Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Keycloak integration #1381

Merged
merged 59 commits into from
Aug 26, 2022
Merged

Keycloak integration #1381

merged 59 commits into from
Aug 26, 2022

Conversation

TheSlimvReal
Copy link
Collaborator

@TheSlimvReal TheSlimvReal commented Jul 19, 2022
edited
Loading

see issue: #1340

Visible/Frontend Changes

  • Password change now happens through keycloak
  • Cleanup account component
  • Adapt Keycloak styling to match with Aam Digital corporate design (orange/white)

Architectural/Backend Changes

  • Login credentials are send to keycloak for validation
  • Keycloak provides a JWT which is used as Bearer token in all requests (PouchDB and others)
  • Token is automatically refreshed before its expiry while app is running
  • On application open, if a valid refresh token is available, user is automatically signed in
  • Make URL of Keycloak server configurable
  • Make Keycloak realm configurable (can be done through a static config file see here)
  • (optional) make Keycloak client configurable
  • CouchDB auth is still available in the code but currently without a runtime option to actually use it

Migration requirements

By adding "authenticator": "couchdb" to the config.json, the app can be updated without the need to use keycloak.

Otherwise the following steps need to be done.

  • Users have to be migrated from CouchDB to Keycloak
  • keycloak.json file needs to be placed in each subfolder
  • User roles have to be adapted so the order does not matter anymore

@github-actions
Copy link

Deployed to https://test-deployment-pr-1381.herokuapp.com/

@TheSlimvReal
added keycloak package
a8e3c9d
@TheSlimvReal
added proxy for keycloak
7d8299d
@TheSlimvReal
Merge remote-tracking branch 'origin/master' into keycloak
2485c72 
# Conflicts:
#	build/Dockerfile
#	proxy.conf.json
#	src/app/core/session/session-service/remote-session.spec.ts
#	src/app/core/session/session-service/remote-session.ts
#	src/app/core/session/session-service/synced-session.service.spec.ts
#	src/app/core/session/session-service/synced-session.service.ts
#	src/app/core/user/user-account/user-account.component.ts
@TheSlimvReal
excluding /auth requests from service worker
4d3fd86
@TheSlimvReal
fixed tests
d448d47
@TheSlimvReal
Merge branch 'master' into keycloak
e713b24
@TheSlimvReal
cleaned up reset password flow
f3faa2d
@TheSlimvReal
Merge remote-tracking branch 'origin/keycloak' into keycloak
8fe5bf1
@TheSlimvReal
trying to get reverse proxy for keycloak working
99e040a
@TheSlimvReal
using keycloak without a proxy
a095611
@TheSlimvReal
fixed tests
1c1fc7d
@TheSlimvReal
Merge remote-tracking branch 'origin/master' into keycloak
d048beb
@TheSlimvReal
fixed url for keycloak auth
0ad5868
@TheSlimvReal
some general code cleanup
af49273
@TheSlimvReal
some more general code cleanup
25e16cd
@TheSlimvReal
fixed test
dc576b8
@TheSlimvReal TheSlimvReal marked this pull request as ready for review August 10, 2022 08:39
@TheSlimvReal
Copy link
Collaborator Author

TheSlimvReal commented Aug 10, 2022
edited
Loading

  • Offline/mobile testing

@TheSlimvReal TheSlimvReal marked this pull request as ready for review August 24, 2022 07:14
sleidig
sleidig approved these changes Aug 25, 2022
View reviewed changes
Copy link
Member

@sleidig sleidig left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Nice cleanups. This looks great.

src/app/core/session/auth/auth.service.ts Show resolved Hide resolved
src/app/core/session/session-service/remote-session.spec.ts Show resolved Hide resolved
src/assets/keycloak.json Show resolved Hide resolved
src/app/core/session/auth/auth.service.ts Outdated Show resolved Hide resolved
src/app/core/user/user-account/user-account.component.ts Outdated Show resolved Hide resolved
src/environments/environment.ts Outdated Show resolved Hide resolved
@sonarcloud
Copy link

sonarcloud bot commented Aug 26, 2022

Kudos, SonarCloud Quality Gate passed!    Quality Gate passed

Bug A 0 Bugs
Vulnerability A 0 Vulnerabilities
Security Hotspot A 0 Security Hotspots
Code Smell A 1 Code Smell

No Coverage information No Coverage information
0.0% 0.0% Duplication

@TheSlimvReal TheSlimvReal merged commit 19a0dff into master Aug 26, 2022
@TheSlimvReal TheSlimvReal deleted the keycloak branch August 26, 2022 14:56
@aam-digital-ci
Copy link
Collaborator

🎉 This PR is included in version 3.10.0-master.1 🎉

The release is available on GitHub release

Your semantic-release bot 📦🚀

@aam-digital-ci
Copy link
Collaborator

🎉 This PR is included in version 3.10.0 🎉

The release is available on GitHub release

Your semantic-release bot 📦🚀

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@sleidig sleidig sleidig approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@TheSlimvReal @aam-digital-ci @sleidig