OpenApi Generator. Keycloak SDK done. Login Done!

2022-09-05 14:06:55 +02:00
parent 5b9cbd62fd
commit b4171e215d
15 changed files with 48271 additions and 30 deletions
--- a/backend/keycloak/kc-client/.gitignore
+++ b/backend/keycloak/kc-client/.gitignore
@@ -0,0 +1,4 @@
+wwwroot/*.js
+node_modules
+typings
+dist
--- a/backend/keycloak/kc-client/.npmignore
+++ b/backend/keycloak/kc-client/.npmignore
@@ -0,0 +1 @@
+# empty npmignore to ensure all required files (e.g., in the dist folder) are published by npm
--- a/backend/keycloak/kc-client/.openapi-generator-ignore
+++ b/backend/keycloak/kc-client/.openapi-generator-ignore
@@ -0,0 +1,23 @@
+# OpenAPI Generator Ignore
+# Generated by openapi-generator https://github.com/openapitools/openapi-generator
+
+# Use this file to prevent files from being overwritten by the generator.
+# The patterns follow closely to .gitignore or .dockerignore.
+
+# As an example, the C# client generator defines ApiClient.cs.
+# You can make changes and tell OpenAPI Generator to ignore just this file by uncommenting the following line:
+#ApiClient.cs
+
+# You can match any string of characters against a directory, file or extension with a single asterisk (*):
+#foo/*/qux
+# The above matches foo/bar/qux and foo/baz/qux, but not foo/bar/baz/qux
+
+# You can recursively match patterns against a directory, file or extension with a double asterisk (**):
+#foo/**/qux
+# This matches foo/bar/qux, foo/baz/qux, and foo/bar/baz/qux
+
+# You can also negate patterns with an exclamation (!).
+# For example, you can ignore all files in a docs folder with the file extension .md:
+#docs/*.md
+# Then explicitly reverse the ignore rule for a single file:
+#!docs/README.md
--- a/backend/keycloak/kc-client/.openapi-generator/VERSION
+++ b/backend/keycloak/kc-client/.openapi-generator/VERSION
@@ -0,0 +1 @@
+4.3.1
--- a/backend/keycloak/kc-client/api.ts
+++ b/backend/keycloak/kc-client/api.ts
--- a/backend/keycloak/kc-client/base.ts
+++ b/backend/keycloak/kc-client/base.ts
@@ -0,0 +1,70 @@
+// tslint:disable
+/**
+ * Keycloak Admin REST API
+ * This is a REST API reference for the Keycloak Admin
+ *
+ * The version of the OpenAPI document: 1
+ * 
+ *
+ * NOTE: This class is auto generated by OpenAPI Generator (https://openapi-generator.tech).
+ * https://openapi-generator.tech
+ * Do not edit the class manually.
+ */
+
+
+import { Configuration } from "./configuration";
+// Some imports not used depending on template conditions
+// @ts-ignore
+import globalAxios, { AxiosPromise, AxiosInstance } from 'axios';
+
+export const BASE_PATH = "http://localhost".replace(/\/+$/, "");
+
+/**
+ *
+ * @export
+ */
+export const COLLECTION_FORMATS = {
+    csv: ",",
+    ssv: " ",
+    tsv: "\t",
+    pipes: "|",
+};
+
+/**
+ *
+ * @export
+ * @interface RequestArgs
+ */
+export interface RequestArgs {
+    url: string;
+    options: any;
+}
+
+/**
+ *
+ * @export
+ * @class BaseAPI
+ */
+export class BaseAPI {
+    protected configuration: Configuration | undefined;
+
+    constructor(configuration?: Configuration, protected basePath: string = BASE_PATH, protected axios: AxiosInstance = globalAxios) {
+        if (configuration) {
+            this.configuration = configuration;
+            this.basePath = configuration.basePath || this.basePath;
+        }
+    }
+};
+
+/**
+ *
+ * @export
+ * @class RequiredError
+ * @extends {Error}
+ */
+export class RequiredError extends Error {
+    name: "RequiredError" = "RequiredError";
+    constructor(public field: string, msg?: string) {
+        super(msg);
+    }
+}
--- a/backend/keycloak/kc-client/configuration.ts
+++ b/backend/keycloak/kc-client/configuration.ts
@@ -0,0 +1,75 @@
+// tslint:disable
+/**
+ * Keycloak Admin REST API
+ * This is a REST API reference for the Keycloak Admin
+ *
+ * The version of the OpenAPI document: 1
+ * 
+ *
+ * NOTE: This class is auto generated by OpenAPI Generator (https://openapi-generator.tech).
+ * https://openapi-generator.tech
+ * Do not edit the class manually.
+ */
+
+
+export interface ConfigurationParameters {
+    apiKey?: string | Promise<string> | ((name: string) => string) | ((name: string) => Promise<string>);
+    username?: string;
+    password?: string;
+    accessToken?: string | ((name?: string, scopes?: string[]) => string);
+    basePath?: string;
+    baseOptions?: any;
+}
+
+export class Configuration {
+    /**
+     * parameter for apiKey security
+     * @param name security name
+     * @memberof Configuration
+     */
+    apiKey?: string | Promise<string> | ((name: string) => string) | ((name: string) => Promise<string>);
+    /**
+     * parameter for basic security
