ef-keycloak-connect 1.8.2-RC3 → 1.8.4-patch
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/README.md +16 -1
- package/package.json +1 -1
- package/services/keycloakService.js +484 -175
|
@@ -1,15 +1,14 @@
|
|
|
1
1
|
let session = require( "express-session" );
|
|
2
2
|
let Keycloak = require( "keycloak-connect" );
|
|
3
|
+
const fs = require( 'fs' );
|
|
3
4
|
const Joi = require( "joi" );
|
|
4
5
|
const qrcode = require( "qrcode" );
|
|
5
6
|
const speakeasy = require( 'speakeasy' )
|
|
6
7
|
const parseXMLString = require( "xml2js" ).parseString;
|
|
7
8
|
|
|
8
|
-
|
|
9
9
|
let requestController = require( "../controller/requestController.js" );
|
|
10
10
|
let memory = new session.MemoryStore();
|
|
11
11
|
|
|
12
|
-
let keycloakConfig = null;
|
|
13
12
|
let realmRoles = [];
|
|
14
13
|
let previousEvents = []; // Store complete events instead of just IDs
|
|
15
14
|
let isFirstRun = true;
|
|
@@ -31,11 +30,11 @@ class KeycloakService extends Keycloak {
|
|
|
31
30
|
|
|
32
31
|
constructor ( config ) {
|
|
33
32
|
|
|
34
|
-
|
|
35
|
-
|
|
36
|
-
|
|
37
|
-
if ( keycloakConfig.TWILIO_SID && keycloakConfig.TWILIO_AUTH_TOKEN ) {
|
|
38
|
-
twilioClient = twilio( keycloakConfig.TWILIO_SID, keycloakConfig.TWILIO_AUTH_TOKEN )
|
|
33
|
+
super( { store: memory }, { ...config } ); //initialising keycloak-connect //Keycloak = new Keycloak({store: memory}, config);
|
|
34
|
+
this.keycloakConfig = { ...config };
|
|
35
|
+
|
|
36
|
+
if ( this.keycloakConfig.TWILIO_SID && this.keycloakConfig.TWILIO_AUTH_TOKEN ) {
|
|
37
|
+
twilioClient = twilio( this.keycloakConfig.TWILIO_SID, this.keycloakConfig.TWILIO_AUTH_TOKEN )
|
|
39
38
|
}
|
|
40
39
|
}
|
|
41
40
|
|
|
@@ -78,7 +77,7 @@ class KeycloakService extends Keycloak {
|
|
|
78
77
|
else return Promise.reject( { error: 404, error_message: 'Error occurred while generating QR code.' } )
|
|
79
78
|
|
|
80
79
|
// getting admin access token to update the user attributes
|
|
81
|
-
const adminData = await this.getAccessToken( keycloakConfig.USERNAME_ADMIN, keycloakConfig.PASSWORD_ADMIN )
|
|
80
|
+
const adminData = await this.getAccessToken( this.keycloakConfig.USERNAME_ADMIN, this.keycloakConfig.PASSWORD_ADMIN )
|
|
82
81
|
const adminToken = adminData.access_token
|
|
83
82
|
|
|
84
83
|
//updating user attributes for 2FA
|
|
@@ -140,7 +139,7 @@ class KeycloakService extends Keycloak {
|
|
|
140
139
|
|
|
141
140
|
return new Promise( async ( resolve, reject ) => {
|
|
142
141
|
|
|
143
|
-
let URL = keycloakConfig[ "auth-server-url" ] + "realms/" + keycloakConfig[ "realm" ] + "/protocol/openid-connect/token";
|
|
142
|
+
let URL = this.keycloakConfig[ "auth-server-url" ] + "realms/" + this.keycloakConfig[ "realm" ] + "/protocol/openid-connect/token";
|
|
144
143
|
|
|
145
144
|
let config = {
|
|
146
145
|
method: "post",
|
|
@@ -153,9 +152,9 @@ class KeycloakService extends Keycloak {
|
|
|
153
152
|
data: {
|
|
154
153
|
username: user_name,
|
|
155
154
|
password: user_password,
|
|
156
|
-
client_id: keycloakConfig.CLIENT_ID,
|
|
157
|
-
client_secret: keycloakConfig.credentials.secret,
|
|
158
|
-
grant_type: keycloakConfig.GRANT_TYPE,
|
|
155
|
+
client_id: this.keycloakConfig.CLIENT_ID,
|
|
156
|
+
client_secret: this.keycloakConfig.credentials.secret,
|
|
157
|
+
grant_type: this.keycloakConfig.GRANT_TYPE,
|
|
159
158
|
},
|
|
160
159
|
};
|
|
161
160
|
|
|
@@ -181,7 +180,7 @@ class KeycloakService extends Keycloak {
|
|
|
181
180
|
|
|
182
181
|
return new Promise( async ( resolve, reject ) => {
|
|
183
182
|
|
|
184
|
-
let URL = keycloakConfig[ "auth-server-url" ] + "realms/" + keycloakConfig[ "realm" ] + "/protocol/openid-connect/token";
|
|
183
|
+
let URL = this.keycloakConfig[ "auth-server-url" ] + "realms/" + this.keycloakConfig[ "realm" ] + "/protocol/openid-connect/token";
|
|
185
184
|
|
|
186
185
|
let config = {
|
|
187
186
|
method: "post",
|
|
@@ -195,10 +194,10 @@ class KeycloakService extends Keycloak {
|
|
|
195
194
|
data: {
|
|
196
195
|
username: user_name,
|
|
197
196
|
password: user_password,
|
|
198
|
-
client_id: keycloakConfig.CLIENT_ID,
|
|
199
|
-
client_secret: keycloakConfig.credentials.secret,
|
|
197
|
+
client_id: this.keycloakConfig.CLIENT_ID,
|
|
198
|
+
client_secret: this.keycloakConfig.credentials.secret,
|
|
200
199
|
grant_type: "urn:ietf:params:oauth:grant-type:uma-ticket",
|
|
201
|
-
audience: keycloakConfig.CLIENT_ID
|
|
200
|
+
audience: this.keycloakConfig.CLIENT_ID
|
|
202
201
|
},
|
|
203
202
|
};
|
|
204
203
|
|
|
@@ -224,7 +223,7 @@ class KeycloakService extends Keycloak {
|
|
|
224
223
|
|
|
225
224
|
return new Promise( async ( resolve, reject ) => {
|
|
226
225
|
|
|
227
|
-
let URL = keycloakConfig[ "auth-server-url" ] + "realms/" + keycloakConfig[ "realm" ] + "/protocol/openid-connect/token/introspect";
|
|
226
|
+
let URL = this.keycloakConfig[ "auth-server-url" ] + "realms/" + this.keycloakConfig[ "realm" ] + "/protocol/openid-connect/token/introspect";
|
|
228
227
|
|
|
229
228
|
let config = {
|
|
230
229
|
method: "post",
|
|
@@ -235,9 +234,9 @@ class KeycloakService extends Keycloak {
|
|
|
235
234
|
"Content-Type": "application/x-www-form-urlencoded"
|
|
236
235
|
},
|
|
237
236
|
data: {
|
|
238
|
-
client_id: keycloakConfig.CLIENT_ID,
|
|
239
|
-
client_secret: keycloakConfig.credentials.secret,
|
|
240
|
-
grant_type: keycloakConfig.GRANT_TYPE,
|
|
237
|
+
client_id: this.keycloakConfig.CLIENT_ID,
|
|
238
|
+
client_secret: this.keycloakConfig.credentials.secret,
|
|
239
|
+
grant_type: this.keycloakConfig.GRANT_TYPE,
