nli-keycloak-auth
v1.2.0
Published
This library was generated with [Angular CLI](https://github.com/angular/angular-cli) version 8.0.3. The library is published to the private NLI npm-repository.
Downloads
5
Readme
NliKeycloakAuth
This library was generated with Angular CLI version 8.0.3. The library is published to the private NLI npm-repository.
Running unit tests
Run ng test nli-keycloak-auth
to execute the unit tests via Karma.
Usage
You need to import the KeycloakAuthModule preferable in your app.module.ts. Then you have to execute the forRoot(baseAuthConfig: BaseAuthConfig, keycloakConfigServiceProvider?: Provider)
Method.
To execute the method you have to provide the BaseAuthConfig.
Furthermore you can provide a provider for the KeyCloakConfigService. If not the default provider is used which will call the /config
Rest-Endpoint.
Config Rest-Endpoint
The default keycloak configuration provider is a Rest-Endpoint called by this angular-framework. The Endpoint is called at /config
and its structure is described at KeycloakConfig
. These are:
oauthServerUrl: string;
keycloakRealm: string;
disableAuth?: boolean;
disableHttps?: boolean;
Here is an example implementation of this endpoint with spring boot, where the configuration is extracted into application.yml
:
The Controller:
@RestController
@RequiredArgsConstructor
public class ConfigController {
private final Config config;
@RequestMapping(value = "/config", method = RequestMethod.GET, produces = "application/json")
public Config getConfig() {
return config;
}
}
The provided configuration Pojo:
@Component
@Data
public class Config {
@Value("${keycloak.auth-server-url:}")
private String oauthServerUrl;
@Value("${keycloak.realm:}")
private String keycloakRealm;
@Value("#{environment.acceptsProfiles('secure') ? false : true }")
private boolean disableAuth;
@Value("${disable-https-for-keycloak: false}")
private boolean disableHttps;
}
The application.yml:
spring:
profiles:
active:
- secure
keycloak:
auth-server-url: http://localhost:8777/auth
realm: NLI
disable-https-for-keycloak: true
Since the spring-boot backend needs the same keycloak configuration, we can avoid duplication of the configuration. (The backend uses the module af50-authorization
which uses keycloak-spring-boot-2-adapter
which can be configured by the same yml.)
KeycloakConfigService
If you want to set another provider you have to do the following steps:
Create the service an implement the KeycloakConfigService interface.
Then you hve to set the provider in the forRoot
method like this MyModule.forRoot(baseAuthConfig, {provide: KeycloakConfigServiceInj, useClass: YourImplementationOfKeycloakConfigService})
BaseAuthConfig
export interface BaseAuthConfig {
clientId: string;
disableAuth?: boolean;
loginTarget: string;
logoutTarget: string;
loginRedirectAppendix?: string;
logoutRedirectAppendix?: string;
manualLogin?: boolean;
}
| configuration name | accepted values | meaning | optional | default value | |------------------------|-----------------|----------------------------------------------------------------------------------------------------------------------|----------|----------------| | clientId | string | the clientId from the keycloak server | no | / | | disableAuth | true,false | always return true if authentication is required | yes | false | | loginTarget | string | where to redirect if login method when disableAuth is true | yes | loginredirect | | logoutTarget | string | where to redirect when logout method when disableAuth is true | yes | logoutredirect | | loginRedirectAppendix | string | route where the keycloak will redirect you after login | yes | loginredirect | | logoutRedirectAppendix | string | route where the keycloak will redirect you after logout | yes | logoutredirect | | manualLogin | true, false | when activated, the keycloak login page will not be loaded automatically. You have to call the login method manually | yes | false |