+     * 
+     * @type {string}
+     * @memberof Configuration
+     */
+    username?: string;
+    /**
+     * parameter for basic security
+     * 
+     * @type {string}
+     * @memberof Configuration
+     */
+    password?: string;
+    /**
+     * parameter for oauth2 security
+     * @param name security name
+     * @param scopes oauth2 scope
+     * @memberof Configuration
+     */
+    accessToken?: string | ((name?: string, scopes?: string[]) => string);
+    /**
+     * override base path
+     * 
+     * @type {string}
+     * @memberof Configuration
+     */
+    basePath?: string;
+    /**
+     * base options for axios calls
+     *
+     * @type {any}
+     * @memberof Configuration
+     */
+    baseOptions?: any;
+
+    constructor(param: ConfigurationParameters = {}) {
+        this.apiKey = param.apiKey;
+        this.username = param.username;
+        this.password = param.password;
+        this.accessToken = param.accessToken;
+        this.basePath = param.basePath;
+        this.baseOptions = param.baseOptions;
+    }
+}
--- a/backend/keycloak/kc-client/git_push.sh
+++ b/backend/keycloak/kc-client/git_push.sh
@@ -0,0 +1,58 @@
+#!/bin/sh
+# ref: https://help.github.com/articles/adding-an-existing-project-to-github-using-the-command-line/
+#
+# Usage example: /bin/sh ./git_push.sh wing328 openapi-pestore-perl "minor update" "gitlab.com"
+
+git_user_id=$1
+git_repo_id=$2
+release_note=$3
+git_host=$4
+
+if [ "$git_host" = "" ]; then
+    git_host="github.com"
+    echo "[INFO] No command line input provided. Set \$git_host to $git_host"
+fi
+
+if [ "$git_user_id" = "" ]; then
+    git_user_id="GIT_USER_ID"
+    echo "[INFO] No command line input provided. Set \$git_user_id to $git_user_id"
+fi
+
+if [ "$git_repo_id" = "" ]; then
+    git_repo_id="GIT_REPO_ID"
+    echo "[INFO] No command line input provided. Set \$git_repo_id to $git_repo_id"
+fi
+
+if [ "$release_note" = "" ]; then
+    release_note="Minor update"
+    echo "[INFO] No command line input provided. Set \$release_note to $release_note"
+fi
+
+# Initialize the local directory as a Git repository
+git init
+
+# Adds the files in the local repository and stages them for commit.
+git add .
+
+# Commits the tracked changes and prepares them to be pushed to a remote repository.
+git commit -m "$release_note"
+
+# Sets the new remote
+git_remote=`git remote`
+if [ "$git_remote" = "" ]; then # git remote not defined
+
+    if [ "$GIT_TOKEN" = "" ]; then
+        echo "[INFO] \$GIT_TOKEN (environment variable) is not set. Using the git credential in your environment."
+        git remote add origin https://${git_host}/${git_user_id}/${git_repo_id}.git
+    else
+        git remote add origin https://${git_user_id}:${GIT_TOKEN}@${git_host}/${git_user_id}/${git_repo_id}.git
+    fi
+
+fi
+
+git pull origin master
+
+# Pushes (Forces) the changes in the local repository up to the remote repository
+echo "Git pushing to https://${git_host}/${git_user_id}/${git_repo_id}.git"
+git push origin master 2>&1 | grep -v 'To https'
+
--- a/backend/keycloak/kc-client/index.ts
+++ b/backend/keycloak/kc-client/index.ts
@@ -0,0 +1,16 @@
+// tslint:disable
+/**
+ * Keycloak Admin REST API
+ * This is a REST API reference for the Keycloak Admin
+ *
+ * The version of the OpenAPI document: 1
+ * 
+ *
+ * NOTE: This class is auto generated by OpenAPI Generator (https://openapi-generator.tech).
+ * https://openapi-generator.tech
+ * Do not edit the class manually.
+ */
+
+
+export * from "./api";
+export * from "./configuration";
--- a/backend/keycloak/openapi.specs.json
+++ b/backend/keycloak/openapi.specs.json
--- a/backend/openapitools.json
+++ b/backend/openapitools.json
@@ -0,0 +1,7 @@
+{
+  "$schema": "./node_modules/@openapitools/openapi-generator-cli/config.schema.json",
+  "spaces": 2,
+  "generator-cli": {
+    "version": "6.0.1"
+  }
+}
--- a/backend/package.json
+++ b/backend/package.json
@@ -28,6 +28,7 @@
    "@nestjs/platform-express": "^9.0.0",
    "@nestjs/swagger": "^6.1.2",
    "axios": "^0.27.2",
+    "openid-client": "^5.1.9",
    "reflect-metadata": "^0.1.13",
    "rimraf": "^3.0.2",
    "rxjs": "^7.2.0"
--- a/backend/src/auth/login/login.service.ts
+++ b/backend/src/auth/login/login.service.ts
@@ -1,40 +1,37 @@
-import { HttpService } from '@nestjs/axios';
-import { Injectable } from '@nestjs/common';
-import { lastValueFrom } from 'rxjs';
+import { HttpException, HttpStatus, Injectable } from '@nestjs/common';
 import { LoginDto } from './dto/login.dto';
-import { KeycloakDataDto } from './dto/kc.data.dto';
-const querystring = require('querystring');
+import { Issuer } from 'openid-client';