|
|
241
240
|
token: access_token
|
|
242
241
|
},
|
|
243
242
|
};
|
|
@@ -262,7 +261,7 @@ class KeycloakService extends Keycloak {
|
|
|
262
261
|
|
|
263
262
|
// function for getting user details (and extracting attributes)
|
|
264
263
|
async getUserDetails( adminToken, username ) {
|
|
265
|
-
let URL = keycloakConfig[ "auth-server-url" ] + "admin/realms/" + keycloakConfig[ "realm" ] + "/users?username=" + username + "&exact=true";
|
|
264
|
+
let URL = this.keycloakConfig[ "auth-server-url" ] + "admin/realms/" + this.keycloakConfig[ "realm" ] + "/users?username=" + username + "&exact=true";
|
|
266
265
|
let config = {
|
|
267
266
|
method: "get",
|
|
268
267
|
url: URL,
|
|
@@ -303,7 +302,7 @@ class KeycloakService extends Keycloak {
|
|
|
303
302
|
|
|
304
303
|
// function for updating user attributes in KeyCloak for 2FA registration
|
|
305
304
|
async updateUserAttributes( adminToken, userId, attributesToUpdate ) {
|
|
306
|
-
let URL = keycloakConfig[ "auth-server-url" ] + "admin/realms/" + keycloakConfig[ "realm" ] + "/users/" + userId;
|
|
305
|
+
let URL = this.keycloakConfig[ "auth-server-url" ] + "admin/realms/" + this.keycloakConfig[ "realm" ] + "/users/" + userId;
|
|
307
306
|
let config = {
|
|
308
307
|
method: "put",
|
|
309
308
|
url: URL,
|
|
@@ -339,7 +338,7 @@ class KeycloakService extends Keycloak {
|
|
|
339
338
|
|
|
340
339
|
let userObjectToBeReturned = { username: username }
|
|
341
340
|
|
|
342
|
-
const adminData = await this.getAccessToken( keycloakConfig.USERNAME_ADMIN, keycloakConfig.PASSWORD_ADMIN )
|
|
341
|
+
const adminData = await this.getAccessToken( this.keycloakConfig.USERNAME_ADMIN, this.keycloakConfig.PASSWORD_ADMIN )
|
|
343
342
|
const adminToken = adminData.access_token
|
|
344
343
|
|
|
345
344
|
let userObject = await this.getUserDetails( adminToken, username )
|
|
@@ -407,7 +406,7 @@ class KeycloakService extends Keycloak {
|
|
|
407
406
|
}
|
|
408
407
|
|
|
409
408
|
try {
|
|
410
|
-
await twilioClient.verify.v2.services( keycloakConfig.TWILIO_VERIFY_SID )
|
|
409
|
+
await twilioClient.verify.v2.services( this.keycloakConfig.TWILIO_VERIFY_SID )
|
|
411
410
|
.verifications
|
|
412
411
|
.create( { to: phoneNumber, channel: 'sms' } );
|
|
413
412
|
} catch ( error ) {
|
|
@@ -422,7 +421,7 @@ class KeycloakService extends Keycloak {
|
|
|
422
421
|
|
|
423
422
|
// function for validating OTP sent through authenticator app or SMS - (callable from frontend)
|
|
424
423
|
async validateOTP( username, password, realm, otpToValidate ) {
|
|
425
|
-
const adminData = await this.getAccessToken( keycloakConfig.USERNAME_ADMIN, keycloakConfig.PASSWORD_ADMIN )
|
|
424
|
+
const adminData = await this.getAccessToken( this.keycloakConfig.USERNAME_ADMIN, this.keycloakConfig.PASSWORD_ADMIN )
|
|
426
425
|
const adminToken = adminData.access_token
|
|
427
426
|
|
|
428
427
|
// getting user details for fetching attributes and otpSecret or OTP validation
|
|
@@ -463,7 +462,7 @@ class KeycloakService extends Keycloak {
|
|
|
463
462
|
// running OTP validation flow for SMS
|
|
464
463
|
else if ( userAttributes.twoFAChannel[ 0 ] == 'sms' ) {
|
|
465
464
|
try {
|
|
466
|
-
let verificationStatus = await twilioClient.verify.v2.services( keycloakConfig.TWILIO_VERIFY_SID )
|
|
465
|
+
let verificationStatus = await twilioClient.verify.v2.services( this.keycloakConfig.TWILIO_VERIFY_SID )
|
|
467
466
|
.verificationChecks
|
|
468
467
|
.create( { to: userAttributes.phoneNumber[ 0 ], code: otpToValidate } );
|
|
469
468
|
|
|
@@ -513,9 +512,9 @@ class KeycloakService extends Keycloak {
|
|
|
513
512
|
let error;
|
|
514
513
|
let responseObject;
|
|
515
514
|
|
|
516
|
-
let URL = keycloakConfig[ "auth-server-url" ] + "realms/" + realm_name + "/protocol/openid-connect/token";
|
|
515
|
+
let URL = this.keycloakConfig[ "auth-server-url" ] + "realms/" + realm_name + "/protocol/openid-connect/token";
|
|
517
516
|
|
|
518
|
-
//keycloakConfig["auth-server-url"] +'realms
|
|
517
|
+
//this.keycloakConfig["auth-server-url"] +'realms
|
|
519
518
|
let config = {
|
|
520
519
|
|
|
521
520
|
method: "post",
|
|
@@ -528,9 +527,9 @@ class KeycloakService extends Keycloak {
|
|
|
528
527
|
data: {
|
|
529
528
|
username: user_name,
|
|
530
529
|
password: user_password,
|
|
531
|
-
client_id: keycloakConfig.CLIENT_ID,
|
|
532
|
-
client_secret: keycloakConfig.credentials.secret,
|
|
533
|
-
grant_type: keycloakConfig.GRANT_TYPE,
|
|
530
|
+
client_id: this.keycloakConfig.CLIENT_ID,
|
|
531
|
+
client_secret: this.keycloakConfig.credentials.secret,
|
|
532
|
+
grant_type: this.keycloakConfig.GRANT_TYPE,
|
|
534
533
|
},
|
|
535
534
|
|
|
536
535
|
};
|
|
@@ -561,11 +560,11 @@ class KeycloakService extends Keycloak {
|
|
|
561
560
|
try {
|
|
562
561
|
|
|
563
562
|
let config1 = { ...config };
|
|
564
|
-
config1.data.username = keycloakConfig.USERNAME_ADMIN;
|
|
565
|
-
config1.data.password = keycloakConfig.PASSWORD_ADMIN;
|
|
563
|
+
config1.data.username = this.keycloakConfig.USERNAME_ADMIN;
|
|
564
|
+
config1.data.password = this.keycloakConfig.PASSWORD_ADMIN;
|
|
566
565
|
delete config1.data.token;
|
|
567
566
|
|
|
568
|
-
config1.url = keycloakConfig[ "auth-server-url" ] + "realms/" + realm_name + "/protocol/openid-connect/token";
|
|
567
|
+
config1.url = this.keycloakConfig[ "auth-server-url" ] + "realms/" + realm_name + "/protocol/openid-connect/token";
|
|
569
568
|
|
|
570
569
|
let adminTokenResponse = await requestController.httpRequest( config1, true );
|
|
571
570
|
|
|
