diff --git a/PiBox.Plugins/Authorization/Keycloak/src/PiBox.Plugins.Authorization.Keycloak/KeycloakPlugin.cs b/PiBox.Plugins/Authorization/Keycloak/src/PiBox.Plugins.Authorization.Keycloak/KeycloakPlugin.cs index 8e9626c..1389ad5 100644 --- a/PiBox.Plugins/Authorization/Keycloak/src/PiBox.Plugins.Authorization.Keycloak/KeycloakPlugin.cs +++ b/PiBox.Plugins/Authorization/Keycloak/src/PiBox.Plugins.Authorization.Keycloak/KeycloakPlugin.cs @@ -59,7 +59,7 @@ public void ConfigureApplication(IApplicationBuilder applicationBuilder) public void ConfigureHealthChecks(IHealthChecksBuilder healthChecksBuilder) { - var uriBuilder = new UriBuilder(_keycloakPluginConfiguration.GetAuthority()) { Path = $"{_keycloakPluginConfiguration.Realms.Prefix.TrimEnd('/')}/master" }; + var uriBuilder = new UriBuilder(_keycloakPluginConfiguration.GetHealthCheck()) { Path = _keycloakPluginConfiguration.HealthCheckConfig.Prefix }; var uri = uriBuilder.Uri; healthChecksBuilder.AddUrlGroup(uri, "keycloak", HealthStatus.Unhealthy, new[] { HealthCheckTag.Readiness.Value }); } diff --git a/PiBox.Plugins/Authorization/Keycloak/src/PiBox.Plugins.Authorization.Keycloak/KeycloakPluginConfiguration.cs b/PiBox.Plugins/Authorization/Keycloak/src/PiBox.Plugins.Authorization.Keycloak/KeycloakPluginConfiguration.cs index feb102b..f82b7ad 100644 --- a/PiBox.Plugins/Authorization/Keycloak/src/PiBox.Plugins.Authorization.Keycloak/KeycloakPluginConfiguration.cs +++ b/PiBox.Plugins/Authorization/Keycloak/src/PiBox.Plugins.Authorization.Keycloak/KeycloakPluginConfiguration.cs @@ -15,6 +15,16 @@ public class KeycloakPluginConfiguration public string ClientSecret { get; set; } public RealmsConfig Realms { get; set; } = new RealmsConfig(); public IList Policies { get; set; } = new List(); + public HealthCheckConfig HealthCheckConfig { get; set; } = new HealthCheckConfig(); + + public Uri GetHealthCheck() + { + if (string.IsNullOrEmpty(HealthCheckConfig.Host)) throw new ArgumentException("Keycloak.Uri was not specified but health check is enabled!"); + var httpScheme = (Insecure ? HttpScheme.Http : HttpScheme.Https).ToString(); + return Port.HasValue + ? new UriBuilder(httpScheme, HealthCheckConfig.Host, HealthCheckConfig.Port.Value).Uri + : new UriBuilder(httpScheme, HealthCheckConfig.Host).Uri; + } public Uri GetAuthority() { @@ -30,4 +40,12 @@ public class RealmsConfig public string Prefix { get; set; } = "/auth/realms"; public string Default { get; set; } = "master"; } + + public class HealthCheckConfig + { + public string Host { get; set; } = "example.com"; + public int? Port { get; set; } = 9000; + public string Prefix { get; set; } = "/health/ready"; + } } + diff --git a/PiBox.Plugins/Authorization/Keycloak/test/PiBox.Plugins.Authorization.Keycloak.Tests/KeycloakPluginTests.cs b/PiBox.Plugins/Authorization/Keycloak/test/PiBox.Plugins.Authorization.Keycloak.Tests/KeycloakPluginTests.cs index 7616eb0..f76ad06 100644 --- a/PiBox.Plugins/Authorization/Keycloak/test/PiBox.Plugins.Authorization.Keycloak.Tests/KeycloakPluginTests.cs +++ b/PiBox.Plugins/Authorization/Keycloak/test/PiBox.Plugins.Authorization.Keycloak.Tests/KeycloakPluginTests.cs @@ -110,6 +110,79 @@ public void TestRedirectUriHttpToHttpsReplace(string uri, string expected) KeycloakDefaults.BuildCorrectRedirectUri(uri).Should().Be(expected); } + [Test] + public void ConfigureHealthChecks_Use9000ForHealth() + { + var config = new KeycloakPluginConfiguration + { + Enabled = true, + Host = "example.com", + Insecure = false, + Port = 8080, + HealthCheckConfig = new HealthCheckConfig + { + Host = "example.com", + Port = 9000, + Prefix = "/health/ready" + } + }; + var uriBuilder = new UriBuilder(config.GetHealthCheck()) { Path = config.HealthCheckConfig.Prefix }; + uriBuilder.Uri.Should().Be("https://example.com:9000/health/ready"); + } + + [Test] + public void ConfigureHealthChecks_WithoutSettingHealthCheckConfig() + { + var config = new KeycloakPluginConfiguration + { + Enabled = true, + Host = "example.com", + Insecure = false, + Port = 8080, + }; + var uriBuilder = new UriBuilder(config.GetHealthCheck()) { Path = config.HealthCheckConfig.Prefix }; + uriBuilder.Uri.Should().Be("https://example.com:9000/health/ready"); + } + + [Test] + public void ConfigureHealthChecks_DifferentPrefixAndPort() + { + var config = new KeycloakPluginConfiguration + { + Enabled = true, + Host = "newhost.com", + Insecure = false, + Port = 8080, + HealthCheckConfig = new HealthCheckConfig + { + Host = "health.com", + Port = 9999, + Prefix = "/something/notready" + } + }; + var uriBuilder = new UriBuilder(config.GetHealthCheck()) { Path = config.HealthCheckConfig.Prefix }; + uriBuilder.Uri.Should().Be("https://health.com:9999/something/notready"); + } + + [Test] + public void ConfigureHealthChecks_DefaultHealthHost() + { + var config = new KeycloakPluginConfiguration + { + Enabled = true, + Host = "newhost.com", + Insecure = false, + Port = 8080, + HealthCheckConfig = new HealthCheckConfig + { + Port = 9999, + Prefix = "/something/notready" + } + }; + var uriBuilder = new UriBuilder(config.GetHealthCheck()) { Path = config.HealthCheckConfig.Prefix }; + uriBuilder.Uri.Should().Be("https://example.com:9999/something/notready"); + } + private static void AssertMiddleware(ICall call) { var func = (call.GetOriginalArguments()[0] as Func)?.Target;