@Injectable()
 export class LoginService {
-  constructor(private readonly httpService: HttpService) {}
-
  async login(loginDto: LoginDto) {
-    const keycloakHeaders = {
-      Accept: 'application/xhtml+xml',
-      'content-type': 'application/x-www-form-urlencoded',
-    };
+    const { username, password } = loginDto;

-    const keycloakTokenData = {
+    const keycloakIssuer = await Issuer.discover(
+      `${process.env.KC_BASE_URL}/auth/realms/${process.env.KC_REALM}`,
+    );
+
+    const openIdConnectClient = new keycloakIssuer.Client({
      client_id: process.env.KC_CLIENT_ID || 'client_id',
      client_secret: process.env.KC_CLIENT_SECRET || 'client_secret',
-      grant_type: process.env.KC_GRANT_TYPE || 'grant_type',
-    };
-
-    const kcData: KeycloakDataDto = { ...keycloakTokenData, ...loginDto };
+    });

    try {
-      const res = await lastValueFrom(
-        this.httpService.request({
-          method: 'POST',
-          data: querystring.stringify(kcData),
-          headers: keycloakHeaders,
-          url: process.env.KC_TOKEN_ENDPOINT,
-        }),
-      );
-      return res.data;
+      const token = await openIdConnectClient.grant({
+        grant_type: process.env.KC_GRANT_TYPE || 'grant_type',
+        username,
+        password,
+      });
+
+      return token;
    } catch (error) {
-      return error;
+      throw new HttpException(error.error_description, HttpStatus.UNAUTHORIZED);
    }
  }
 }
+
+// {
+//   "error": "invalid_grant",
+//   "error_description": "Invalid user credentials",
+//   "name": "OPError"
+// }
--- a/backend/src/auth/register/register.service.ts
+++ b/backend/src/auth/register/register.service.ts
@@ -1,7 +1,5 @@
 import { HttpService } from '@nestjs/axios';
 import { Injectable } from '@nestjs/common';
-import { AxiosResponse } from 'axios';
-import { lastValueFrom, Observable, of } from 'rxjs';
 import { CreateUserDto } from './dto/create-user.dto';
 import { UpdateUserDto } from './dto/update-user.dto';

@@ -14,8 +12,6 @@ export class RegisterService {
  }

  async findAll() {
-    // const obj = await lastValueFrom(this.httpService.get('https://jsonplaceholder.typicode.com/todos'))
-    // return obj.data;
    return 'Find all Users';
  }