@@ -577,7 +576,7 @@ class KeycloakService extends Keycloak {
|
|
|
577
576
|
|
|
578
577
|
config1.headers.Authorization = "Bearer " + admin_token;
|
|
579
578
|
config1.method = "get";
|
|
580
|
-
config1.url = keycloakConfig[ "auth-server-url" ] + "admin/realms/" + realm_name + "/users?username=" + user_name + "&exact=true";
|
|
579
|
+
config1.url = this.keycloakConfig[ "auth-server-url" ] + "admin/realms/" + realm_name + "/users?username=" + user_name + "&exact=true";
|
|
581
580
|
delete config1.data;
|
|
582
581
|
|
|
583
582
|
let getuserDetails = await requestController.httpRequest( config1, true );
|
|
@@ -684,15 +683,15 @@ class KeycloakService extends Keycloak {
|
|
|
684
683
|
data: {
|
|
685
684
|
username: user_name,
|
|
686
685
|
password: user_password,
|
|
687
|
-
client_id: keycloakConfig.CLIENT_ID,
|
|
688
|
-
client_secret: keycloakConfig.credentials.secret,
|
|
689
|
-
grant_type: keycloakConfig.GRANT_TYPE,
|
|
686
|
+
client_id: this.keycloakConfig.CLIENT_ID,
|
|
687
|
+
client_secret: this.keycloakConfig.credentials.secret,
|
|
688
|
+
grant_type: this.keycloakConfig.GRANT_TYPE,
|
|
690
689
|
},
|
|
691
690
|
|
|
692
691
|
};
|
|
693
692
|
|
|
694
693
|
config.data.grant_type = "urn:ietf:params:oauth:grant-type:uma-ticket";
|
|
695
|
-
config.data.audience = keycloakConfig.CLIENT_ID;
|
|
694
|
+
config.data.audience = this.keycloakConfig.CLIENT_ID;
|
|
696
695
|
config.headers.Authorization = "Bearer " + token;
|
|
697
696
|
|
|
698
697
|
// T.O.K.E.N R.E.Q.U.E.S.T # 2 (A.C.C.E.S.S T.O.K.E.N W.I.T.H P.E.R.M.I.S.S.I.O.N.S)
|
|
@@ -705,7 +704,7 @@ class KeycloakService extends Keycloak {
|
|
|
705
704
|
refresh_token = rptResponse.data.refresh_token;
|
|
706
705
|
|
|
707
706
|
let userToken = token;
|
|
708
|
-
config.data.grant_type = keycloakConfig.GRANT_TYPE;
|
|
707
|
+
config.data.grant_type = this.keycloakConfig.GRANT_TYPE;
|
|
709
708
|
config.data.token = token;
|
|
710
709
|
URL = URL + "/introspect";
|
|
711
710
|
config.url = URL;
|
|
@@ -939,7 +938,7 @@ class KeycloakService extends Keycloak {
|
|
|
939
938
|
|
|
940
939
|
return new Promise( async ( resolve, reject ) => {
|
|
941
940
|
|
|
942
|
-
let URL = keycloakConfig[ "auth-server-url" ] + "realms/" + keycloakConfig.realm + "/protocol/openid-connect/token/introspect";
|
|
941
|
+
let URL = this.keycloakConfig[ "auth-server-url" ] + "realms/" + this.keycloakConfig.realm + "/protocol/openid-connect/token/introspect";
|
|
943
942
|
|
|
944
943
|
let config = {
|
|
945
944
|
|
|
@@ -952,8 +951,8 @@ class KeycloakService extends Keycloak {
|
|
|
952
951
|
},
|
|
953
952
|
data: {
|
|
954
953
|
username: username,
|
|
955
|
-
client_id: keycloakConfig.CLIENT_ID,
|
|
956
|
-
client_secret: keycloakConfig.credentials.secret,
|
|
954
|
+
client_id: this.keycloakConfig.CLIENT_ID,
|
|
955
|
+
client_secret: this.keycloakConfig.credentials.secret,
|
|
957
956
|
token: token,
|
|
958
957
|
},
|
|
959
958
|
|
|
@@ -996,7 +995,7 @@ class KeycloakService extends Keycloak {
|
|
|
996
995
|
|
|
997
996
|
return new Promise( async ( resolve, reject ) => {
|
|
998
997
|
|
|
999
|
-
let URL = keycloakConfig[ "auth-server-url" ] + "admin/realms/" + keycloakConfig[ "realm" ] + "/clients?clientId=" + keycloakConfig[ "CLIENT_ID" ];
|
|
998
|
+
let URL = this.keycloakConfig[ "auth-server-url" ] + "admin/realms/" + this.keycloakConfig[ "realm" ] + "/clients?clientId=" + this.keycloakConfig[ "CLIENT_ID" ];
|
|
1000
999
|
|
|
1001
1000
|
let config = {
|
|
1002
1001
|
method: "get",
|
|
@@ -1033,11 +1032,11 @@ class KeycloakService extends Keycloak {
|
|
|
1033
1032
|
} );
|
|
1034
1033
|
}
|
|
1035
1034
|
|
|
1036
|
-
createResource( resource_name, resource_scope = keycloakConfig.SCOPE_NAME ) {
|
|
1035
|
+
createResource( resource_name, resource_scope = this.keycloakConfig.SCOPE_NAME ) {
|
|
1037
1036
|
|
|
1038
1037
|
return new Promise( async ( resolve, reject ) => {
|
|
1039
1038
|
|
|
1040
|
-
let URL = keycloakConfig[ "auth-server-url" ] + "realms/" + keycloakConfig.realm + "/protocol/openid-connect/token";
|
|
1039
|
+
let URL = this.keycloakConfig[ "auth-server-url" ] + "realms/" + this.keycloakConfig.realm + "/protocol/openid-connect/token";
|
|
1041
1040
|
|
|
1042
1041
|
let config = {
|
|
1043
1042
|
|
|
@@ -1049,9 +1048,9 @@ class KeycloakService extends Keycloak {
|
|
|
1049
1048
|
"Content-Type": "application/x-www-form-urlencoded",
|
|
1050
1049
|
},
|
|
1051
1050
|
data: {
|
|
1052
|
-
client_id: keycloakConfig.CLIENT_ID,
|
|
1053
|
-
client_secret: keycloakConfig.credentials.secret,
|
|
1054
|
-
grant_type: keycloakConfig.GRANT_TYPE_PAT,
|
|
1051
|
+
client_id: this.keycloakConfig.CLIENT_ID,
|
|
1052
|
+
client_secret: this.keycloakConfig.credentials.secret,
|
|
1053
|
+
grant_type: this.keycloakConfig.GRANT_TYPE_PAT,
|
|
1055
1054
|
},
|
|
1056
1055
|
|
|
1057
1056
|
};
|
|
@@ -1073,7 +1072,7 @@ class KeycloakService extends Keycloak {
|
|
|
1073
1072
|
config.data._id = resource_name;
|
|
1074
1073
|
config.data.resource_scopes = [ resource_scope ];
|
|
1075
1074
|
|
|
1076
|
-
config.url = keycloakConfig[ "auth-server-url" ] + "realms/" + keycloakConfig.realm + "/authz/protection/resource_set";
|
|
1075
|
+
config.url = this.keycloakConfig[ "auth-server-url" ] + "realms/" + this.keycloakConfig.realm + "/authz/protection/resource_set";
|
|
1077
1076
|
config.headers.Authorization = "Bearer " + token;
|
|
1078
1077
|
config.headers[ "Content-Type" ] = "application/json";
|
|
1079
1078
|
|
|
@@ -1116,7 +1115,7 @@ class KeycloakService extends Keycloak {
|
|
|
1116
1115
|
return new Promise( async ( resolve, reject ) => {
|
|
1117
1116
|
|
|
1118
1117
|
let token;
|
|
1119
|
-
let URL = keycloakConfig[ "auth-server-url" ] + "realms/" + keycloakConfig.realm + "/protocol/openid-connect/token";
|
|
1118
|
+
let URL = this.keycloakConfig[ "auth-server-url" ] + "realms/" + this.keycloakConfig.realm + "/protocol/openid-connect/token";
|
|
1120
1119
|
|
|
1121
1120
|
let config = {
|
|
1122
1121
|
|
|
@@ -1128,9 +1127,9 @@ class KeycloakService extends Keycloak {
|
|
|
1128
1127
|
"Content-Type": "application/x-www-form-urlencoded",
|
|
1129
1128
|
},
|
|
1130
1129
|
data: {
|
|
1131
|
-
client_id: keycloakConfig.CLIENT_ID,
|
|
1132
|
-
client_secret: keycloakConfig.credentials.secret,
|
|
1133
|
-
grant_type: keycloakConfig.GRANT_TYPE_PAT,
|
|
1130
|
+
client_id: this.keycloakConfig.CLIENT_ID,
|
|
1131
|
+
client_secret: this.keycloakConfig.credentials.secret,
|
|
1132
|
+
grant_type: this.keycloakConfig.GRANT_TYPE_PAT,
|
|
1134
1133
|
},
|
|
1135
1134
|
|
|
1136
1135
|
};
|
|
@@ -1144,7 +1143,7 @@ class KeycloakService extends Keycloak {
|
|
|
1144
1143
|
|
|
1145
1144
|
token = patToken.data.access_token;
|
|
1146
1145
|
// D.E.L.E.T.E R.E.S.O.U.R.C.E A.N.D P.E.R.M.I.S.S.I.O.N R.E.Q.U.E.S.T
|
|
1147
|
-
let URL1 = keycloakConfig[ "auth-server-url" ] + "realms/" + keycloakConfig.realm + "/authz/protection/resource_set/" + resource_name;
|
|
1146
|
+
let URL1 = this.keycloakConfig[ "auth-server-url" ] + "realms/" + this.keycloakConfig.realm + "/authz/protection/resource_set/" + resource_name;
|
|
1148
1147
|
|
|
1149
1148
|
config.url = URL1;
|
|
1150
1149
|
config.method = "delete";
|
|
@@ -1161,11 +1160,11 @@ class KeycloakService extends Keycloak {
|
|
|
1161
1160
|
config.method = "post";
|
|
1162
1161
|
config.url = URL;
|
|
1163
1162
|
delete config.headers[ "Authorization" ];
|
|
1164
|
-
config.data.client_id = keycloakConfig.CLIENT_ID;
|
|
1165
|
-
config.data.username = keycloakConfig.USERNAME_ADMIN;
|
|
1166
|
-
config.data.password = keycloakConfig.PASSWORD_ADMIN;
|
|
1167
|
-
config.data.grant_type = keycloakConfig.GRANT_TYPE;
|
|
1168
|
-
config.data.client_secret = keycloakConfig.credentials.secret;
|
|
1163
|
+
config.data.client_id = this.keycloakConfig.CLIENT_ID;
|
|
1164
|
+
config.data.username = this.keycloakConfig.USERNAME_ADMIN;
|
|
1165
|
+
config.data.password = this.keycloakConfig.PASSWORD_ADMIN;
|
|
1166
|
+
config.data.grant_type = this.keycloakConfig.GRANT_TYPE;
|
|
1167
|
+
config.data.client_secret = this.keycloakConfig.credentials.secret;
|
|
1169
1168
|
|
|
1170
1169
|
try {
|
|
1171
1170
|
|
|
@@ -1175,7 +1174,7 @@ class KeycloakService extends Keycloak {
|
|
|
1175
1174
|
// now deleting policy
|
|
1176
1175
|
config.method = "delete";
|
|
1177
1176
|
delete config.data;
|
|
1178
|
-
let URL6 = keycloakConfig[ "auth-server-url" ] + "admin/realms/" + keycloakConfig.realm + "/clients/" + keycloakConfig.CLIENT_DB_ID + "/authz/resource-server/policy/user/" + resource_name + "-policy";
|
|
1177
|
+
let URL6 = this.keycloakConfig[ "auth-server-url" ] + "admin/realms/" + this.keycloakConfig.realm + "/clients/" + this.keycloakConfig.CLIENT_DB_ID + "/authz/resource-server/policy/user/" + resource_name + "-policy";
|
|
1179
1178
|
config.url = URL6;
|
|
1180
1179
|
|
|
1181
1180
|
delete config.headers[ "Accept" ];
|
|
@@ -1241,7 +1240,7 @@ class KeycloakService extends Keycloak {
|
|
|
1241
1240
|
return new Promise( async ( resolve, reject ) => {
|
|
1242
1241
|
|
|
1243
1242
|
|
|
1244
|
-
let URL = keycloakConfig[ "auth-server-url" ] + "admin/realms/" + keycloakConfig[ "realm" ] + "/clients/" + clientId + "/authz/resource-server/policy?name=" + policyName + "&exact=true";
|
|
1243
|
+
let URL = this.keycloakConfig[ "auth-server-url" ] + "admin/realms/" + this.keycloakConfig[ "realm" ] + "/clients/" + clientId + "/authz/resource-server/policy?name=" + policyName + "&exact=true";
|
|
1245
1244
|
|
|
1246
1245
|
let config = {
|
|
1247
1246
|
|
|
@@ -1287,7 +1286,7 @@ class KeycloakService extends Keycloak {
|
|
|
1287
1286
|
return new Promise( async ( resolve, reject ) => {
|
|
1288
1287
|
|
|
1289
1288
|
let token;
|
|
1290
|
-
let URL = keycloakConfig[ "auth-server-url" ] + "realms/" + keycloakConfig.realm + "/protocol/openid-connect/token";
|
|
1289
|
+
let URL = this.keycloakConfig[ "auth-server-url" ] + "realms/" + this.keycloakConfig.realm + "/protocol/openid-connect/token";
|
|
1291
1290
|
|
|
1292
1291
|
let config = {
|
|
1293
1292
|
|
|
@@ -1299,11 +1298,11 @@ class KeycloakService extends Keycloak {
|
|
|
1299
1298
|
"Content-Type": "application/x-www-form-urlencoded",
|
|
1300
1299
|
},
|
|
1301
1300
|
data: {
|
|
1302
|
-
client_id: keycloakConfig.CLIENT_ID,
|
|
1303
|
-
username: keycloakConfig.USERNAME_ADMIN,
|
|
1304
|
-
password: keycloakConfig.PASSWORD_ADMIN,
|
|
1305
|
-
grant_type: keycloakConfig.GRANT_TYPE,
|
|
1306
|
-
client_secret: keycloakConfig.credentials.secret,
|
|
1301
|
+
client_id: this.keycloakConfig.CLIENT_ID,
|
|
1302
|
+
username: this.keycloakConfig.USERNAME_ADMIN,
|
|
1303
|
+
password: this.keycloakConfig.PASSWORD_ADMIN,
|
|
1304
|
+
grant_type: this.keycloakConfig.GRANT_TYPE,
|
|
1305
|
+
client_secret: this.keycloakConfig.credentials.secret,
|
|
1307
1306
|
},
|
|
1308
1307
|
|
|
1309
1308
|
};
|
|
@@ -1315,7 +1314,7 @@ class KeycloakService extends Keycloak {
|
|
|
1315
1314
|
|
|
1316
1315
|
// T.O.K.E.N R.E.Q.U.E.S.T (user with admin is already defined in keycloak with roles 'realm-management')
|
|
1317
1316
|
// // C.R.E.A.T.E U.S.E.R B.A.S.E.D P.O.L.I.C.Y
|
|
1318
|
-
let URL3 = keycloakConfig[ "auth-server-url" ] + "admin/realms/" + keycloakConfig.realm + "/clients/" + keycloakConfig.CLIENT_DB_ID + "/authz/resource-server/policy/role";
|
|
1317
|
+
let URL3 = this.keycloakConfig[ "auth-server-url" ] + "admin/realms/" + this.keycloakConfig.realm + "/clients/" + this.keycloakConfig.CLIENT_DB_ID + "/authz/resource-server/policy/role";
|
|
1319
1318
|
config.url = URL3;
|
|
1320
1319
|
config.headers[ "Content-Type" ] = "application/json";
|
|
1321
1320
|
config.headers.Authorization = "Bearer " + token;
|
|
@@ -1369,7 +1368,7 @@ class KeycloakService extends Keycloak {
|
|
|
1369
1368
|
|
|
1370
1369
|
|
|
1371
1370
|
let policyId = policyObj.id;
|
|
1372
|
-
let URL = keycloakConfig[ "auth-server-url" ] + "admin/realms/" + keycloakConfig[ "realm" ] + "/clients/" + clientId + "/authz/resource-server/policy/user/" + policyId;
|
|
1371
|
+
let URL = this.keycloakConfig[ "auth-server-url" ] + "admin/realms/" + this.keycloakConfig[ "realm" ] + "/clients/" + clientId + "/authz/resource-server/policy/user/" + policyId;
|
|
1373
1372
|
|
|
1374
1373
|
delete policyObj.id;
|
|
1375
1374
|
|
|
@@ -1416,7 +1415,7 @@ class KeycloakService extends Keycloak {
|
|
|
1416
1415
|
return new Promise( async ( resolve, reject ) => {
|
|
1417
1416
|
|
|
1418
1417
|
let token;
|
|
1419
|
-
let URL = keycloakConfig[ "auth-server-url" ] + "realms/" + keycloakConfig.realm + "/protocol/openid-connect/token";
|
|
1418
|
+
let URL = this.keycloakConfig[ "auth-server-url" ] + "realms/" + this.keycloakConfig.realm + "/protocol/openid-connect/token";
|
|
1420
1419
|
|
|
1421
1420
|
let config = {
|
|
1422
1421
|
|
|
@@ -1428,11 +1427,11 @@ class KeycloakService extends Keycloak {
|
|
|
1428
1427
|
"Content-Type": "application/x-www-form-urlencoded",
|
|
1429
1428
|
},
|
|
1430
1429
|
data: {
|
|
1431
|
-
client_id: keycloakConfig.CLIENT_ID,
|
|
1432
|
-
username: keycloakConfig.USERNAME_ADMIN,
|
|
1433
|
-
password: keycloakConfig.PASSWORD_ADMIN,
|
|
1434
|
-
grant_type: keycloakConfig.GRANT_TYPE,
|
|
1435
|
-
client_secret: keycloakConfig.credentials.secret,
|
|
1430
|
+
client_id: this.keycloakConfig.CLIENT_ID,
|
|
1431
|
+
username: this.keycloakConfig.USERNAME_ADMIN,
|
|
1432
|
+
password: this.keycloakConfig.PASSWORD_ADMIN,
|
|
1433
|
+
grant_type: this.keycloakConfig.GRANT_TYPE,
|
|
1434
|
+
client_secret: this.keycloakConfig.credentials.secret,
|
|
1436
1435
|
},
|
|
1437
1436
|
|
|
1438
1437
|
};
|
|
@@ -1444,7 +1443,7 @@ class KeycloakService extends Keycloak {
|
|
|
1444
1443
|
|
|
1445
1444
|
// T.O.K.E.N R.E.Q.U.E.S.T (user with admin is already defined in keycloak with roles 'realm-management')
|
|
1446
1445
|
// // C.R.E.A.T.E U.S.E.R B.A.S.E.D P.O.L.I.C.Y
|
|
1447
|
-
let URL3 = keycloakConfig[ "auth-server-url" ] + "admin/realms/" + keycloakConfig.realm + "/clients/" + keycloakConfig.CLIENT_DB_ID + "/authz/resource-server/permission/scope";
|
|
1446
|
+
let URL3 = this.keycloakConfig[ "auth-server-url" ] + "admin/realms/" + this.keycloakConfig.realm + "/clients/" + this.keycloakConfig.CLIENT_DB_ID + "/authz/resource-server/permission/scope";
|
|
1448
1447
|
config.url = URL3;
|
|
1449
1448
|
config.headers[ "Content-Type" ] = "application/json";
|
|
1450
1449
|
config.headers.Authorization = "Bearer " + token;
|
|
@@ -1511,11 +1510,11 @@ class KeycloakService extends Keycloak {
|
|
|
1511
1510
|
"Content-Type": "application/x-www-form-urlencoded",
|
|
1512
1511
|
},
|
|
1513
1512
|
data: {
|
|
1514
|
-
client_id: keycloakConfig.CLIENT_ID,
|
|
1515
|
-
username: keycloakConfig.USERNAME_ADMIN,
|
|
1516
|
-
password: keycloakConfig.PASSWORD_ADMIN,
|
|
1517
|
-
grant_type: keycloakConfig.GRANT_TYPE,
|
|
1518
|
-
client_secret: keycloakConfig.credentials.secret,
|
|
1513
|
+
client_id: this.keycloakConfig.CLIENT_ID,
|
|
1514
|
+
username: this.keycloakConfig.USERNAME_ADMIN,
|
|
1515
|
+
password: this.keycloakConfig.PASSWORD_ADMIN,
|
|
1516
|
+
grant_type: this.keycloakConfig.GRANT_TYPE,
|
|
1517
|
+
client_secret: this.keycloakConfig.credentials.secret,
|
|
1519
1518
|
},
|
|
1520
1519
|
|
|
1521
1520
|
};
|
|
@@ -1528,11 +1527,11 @@ class KeycloakService extends Keycloak {
|
|
|
1528
1527
|
// EVALUATION REQUEST
|
|
1529
1528
|
let data = JSON.stringify( {
|
|
1530
1529
|
resources: [ { _id: resource_name } ],
|
|
1531
|
-
clientId: keycloakConfig.CLIENT_DB_ID,
|
|
1530
|
+
clientId: this.keycloakConfig.CLIENT_DB_ID,
|
|
1532
1531
|
userId: keycloak_user_id,
|
|
1533
1532
|
} );
|
|
1534
1533
|
|
|
1535
|
-
config.data.clientId = keycloakConfig.CLIENT_DB_ID;
|
|
1534
|
+
config.data.clientId = this.keycloakConfig.CLIENT_DB_ID;
|
|
1536
1535
|
config.data.resources = [ { _id: resource_name } ];
|
|
1537
1536
|
config.data.userId = keycloak_user_id;
|
|
1538
1537
|
delete config.data[ "username" ];
|
|
@@ -1541,7 +1540,7 @@ class KeycloakService extends Keycloak {
|
|
|
1541
1540
|
delete config.data[ "client_secret" ];
|
|
1542
1541
|
delete config.data[ "client_id" ];
|
|
1543
1542
|
|
|
1544
|
-
let URL5 = keycloakConfig[ "auth-server-url" ] + "admin/realms/" + keycloakConfig.realm + "/clients/" + keycloakConfig.CLIENT_DB_ID + "/authz/resource-server/policy/evaluate";
|
|
1543
|
+
let URL5 = this.keycloakConfig[ "auth-server-url" ] + "admin/realms/" + this.keycloakConfig.realm + "/clients/" + this.keycloakConfig.CLIENT_DB_ID + "/authz/resource-server/policy/evaluate";
|
|
1545
1544
|
config.url = URL5;
|
|
1546
1545
|
config.headers[ "Content-Type" ] = "application/json";
