Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

feat: keycloak internal server URL #304

Merged
merged 2 commits into from
Dec 13, 2024
Merged

feat: keycloak internal server URL #304

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
2 commits
Select commit Hold shift + click to select a range
7f26b98
Fix examples
MasterCarl Dec 12, 2024
7a54c10
Add serverUrlInternal option
MasterCarl Dec 12, 2024
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
1 change: 1 addition & 0 deletions playground/.env.example
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -32,6 +32,7 @@ NUXT_OAUTH_BATTLEDOTNET_CLIENT_SECRET=
NUXT_OAUTH_KEYCLOAK_CLIENT_ID=
NUXT_OAUTH_KEYCLOAK_CLIENT_SECRET=
NUXT_OAUTH_KEYCLOAK_SERVER_URL=
NUXT_OAUTH_KEYCLOAK_SERVER_URL_INTERNAL=
NUXT_OAUTH_KEYCLOAK_REALM=
# LinkedIn
NUXT_OAUTH_LINKEDIN_CLIENT_ID=
Expand Down
1 change: 1 addition & 0 deletions src/module.ts
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -232,6 +232,7 @@ export default defineNuxtModule<ModuleOptions>({
clientId: '',
clientSecret: '',
serverUrl: '',
serverUrlInternal: '',
realm: '',
redirectURL: '',
})
Expand Down
14 changes: 11 additions & 3 deletions src/runtime/server/lib/oauth/keycloak.ts
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -19,10 +19,17 @@ export interface OAuthKeycloakConfig {
clientSecret?: string
/**
* Keycloak OAuth Server URL
* @example http://192.168.1.10:8080/auth
* @example http://192.168.1.10:8080
* @default process.env.NUXT_OAUTH_KEYCLOAK_SERVER_URL
*/
serverUrl?: string
/**
* Optional Keycloak OAuth Server URL to use internally, e.g. if Nuxt connects to a Docker hostname while the browser
* redirect goes to localhost
* @example http://keycloak:8080
* @default process.env.NUXT_OAUTH_KEYCLOAK_SERVER_URL_INTERNAL
*/
serverUrlInternal?: string
/**
* Keycloak OAuth Realm
* @default process.env.NUXT_OAUTH_KEYCLOAK_REALM
Expand All @@ -40,7 +47,7 @@ export interface OAuthKeycloakConfig {
*/
authorizationParams?: Record<string, string>
/**
* Redirect URL to to allow overriding for situations like prod failing to determine public hostname
* Redirect URL to allow overriding for situations like prod failing to determine public hostname
* @default process.env.NUXT_OAUTH_KEYCLOAK_REDIRECT_URL or current URL
*/
redirectURL?: string
Expand Down Expand Up @@ -78,9 +85,10 @@ export function defineOAuthKeycloakEventHandler({
}

const realmURL = `${config.serverUrl}/realms/${config.realm}`
const realmURLInternal = `${config.serverUrlInternal || config.serverUrl}/realms/${config.realm}`

const authorizationURL = `${realmURL}/protocol/openid-connect/auth`
const tokenURL = `${realmURL}/protocol/openid-connect/token`
const tokenURL = `${realmURLInternal}/protocol/openid-connect/token`
const redirectURL = config.redirectURL || getOAuthRedirectURL(event)

if (!query.code) {
Expand Down
Loading