--- a/backend/yarn.lock
+++ b/backend/yarn.lock
@@ -2842,6 +2842,11 @@ jest@28.1.3:
    import-local "^3.0.2"
    jest-cli "^28.1.3"

+jose@^4.1.4:
+  version "4.9.2"
+  resolved "https://registry.yarnpkg.com/jose/-/jose-4.9.2.tgz#268994df4443b9c191de0b001c2e3796ac6cf368"
+  integrity sha512-EqKvu2PqJCD3Jrg3PvcYZVS7D21qMVLSYMDAFcOdGUEOpJSLNtJO7NjLANvu3SYHVl6pdP2ff7ve6EZW2nX7Nw==
+
 js-tokens@^4.0.0:
  version "4.0.0"
  resolved "https://registry.yarnpkg.com/js-tokens/-/js-tokens-4.0.0.tgz#19203fb59991df98e3a287050d4647cdeaf32499"
@@ -3169,11 +3174,21 @@ object-hash@3.0.0:
  resolved "https://registry.yarnpkg.com/object-hash/-/object-hash-3.0.0.tgz#73f97f753e7baffc0e2cc9d6e079079744ac82e9"
  integrity sha512-RSn9F68PjH9HqtltsSnqYC1XXoWe9Bju5+213R98cNGttag9q9yAOTzdbsqvIa7aNm5WffBZFpWYr2aWrklWAw==

+object-hash@^2.0.1:
+  version "2.2.0"
+  resolved "https://registry.yarnpkg.com/object-hash/-/object-hash-2.2.0.tgz#5ad518581eefc443bd763472b8ff2e9c2c0d54a5"
+  integrity sha512-gScRMn0bS5fH+IuwyIFgnh9zBdo4DV+6GhygmWM9HyNJSgS0hScp1f5vjtm7oIIOiT9trXrShAkLFSc2IqKNgw==
+
 object-inspect@^1.9.0:
  version "1.12.2"
  resolved "https://registry.yarnpkg.com/object-inspect/-/object-inspect-1.12.2.tgz#c0641f26394532f28ab8d796ab954e43c009a8ea"
  integrity sha512-z+cPxW0QGUp0mcqcsgQyLVRDoXFQbXOwBaqyF7VIgI4TWNQsDHrBpUQslRmIfAoYWdYzs6UlKJtB2XJpTaNSpQ==

+oidc-token-hash@^5.0.1:
+  version "5.0.1"
+  resolved "https://registry.yarnpkg.com/oidc-token-hash/-/oidc-token-hash-5.0.1.tgz#ae6beec3ec20f0fd885e5400d175191d6e2f10c6"
+  integrity sha512-EvoOtz6FIEBzE+9q253HsLCVRiK/0doEJ2HCvvqMQb3dHZrP3WlJKYtJ55CRTw4jmYomzH4wkPuCj/I3ZvpKxQ==
+
 on-finished@2.4.1:
  version "2.4.1"
  resolved "https://registry.yarnpkg.com/on-finished/-/on-finished-2.4.1.tgz#58c8c44116e54845ad57f14ab10b03533184ac3f"
@@ -3195,6 +3210,16 @@ onetime@^5.1.0, onetime@^5.1.2:
  dependencies:
    mimic-fn "^2.1.0"

+openid-client@^5.1.9:
+  version "5.1.9"
+  resolved "https://registry.yarnpkg.com/openid-client/-/openid-client-5.1.9.tgz#6887e75ad3fa8d0c78d0ed693a5ea107d39b54de"
+  integrity sha512-o/11Xos2fRPpK1zQrPfSIhIusFrAkqGSPwkD0UlUB+CCuRzd7zrrBJwIjgnVv3VUSif9ZGXh2d3GSJNH2Koh5g==
+  dependencies:
+    jose "^4.1.4"
+    lru-cache "^6.0.0"
+    object-hash "^2.0.1"
+    oidc-token-hash "^5.0.1"
+
 ora@5.4.1, ora@^5.4.1:
  version "5.4.1"
  resolved "https://registry.yarnpkg.com/ora/-/ora-5.4.1.tgz#1b2678426af4ac4a509008e5e4ac9e9959db9e18"
				`@@ -0,0 +1 @@`
				`# empty npmignore to ensure all required files (e.g., in the dist folder) are published by npm`