|
|
1547
1546
|
( config.headers.Authorization = "Bearer " + token ), ( config.data = JSON.stringify( config.data ) );
|
|
@@ -1590,11 +1589,11 @@ class KeycloakService extends Keycloak {
|
|
|
1590
1589
|
"Content-Type": "application/x-www-form-urlencoded",
|
|
1591
1590
|
},
|
|
1592
1591
|
data: {
|
|
1593
|
-
client_id: keycloakConfig.CLIENT_ID,
|
|
1594
|
-
username: keycloakConfig.USERNAME_ADMIN,
|
|
1595
|
-
password: keycloakConfig.PASSWORD_ADMIN,
|
|
1596
|
-
grant_type: keycloakConfig.GRANT_TYPE,
|
|
1597
|
-
client_secret: keycloakConfig.credentials.secret,
|
|
1592
|
+
client_id: this.keycloakConfig.CLIENT_ID,
|
|
1593
|
+
username: this.keycloakConfig.USERNAME_ADMIN,
|
|
1594
|
+
password: this.keycloakConfig.PASSWORD_ADMIN,
|
|
1595
|
+
grant_type: this.keycloakConfig.GRANT_TYPE,
|
|
1596
|
+
client_secret: this.keycloakConfig.credentials.secret,
|
|
1598
1597
|
},
|
|
1599
1598
|
};
|
|
1600
1599
|
|
|
@@ -1605,7 +1604,7 @@ class KeycloakService extends Keycloak {
|
|
|
1605
1604
|
// now deleting policy
|
|
1606
1605
|
config.method = "delete";
|
|
1607
1606
|
delete config.data;
|
|
1608
|
-
let URL6 = keycloakConfig[ "auth-server-url" ] + "admin/realms/" + keycloakConfig.realm + "/clients/" + keycloakConfig.CLIENT_DB_ID + "/authz/resource-server/policy/user/" + resource_name + "-policy";
|
|
1607
|
+
let URL6 = this.keycloakConfig[ "auth-server-url" ] + "admin/realms/" + this.keycloakConfig.realm + "/clients/" + this.keycloakConfig.CLIENT_DB_ID + "/authz/resource-server/policy/user/" + resource_name + "-policy";
|
|
1609
1608
|
config.url = URL6;
|
|
1610
1609
|
delete config.headers[ "Accept" ];
|
|
1611
1610
|
delete config.headers[ "cache-control" ];
|
|
@@ -1660,7 +1659,7 @@ class KeycloakService extends Keycloak {
|
|
|
1660
1659
|
try {
|
|
1661
1660
|
|
|
1662
1661
|
// User Groups
|
|
1663
|
-
let URL = keycloakConfig[ "ef-server-url" ] + "team/user/" + userId;
|
|
1662
|
+
let URL = this.keycloakConfig[ "ef-server-url" ] + "team/user/" + userId;
|
|
1664
1663
|
config.url = URL;
|
|
1665
1664
|
|
|
1666
1665
|
try {
|
|
@@ -1691,7 +1690,7 @@ class KeycloakService extends Keycloak {
|
|
|
1691
1690
|
}
|
|
1692
1691
|
|
|
1693
1692
|
// User Groups from Keycloak
|
|
1694
|
-
let URL1 = keycloakConfig[ "auth-server-url" ] + "admin/realms/" + keycloakConfig.realm + "/users/" + userId + "/groups";
|
|
1693
|
+
let URL1 = this.keycloakConfig[ "auth-server-url" ] + "admin/realms/" + this.keycloakConfig.realm + "/users/" + userId + "/groups";
|
|
1695
1694
|
config.url = URL1;
|
|
1696
1695
|
config.headers.Authorization = "Bearer " + adminToken;
|
|
1697
1696
|
|
|
@@ -1742,7 +1741,7 @@ class KeycloakService extends Keycloak {
|
|
|
1742
1741
|
|
|
1743
1742
|
let token;
|
|
1744
1743
|
let message;
|
|
1745
|
-
let URL = keycloakConfig[ "auth-server-url" ] + "realms/" + keycloakConfig.realm + "/protocol/openid-connect/token";
|
|
1744
|
+
let URL = this.keycloakConfig[ "auth-server-url" ] + "realms/" + this.keycloakConfig.realm + "/protocol/openid-connect/token";
|
|
1746
1745
|
|
|
1747
1746
|
|
|
1748
1747
|
|
|
@@ -1786,11 +1785,11 @@ class KeycloakService extends Keycloak {
|
|
|
1786
1785
|
"Content-Type": "application/x-www-form-urlencoded",
|
|
1787
1786
|
},
|
|
1788
1787
|
data: {
|
|
1789
|
-
client_id: keycloakConfig.CLIENT_ID,
|
|
1790
|
-
username: keycloakConfig.USERNAME_ADMIN,
|
|
1791
|
-
password: keycloakConfig.PASSWORD_ADMIN,
|
|
1792
|
-
grant_type: keycloakConfig.GRANT_TYPE,
|
|
1793
|
-
client_secret: keycloakConfig.credentials.secret,
|
|
1788
|
+
client_id: this.keycloakConfig.CLIENT_ID,
|
|
1789
|
+
username: this.keycloakConfig.USERNAME_ADMIN,
|
|
1790
|
+
password: this.keycloakConfig.PASSWORD_ADMIN,
|
|
1791
|
+
grant_type: this.keycloakConfig.GRANT_TYPE,
|
|
1792
|
+
client_secret: this.keycloakConfig.credentials.secret,
|
|
1794
1793
|
},
|
|
1795
1794
|
|
|
1796
1795
|
};
|
|
@@ -1818,7 +1817,7 @@ class KeycloakService extends Keycloak {
|
|
|
1818
1817
|
//admin case
|
|
1819
1818
|
if ( "realm-management" in clientRoles ) {
|
|
1820
1819
|
|
|
1821
|
-
let URL2 = keycloakConfig[ "auth-server-url" ] + "admin/realms/" + keycloakConfig.realm + "/groups";
|
|
1820
|
+
let URL2 = this.keycloakConfig[ "auth-server-url" ] + "admin/realms/" + this.keycloakConfig.realm + "/groups";
|
|
1822
1821
|
config.url = URL2;
|
|
1823
1822
|
|
|
1824
1823
|
try {
|
|
@@ -1890,7 +1889,7 @@ class KeycloakService extends Keycloak {
|
|
|
1890
1889
|
}
|
|
1891
1890
|
}
|
|
1892
1891
|
|
|
1893
|
-
allUsers = await teamsService.getUsersOfGroups( groupsData, config, keycloakConfig );
|
|
1892
|
+
allUsers = await teamsService.getUsersOfGroups( groupsData, config, this.keycloakConfig );
|
|
1894
1893
|
resolve( allUsers );
|
|
1895
1894
|
|
|
1896
1895
|
} catch ( er ) {
|
|
@@ -1927,7 +1926,7 @@ class KeycloakService extends Keycloak {
|
|
|
1927
1926
|
|
|
1928
1927
|
let token;
|
|
1929
1928
|
let groupsData = [];
|
|
1930
|
-
let URL = keycloakConfig[ "auth-server-url" ] + "realms/" + keycloakConfig.realm + "/protocol/openid-connect/token";
|
|
1929
|
+
let URL = this.keycloakConfig[ "auth-server-url" ] + "realms/" + this.keycloakConfig.realm + "/protocol/openid-connect/token";
|
|
1931
1930
|
|
|
1932
1931
|
let config = {
|
|
1933
1932
|
|
|
@@ -1939,11 +1938,11 @@ class KeycloakService extends Keycloak {
|
|
|
1939
1938
|
"Content-Type": "application/x-www-form-urlencoded",
|
|
1940
1939
|
},
|
|
1941
1940
|
data: {
|
|
1942
|
-
client_id: keycloakConfig.CLIENT_ID,
|
|
1943
|
-
