauthenticated() method returns still false. here why:

i logged keycloak object console. found didn't understand.

keycloak object after login redirect

---

same keycloak object after login redirect (but expanded)

first authenticated property false. after expanding authenticated property true.

question

is way try maintain keycloak object correct way?

consulted sources

• https://keycloak.gitbooks.io/securing-client-applications-guide/content/v/2.5/topics/oidc/javascript-adapter.html
• https://github.com/keycloak/keycloak/tree/master/examples/demo-template/angular2-product-app/src/main/webapp/app

and others

basing on community provided angular2 example in keycloak's github can spot differences in interacting keycloak js adapter. actual check on authenticated (and possibly username) done on promise returned init.

  static init(): promise<any> {     let keycloakauth: = new keycloak('keycloak.json');     keycloakservice.auth.loggedin = false;        return new promise((resolve, reject) => {         keycloakauth.init({ onload: 'login-required' })           .success(() => {             keycloakservice.auth.loggedin = true;             keycloakservice.auth.authz = keycloakauth;             keycloakservice.auth.logouturl = keycloakauth.authserverurl + "/realms/demo/protocol/openid-connect/logout?redirect_uri=/angular2-product/index.html";             resolve();           })           .error(() => {             reject();           });       }); } 

also official keycloak js adapter's documentation uses promise authenticated check

<head>     <script src="keycloak.js"></script>     <script>         var keycloak = keycloak();         keycloak.init().success(function(authenticated) {             alert(authenticated ? 'authenticated' : 'not authenticated');         }).error(function() {             alert('failed initialize');         });     </script> </head>