feat(auth): OIDC authentication works with server side support

hawtio · Feb 23, 2024 · 9058a84 · 9058a84
1 parent 3472490
commit 9058a84
Show file tree

Hide file tree

Showing 4 changed files with 371 additions and 242 deletions.
diff --git a/app/craco.config.js b/app/craco.config.js
@@ -167,18 +167,25 @@ module.exports = {
         authenticated = false
         res.redirect('/hawtio/login')
       })
+
+      const oidcEnabled = true
+      const oidcConfig = {
+        "method": "oidc",
+        "provider": "https://login.microsoftonline.com/11111111-2222-3333-4444-555555555555/v2.0",
+        "client_id": "66666666-7777-8888-9999-000000000000",
+        "response_mode": "fragment",
+        "scope": "openid email profile api://hawtio-server/Jolokia.Access",
+        "redirect_uri": "http://localhost:3000/hawtio/",
+        "code_challenge_method": "S256",
+        "prompt": "login"
+      }
       devServer.app.get('/hawtio/auth/config', (_, res) => {
-        res.type("application/json")
-        res.send(JSON.stringify({
-          "method": "oidc",
-          "provider": "https://login.microsoftonline.com/8fd8ed3d-c739-410f-83ab-ac2228fa6bbf/v2.0",
-          "client_id": "3bb7fe5a-34bb-4afa-bf6a-292c050cb821",
-          "response_mode": "fragment",
-          "scope": "openid email profile api://hawtio-server/Jolokia.Access",
-          "redirect_uri": "http://localhost:3000/hawtio/",
-          "code_challenge_method": "S256",
-          "prompt": "login"
-        }))
+        if (oidcEnabled) {
+          res.type("application/json")
+          res.send(JSON.stringify(oidcConfig))
+        } else {
+          res.sendStatus(404)
+        }
       })
       devServer.app.get('/hawtio/proxy/enabled', (_, res) => res.send(String(proxyEnabled)))
       devServer.app.get('/hawtio/plugin', (_, res) => res.send(JSON.stringify(plugin)))

diff --git a/packages/hawtio/src/plugins/auth/keycloak/keycloak-service.ts b/packages/hawtio/src/plugins/auth/keycloak/keycloak-service.ts
@@ -135,7 +135,7 @@ class KeycloakService implements IKeycloakService {
       }
 
       if (userProfile.username && userProfile.token) {
-        resolve({ username: userProfile.username, isLogin: true })
+        resolve({ username: userProfile.username, isLogin: true, isLoading: false })
         userService.setToken(userProfile.token)
       }