username: keycloakConfig.USERNAME_ADMIN,
|
|
1944
|
-
password: keycloakConfig.PASSWORD_ADMIN,
|
|
1945
|
-
grant_type: keycloakConfig.GRANT_TYPE,
|
|
1946
|
-
client_secret: keycloakConfig.credentials.secret,
|
|
1941
|
+
client_id: this.keycloakConfig.CLIENT_ID,
|
|
1942
|
+
username: this.keycloakConfig.USERNAME_ADMIN,
|
|
1943
|
+
password: this.keycloakConfig.PASSWORD_ADMIN,
|
|
1944
|
+
grant_type: this.keycloakConfig.GRANT_TYPE,
|
|
1945
|
+
client_secret: this.keycloakConfig.credentials.secret,
|
|
1947
1946
|
},
|
|
1948
1947
|
|
|
1949
1948
|
};
|
|
@@ -1966,7 +1965,7 @@ class KeycloakService extends Keycloak {
|
|
|
1966
1965
|
|
|
1967
1966
|
let groupData = {};
|
|
1968
1967
|
|
|
1969
|
-
let URL2 = keycloakConfig[ "auth-server-url" ] + "admin/realms/" + keycloakConfig.realm + "/groups/" + groupIds[ i ] + "/";
|
|
1968
|
+
let URL2 = this.keycloakConfig[ "auth-server-url" ] + "admin/realms/" + this.keycloakConfig.realm + "/groups/" + groupIds[ i ] + "/";
|
|
1970
1969
|
config.url = URL2;
|
|
1971
1970
|
let groupInfo = await requestController.httpRequest( config, true );
|
|
1972
1971
|
|
|
@@ -1987,7 +1986,7 @@ class KeycloakService extends Keycloak {
|
|
|
1987
1986
|
|
|
1988
1987
|
for ( let j = 0; j < supervisorList.length; j++ ) {
|
|
1989
1988
|
|
|
1990
|
-
let URL3 = keycloakConfig[ "auth-server-url" ] + "admin/realms/" + keycloakConfig.realm + "/users?username=" + supervisorList[ j ] + "&exact=true";
|
|
1989
|
+
let URL3 = this.keycloakConfig[ "auth-server-url" ] + "admin/realms/" + this.keycloakConfig.realm + "/users?username=" + supervisorList[ j ] + "&exact=true";
|
|
1991
1990
|
config.url = URL3;
|
|
1992
1991
|
|
|
1993
1992
|
try {
|
|
@@ -2018,7 +2017,7 @@ class KeycloakService extends Keycloak {
|
|
|
2018
2017
|
}
|
|
2019
2018
|
}
|
|
2020
2019
|
|
|
2021
|
-
let URL4 = keycloakConfig[ "auth-server-url" ] + "admin/realms/" + keycloakConfig.realm + "/groups/" + groupIds[ i ] + "/members";
|
|
2020
|
+
let URL4 = this.keycloakConfig[ "auth-server-url" ] + "admin/realms/" + this.keycloakConfig.realm + "/groups/" + groupIds[ i ] + "/members";
|
|
2022
2021
|
config.url = URL4;
|
|
2023
2022
|
let users = await requestController.httpRequest( config, true );
|
|
2024
2023
|
|
|
@@ -2105,7 +2104,7 @@ class KeycloakService extends Keycloak {
|
|
|
2105
2104
|
try {
|
|
2106
2105
|
|
|
2107
2106
|
//Fetching admin token, we pass it in our "Create User" API for authorization
|
|
2108
|
-
let keycloakAuthToken = await this.getAccessToken( keycloakConfig[ "USERNAME_ADMIN" ], keycloakConfig[ "PASSWORD_ADMIN" ] );
|
|
2107
|
+
let keycloakAuthToken = await this.getAccessToken( this.keycloakConfig[ "USERNAME_ADMIN" ], this.keycloakConfig[ "PASSWORD_ADMIN" ] );
|
|
2109
2108
|
|
|
2110
2109
|
if ( keycloakAuthToken.access_token ) {
|
|
2111
2110
|
|
|
@@ -2130,7 +2129,7 @@ class KeycloakService extends Keycloak {
|
|
|
2130
2129
|
|
|
2131
2130
|
try {
|
|
2132
2131
|
|
|
2133
|
-
config.url = keycloakConfig[ "auth-server-url" ] + "admin/realms/" + keycloakConfig.realm + "/roles/" + keycloak_roles[ i ] + "/users?max=100000";
|
|
2132
|
+
config.url = this.keycloakConfig[ "auth-server-url" ] + "admin/realms/" + this.keycloakConfig.realm + "/roles/" + keycloak_roles[ i ] + "/users?max=100000";
|
|
2134
2133
|
let getUsersfromRoles = await requestController.httpRequest( config, true );
|
|
2135
2134
|
userObject = getUsersfromRoles.data;
|
|
2136
2135
|
|
|
@@ -2198,7 +2197,7 @@ class KeycloakService extends Keycloak {
|
|
|
2198
2197
|
|
|
2199
2198
|
return new Promise( async ( resolve, reject ) => {
|
|
2200
2199
|
|
|
2201
|
-
let URL = `${keycloakConfig[ "auth-server-url" ]}
|
|
2200
|
+
let URL = `${this.keycloakConfig[ "auth-server-url" ]}admin/realms/${this.keycloakConfig[ "realm" ]}/roles`;
|
|
2202
2201
|
|
|
2203
2202
|
let config = {
|
|
2204
2203
|
method: "get",
|
|
@@ -2231,7 +2230,7 @@ class KeycloakService extends Keycloak {
|
|
|
2231
2230
|
|
|
2232
2231
|
return new Promise( async ( resolve, reject ) => {
|
|
2233
2232
|
|
|
2234
|
-
let URL = `${keycloakConfig[ "auth-server-url" ]}
|
|
2233
|
+
let URL = `${this.keycloakConfig[ "auth-server-url" ]}admin/realms/${this.keycloakConfig[ "realm" ]}/users/${userId}/role-mappings/realm`;
|
|
2235
2234
|
|
|
2236
2235
|
let config = {
|
|
2237
2236
|
method: "post",
|
|
@@ -2265,7 +2264,7 @@ class KeycloakService extends Keycloak {
|
|
|
2265
2264
|
|
|
2266
2265
|
return new Promise( async ( resolve, reject ) => {
|
|
2267
2266
|
|
|
2268
|
-
let URL = `${keycloakConfig[ "auth-server-url" ]}
|
|
2267
|
+
let URL = `${this.keycloakConfig[ "auth-server-url" ]}admin/realms/${this.keycloakConfig[ "realm" ]}/users/${userId}/groups/`;
|
|
2269
2268
|
|
|
2270
2269
|
let config = {
|
|
2271
2270
|
method: "get",
|
|
@@ -2304,7 +2303,7 @@ class KeycloakService extends Keycloak {
|
|
|
2304
2303
|
|
|
2305
2304
|
for ( let name of groupNames ) {
|
|
2306
2305
|
|
|
2307
|
-
let URL = `${keycloakConfig[ "auth-server-url" ]}
|
|
2306
|
+
let URL = `${this.keycloakConfig[ "auth-server-url" ]}admin/realms/${this.keycloakConfig[ "realm" ]}/groups?search=${name}`;
|
|
2308
2307
|
|
|
2309
2308
|
let config = {
|
|
2310
2309
|
method: "get",
|
|
@@ -2359,7 +2358,7 @@ class KeycloakService extends Keycloak {
|
|
|
2359
2358
|
|
|
2360
2359
|
return new Promise( async ( resolve, reject ) => {
|
|
2361
2360
|
|
|
2362
|
-
let URL = `${keycloakConfig[ "auth-server-url" ]}
|
|
2361
|
+
let URL = `${this.keycloakConfig[ "auth-server-url" ]}admin/realms/${this.keycloakConfig[ "realm" ]}/groups/${groupId}/`;
