Add client_secret to kcLogin command

README.md

@@ -1,6 +1,9 @@
 # cypress-keycloak-commands
+
 <!-- ALL-CONTRIBUTORS-BADGE:START - Do not remove or modify this section -->
+
 [![All Contributors](https://img.shields.io/badge/all_contributors-2-orange.svg?style=flat-square)](#contributors-)
+
 <!-- ALL-CONTRIBUTORS-BADGE:END -->
 
 Cypress commands for login with [Keycloak](https://www.keycloak.org/).
@@ -9,7 +12,7 @@ Cypress commands for login with [Keycloak](https://www.keycloak.org/).
 - Use Fixtures to store users data
 - Returns you the tokens of the logged user for calling backend APIs from your test code
 - Fake login command for integration testing
-- Tested with Keycloak 4.8, 5, 6, 7 and 8
+- Tested with Keycloak 4.8, 5, 6, 7, 8, 9 and 10
 
 ## Usage
 
@@ -42,7 +45,8 @@ Setup the Keycloak configuration in `cypress.json` configuration file:
   "env": {
     "auth_base_url": "https://auth.server/auth",
     "auth_realm": "my_realm",
-    "auth_client_id": "my_client_id"
+    "auth_client_id": "my_client_id",
+    "auth_client_secret": "my_client_secret"
   }
 }
 ```
@@ -183,6 +187,7 @@ Thanks goes to these wonderful people ([emoji key](https://allcontributors.org/d
 
 <!-- markdownlint-enable -->
 <!-- prettier-ignore-end -->
+
 <!-- ALL-CONTRIBUTORS-LIST:END -->
 
-This project follows the [all-contributors](https://github.com/all-contributors/all-contributors) specification. Contributions of any kind welcome!
+This project follows the [all-contributors](https://github.com/all-contributors/all-contributors) specification. Contributions of any kind welcome!

src/kc-login.ts

@@ -1,4 +1,4 @@
-import { getAuthCodeFromLocation } from "./utils";
+import {createRequestBodyForToken, getAuthCodeFromLocation} from './utils';
 
 Cypress.Commands.add("kcLogin", (user: string) => {
   Cypress.log({ name: "Login" });
@@ -7,6 +7,7 @@ Cypress.Commands.add("kcLogin", (user: string) => {
     const authBaseUrl = Cypress.env("auth_base_url");
     const realm = Cypress.env("auth_realm");
     const client_id = Cypress.env("auth_client_id");
+    const client_secret = Cypress.env("auth_client_secret");
 
     cy.request({
       url: `${authBaseUrl}/realms/${realm}/protocol/openid-connect/auth`,
@@ -43,12 +44,7 @@ Cypress.Commands.add("kcLogin", (user: string) => {
         cy.request({
           method: "post",
           url: `${authBaseUrl}/realms/${realm}/protocol/openid-connect/token`,
-          body: {
-            client_id,
-            redirect_uri: Cypress.config("baseUrl"),
-            code,
-            grant_type: "authorization_code"
-          },
+          body: createRequestBodyForToken(client_id, client_secret, Cypress.config("baseUrl"), code),
           form: true,
           followRedirect: false
         }).its("body");

src/utils.ts

@@ -23,6 +23,25 @@ export function getAuthCodeFromLocation(location: string): string | undefined {
   }
 }
 
+export function createRequestBodyForToken(client_id: string, client_secret: string | undefined, baseUrl: string | null, code: string | undefined): object {
+  if (client_secret) {
+    return {
+      client_id,
+      client_secret,
+      redirect_uri: baseUrl,
+      code,
+      grant_type: "authorization_code"
+    }
+  }
+
+  return {
+    client_id,
+    redirect_uri: baseUrl,
+    code,
+    grant_type: "authorization_code"
+  }
+}
+
 export function decodeToken(str: string): { nonce: string } {
   str = str.split(".")[1];
 

testing/docker-compose.yml

@@ -2,7 +2,7 @@ version: "3.7"
 
 services:
   keycloak:
-    image: jboss/keycloak:${KEYCLOAK_VERSION:-8.0.1}
+    image: jboss/keycloak:${KEYCLOAK_VERSION:-10.0.2}
     environment:
       - KEYCLOAK_IMPORT=/tmp/example-realm.json
     volumes: