nli-keycloak-auth v1.2.0
NliKeycloakAuth
This library was generated with Angular CLI version 8.0.3. The library is published to the private NLI npm-repository.
Running unit tests
Run ng test nli-keycloak-auth to execute the unit tests via Karma.
Usage
You need to import the KeycloakAuthModule preferable in your app.module.ts. Then you have to execute the forRoot(baseAuthConfig: BaseAuthConfig, keycloakConfigServiceProvider?: Provider) Method.
To execute the method you have to provide the BaseAuthConfig.
Furthermore you can provide a provider for the KeyCloakConfigService. If not the default provider is used which will call the /config Rest-Endpoint.
Config Rest-Endpoint
The default keycloak configuration provider is a Rest-Endpoint called by this angular-framework. The Endpoint is called at /config and its structure is described at KeycloakConfig. These are:
oauthServerUrl: string;
keycloakRealm: string;
disableAuth?: boolean;
disableHttps?: boolean;Here is an example implementation of this endpoint with spring boot, where the configuration is extracted into application.yml:
The Controller:
@RestController
@RequiredArgsConstructor
public class ConfigController {
private final Config config;
@RequestMapping(value = "/config", method = RequestMethod.GET, produces = "application/json")
public Config getConfig() {
return config;
}
}The provided configuration Pojo:
@Component
@Data
public class Config {
@Value("${keycloak.auth-server-url:}")
private String oauthServerUrl;
@Value("${keycloak.realm:}")
private String keycloakRealm;
@Value("#{environment.acceptsProfiles('secure') ? false : true }")
private boolean disableAuth;
@Value("${disable-https-for-keycloak: false}")
private boolean disableHttps;
}The application.yml:
spring:
profiles:
active:
- secure
keycloak:
auth-server-url: http://localhost:8777/auth
realm: NLI
disable-https-for-keycloak: trueSince the spring-boot backend needs the same keycloak configuration, we can avoid duplication of the configuration. (The backend uses the module af50-authorization which uses keycloak-spring-boot-2-adapter which can be configured by the same yml.)
KeycloakConfigService
If you want to set another provider you have to do the following steps:
Create the service an implement the KeycloakConfigService interface.
Then you hve to set the provider in the forRoot method like this MyModule.forRoot(baseAuthConfig, {provide: KeycloakConfigServiceInj, useClass: YourImplementationOfKeycloakConfigService})
BaseAuthConfig
export interface BaseAuthConfig {
clientId: string;
disableAuth?: boolean;
loginTarget: string;
logoutTarget: string;
loginRedirectAppendix?: string;
logoutRedirectAppendix?: string;
manualLogin?: boolean;
}| configuration name | accepted values | meaning | optional | default value |
|---|---|---|---|---|
| clientId | string | the clientId from the keycloak server | no | / |
| disableAuth | true,false | always return true if authentication is required | yes | false |
| loginTarget | string | where to redirect if login method when disableAuth is true | yes | loginredirect |
| logoutTarget | string | where to redirect when logout method when disableAuth is true | yes | logoutredirect |
| loginRedirectAppendix | string | route where the keycloak will redirect you after login | yes | loginredirect |
| logoutRedirectAppendix | string | route where the keycloak will redirect you after logout | yes | logoutredirect |
| manualLogin | true, false | when activated, the keycloak login page will not be loaded automatically. You have to call the login method manually | yes | false |
4 years ago