create-skweb 3.3.9 → 3.4.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
package/package.json
CHANGED
|
@@ -26,14 +26,36 @@ function buildOpenApiSpec() {
|
|
|
26
26
|
bearerFormat: 'JWT'
|
|
27
27
|
}
|
|
28
28
|
{{else}}
|
|
29
|
-
oidcAuth: {
|
|
30
|
-
|
|
31
|
-
|
|
32
|
-
|
|
33
|
-
|
|
34
|
-
|
|
35
|
-
|
|
36
|
-
|
|
29
|
+
oidcAuth: (() => {
|
|
30
|
+
// Resolve OIDC endpoints from OIDC_ISSUER or OIDC_JWKS_URI
|
|
31
|
+
// Supports Keycloak realms and generic OIDC providers
|
|
32
|
+
const issuer = process.env.OIDC_ISSUER && process.env.OIDC_ISSUER.replace(/\/$/, '')
|
|
33
|
+
const jwksUri = process.env.OIDC_JWKS_URI
|
|
34
|
+
let baseUrl
|
|
35
|
+
if (issuer) {
|
|
36
|
+
baseUrl = issuer
|
|
37
|
+
} else if (jwksUri) {
|
|
38
|
+
// Keycloak JWKS URI: https://host/realms/<name>/protocol/openid-connect/certs
|
|
39
|
+
const match = jwksUri.match(/^(https?:\/\/[^/]+\/realms\/[^/]+)/)
|
|
40
|
+
if (match) baseUrl = match[1]
|
|
41
|
+
}
|
|
42
|
+
return {
|
|
43
|
+
type: 'oauth2',
|
|
44
|
+
flows: {
|
|
45
|
+
authorizationCode: {
|
|
46
|
+
authorizationUrl: baseUrl ? `${baseUrl}/protocol/openid-connect/auth` : undefined,
|
|
47
|
+
tokenUrl: baseUrl ? `${baseUrl}/protocol/openid-connect/token` : undefined,
|
|
48
|
+
refreshUrl: baseUrl ? `${baseUrl}/protocol/openid-connect/token` : undefined,
|
|
49
|
+
scopes: {
|
|
50
|
+
openid: 'OpenID Connect scope',
|
|
51
|
+
profile: 'User profile',
|
|
52
|
+
email: 'Email address',
|
|
53
|
+
offline_access: 'Offline token refresh'
|
|
54
|
+
}
|
|
55
|
+
}
|
|
56
|
+
}
|
|
57
|
+
}
|
|
58
|
+
})()
|
|
37
59
|
{{/if_eq}}
|
|
38
60
|
}
|
|
39
61
|
}
|
|
@@ -28,14 +28,36 @@ export function buildOpenApiSpec() {
|
|
|
28
28
|
bearerFormat: 'JWT'
|
|
29
29
|
}
|
|
30
30
|
{{else}}
|
|
31
|
-
oidcAuth: {
|
|
32
|
-
|
|
33
|
-
|
|
34
|
-
|
|
35
|
-
|
|
36
|
-
|
|
37
|
-
|
|
38
|
-
|
|
31
|
+
oidcAuth: (() => {
|
|
32
|
+
// Resolve OIDC endpoints from OIDC_ISSUER or OIDC_JWKS_URI
|
|
33
|
+
// Supports Keycloak realms and generic OIDC providers
|
|
34
|
+
const issuer = process.env.OIDC_ISSUER?.replace(/\/$/, '')
|
|
35
|
+
const jwksUri = process.env.OIDC_JWKS_URI
|
|
36
|
+
let baseUrl
|
|
37
|
+
if (issuer) {
|
|
38
|
+
baseUrl = issuer
|
|
39
|
+
} else if (jwksUri) {
|
|
40
|
+
// Keycloak JWKS URI: https://host/realms/<name>/protocol/openid-connect/certs
|
|
41
|
+
const match = jwksUri.match(/^(https?:\/\/[^/]+\/realms\/[^/]+)/)
|
|
42
|
+
if (match) baseUrl = match[1]
|
|
43
|
+
}
|
|
44
|
+
return {
|
|
45
|
+
type: 'oauth2',
|
|
46
|
+
flows: {
|
|
47
|
+
authorizationCode: {
|
|
48
|
+
authorizationUrl: baseUrl ? `${baseUrl}/protocol/openid-connect/auth` : undefined,
|
|
49
|
+
tokenUrl: baseUrl ? `${baseUrl}/protocol/openid-connect/token` : undefined,
|
|
50
|
+
refreshUrl: baseUrl ? `${baseUrl}/protocol/openid-connect/token` : undefined,
|
|
51
|
+
scopes: {
|
|
52
|
+
openid: 'OpenID Connect scope',
|
|
53
|
+
profile: 'User profile',
|
|
54
|
+
email: 'Email address',
|
|
55
|
+
offline_access: 'Offline token refresh'
|
|
56
|
+
}
|
|
57
|
+
}
|
|
58
|
+
}
|
|
59
|
+
}
|
|
60
|
+
})()
|
|
39
61
|
{{/if_eq}}
|
|
40
62
|
}
|
|
41
63
|
}
|
|
@@ -28,14 +28,36 @@ export function buildOpenApiSpec(): object {
|
|
|
28
28
|
bearerFormat: 'JWT'
|
|
29
29
|
}
|
|
30
30
|
{{else}}
|
|
31
|
-
oidcAuth: {
|
|
32
|
-
|
|
33
|
-
|
|
34
|
-
|
|
35
|
-
|
|
36
|
-
|
|
37
|
-
|
|
38
|
-
|
|
31
|
+
oidcAuth: (() => {
|
|
32
|
+
// Resolve OIDC endpoints from OIDC_ISSUER or OIDC_JWKS_URI
|
|
33
|
+
// Supports Keycloak realms and generic OIDC providers
|
|
34
|
+
const issuer = process.env.OIDC_ISSUER?.replace(/\/$/, '')
|
|
35
|
+
const jwksUri = process.env.OIDC_JWKS_URI
|
|
36
|
+
let baseUrl: string | undefined
|
|
37
|
+
if (issuer) {
|
|
38
|
+
baseUrl = issuer
|
|
39
|
+
} else if (jwksUri) {
|
|
40
|
+
// Keycloak JWKS URI: https://host/realms/<name>/protocol/openid-connect/certs
|
|
41
|
+
const match = jwksUri.match(/^(https?:\/\/[^/]+\/realms\/[^/]+)/)
|
|
42
|
+
if (match) baseUrl = match[1]
|
|
43
|
+
}
|
|
44
|
+
return {
|
|
45
|
+
type: 'oauth2',
|
|
46
|
+
flows: {
|
|
47
|
+
authorizationCode: {
|
|
48
|
+
authorizationUrl: baseUrl ? `${baseUrl}/protocol/openid-connect/auth` : undefined,
|
|
49
|
+
tokenUrl: baseUrl ? `${baseUrl}/protocol/openid-connect/token` : undefined,
|
|
50
|
+
refreshUrl: baseUrl ? `${baseUrl}/protocol/openid-connect/token` : undefined,
|
|
51
|
+
scopes: {
|
|
52
|
+
openid: 'OpenID Connect scope',
|
|
53
|
+
profile: 'User profile',
|
|
54
|
+
email: 'Email address',
|
|
55
|
+
offline_access: 'Offline token refresh'
|
|
56
|
+
}
|
|
57
|
+
}
|
|
58
|
+
}
|
|
59
|
+
}
|
|
60
|
+
})()
|
|
39
61
|
{{/if_eq}}
|
|
40
62
|
}
|
|
41
63
|
}
|