|
|
2363
2362
|
|
|
2364
2363
|
let config = {
|
|
2365
2364
|
method: "get",
|
|
@@ -2407,13 +2406,13 @@ class KeycloakService extends Keycloak {
|
|
|
2407
2406
|
|
|
2408
2407
|
for ( let group of groups ) {
|
|
2409
2408
|
|
|
2410
|
-
let URL = `${keycloakConfig[ "auth-server-url" ]}
|
|
2409
|
+
let URL = `${this.keycloakConfig[ "auth-server-url" ]}admin/realms/${this.keycloakConfig[ "realm" ]}/users/${userId}/groups/${group.id}`;
|
|
2411
2410
|
config.url = URL;
|
|
2412
2411
|
|
|
2413
2412
|
if ( method == 'put' ) {
|
|
2414
2413
|
|
|
2415
2414
|
config.data = {
|
|
2416
|
-
realm: keycloakConfig[ "realm" ],
|
|
2415
|
+
realm: this.keycloakConfig[ "realm" ],
|
|
2417
2416
|
userId: userId,
|
|
2418
2417
|
groupId: group.id
|
|
2419
2418
|
}
|
|
@@ -2465,7 +2464,7 @@ class KeycloakService extends Keycloak {
|
|
|
2465
2464
|
|
|
2466
2465
|
let rolesArr = realmRoles.filter( role => roles.includes( role.name ) );
|
|
2467
2466
|
|
|
2468
|
-
let URL = `${keycloakConfig[ "auth-server-url" ]}
|
|
2467
|
+
let URL = `${this.keycloakConfig[ "auth-server-url" ]}admin/realms/${this.keycloakConfig[ "realm" ]}/users/${userId}/role-mappings/realm`;
|
|
2469
2468
|
|
|
2470
2469
|
|
|
2471
2470
|
let config = {
|
|
@@ -2500,7 +2499,7 @@ class KeycloakService extends Keycloak {
|
|
|
2500
2499
|
|
|
2501
2500
|
return new Promise( async ( resolve, reject ) => {
|
|
2502
2501
|
|
|
2503
|
-
let URL = `${keycloakConfig[ "auth-server-url" ]}
|
|
2502
|
+
let URL = `${this.keycloakConfig[ "auth-server-url" ]}admin/realms/${this.keycloakConfig[ "realm" ]}/groups`;
|
|
2504
2503
|
|
|
2505
2504
|
let data = {
|
|
2506
2505
|
name: groupName,
|
|
@@ -2568,14 +2567,14 @@ class KeycloakService extends Keycloak {
|
|
|
2568
2567
|
try {
|
|
2569
2568
|
|
|
2570
2569
|
//Fetching admin token, we pass it in our "Create User" API for authorization
|
|
2571
|
-
keycloakAdminToken = await this.getAccessToken( keycloakConfig[ "USERNAME_ADMIN" ], keycloakConfig[ "PASSWORD_ADMIN" ] );
|
|
2570
|
+
keycloakAdminToken = await this.getAccessToken( this.keycloakConfig[ "USERNAME_ADMIN" ], this.keycloakConfig[ "PASSWORD_ADMIN" ] );
|
|
2572
2571
|
|
|
2573
2572
|
try {
|
|
2574
2573
|
|
|
2575
2574
|
//Checking whether finesse password is updated or not. If updated, update it on keycloak as well without halting login process
|
|
2576
2575
|
await this.checkPasswordUpdate( keycloakAdminToken.access_token, finesseLoginResponse.data.username, password );
|
|
2577
2576
|
//Checking whether finesse user already exist in keycloak and fetch its token
|
|
2578
|
-
keycloakAuthToken = await this.getAccessToken( finesseLoginResponse.data.username, password, keycloakConfig[ "realm" ] );
|
|
2577
|
+
keycloakAuthToken = await this.getAccessToken( finesseLoginResponse.data.username, password, this.keycloakConfig[ "realm" ] );
|
|
2579
2578
|
authenticatedByKeycloak = true;
|
|
2580
2579
|
|
|
2581
2580
|
if ( !updateUserPromise ) {
|
|
@@ -2584,7 +2583,7 @@ class KeycloakService extends Keycloak {
|
|
|
2584
2583
|
.then( async ( updatedUser ) => {
|
|
2585
2584
|
|
|
2586
2585
|
//Calling the Introspect function twice so all the asynchronous operations inside updateUser function are done
|
|
2587
|
-
keycloakAuthToken = await this.getKeycloakTokenWithIntrospect( finesseLoginResponse.data.username, password, keycloakConfig[ "realm" ], 'CISCO' );
|
|
2586
|
+
keycloakAuthToken = await this.getKeycloakTokenWithIntrospect( finesseLoginResponse.data.username, password, this.keycloakConfig[ "realm" ], 'CISCO' );
|
|
2588
2587
|
} )
|
|
2589
2588
|
.catch( ( err ) => {
|
|
2590
2589
|
|
|
@@ -2655,7 +2654,7 @@ class KeycloakService extends Keycloak {
|
|
|
2655
2654
|
if ( userCreated.status == 201 ) {
|
|
2656
2655
|
|
|
2657
2656
|
//Returning the token of recently created User
|
|
2658
|
-
keycloakAuthToken = await this.getKeycloakTokenWithIntrospect( ( finesseLoginResponse.data.username ).toLowerCase(), password, keycloakConfig[ "realm" ], 'CISCO' );
|
|
2657
|
+
keycloakAuthToken = await this.getKeycloakTokenWithIntrospect( ( finesseLoginResponse.data.username ).toLowerCase(), password, this.keycloakConfig[ "realm" ], 'CISCO' );
|
|
2659
2658
|
}
|
|
2660
2659
|
|
|
2661
2660
|
} catch ( err ) {
|
|
@@ -2701,7 +2700,7 @@ class KeycloakService extends Keycloak {
|
|
|
2701
2700
|
|
|
2702
2701
|
return new Promise( async ( resolve, reject ) => {
|
|
2703
2702
|
|
|
2704
|
-
let URL = `${keycloakConfig[ "auth-server-url" ]}
|
|
2703
|
+
let URL = `${this.keycloakConfig[ "auth-server-url" ]}admin/realms/${this.keycloakConfig[ "realm" ]}/users`;
|
|
2705
2704
|
|
|
2706
2705
|
let data = {
|
|
2707
2706
|
|
|
@@ -2799,7 +2798,7 @@ class KeycloakService extends Keycloak {
|
|
|
2799
2798
|
let ciscoTeamId = userObject.group.id;
|
|
2800
2799
|
|
|
2801
2800
|
//Check whether team of Agent already exists in CX Core or not
|
|
2802
|
-
let URL1 = `${keycloakConfig[ "ef-server-url" ]}team?ids=${ciscoTeamId}`;
|
|
2801
|
+
let URL1 = `${this.keycloakConfig[ "ef-server-url" ]}team?ids=${ciscoTeamId}`;
|
|
2803
2802
|
|
|
2804
2803
|
let config1 = {
|
|
2805
2804
|
|
|
@@ -2835,7 +2834,7 @@ class KeycloakService extends Keycloak {
|
|
|
2835
2834
|
if ( getAgentCXTeam.data.length == 0 ) {
|
|
2836
2835
|
|
|
2837
2836
|
//Setting URL to Create CX team of Agent
|
|
2838
|
-
let URL2 = `${keycloakConfig[ "ef-server-url" ]}team`;
|
|
2837
|
+
let URL2 = `${this.keycloakConfig[ "ef-server-url" ]}team`;
|
|
2839
2838
|
|
|
2840
2839
|
let data = {
|
|
2841
2840
|
"team_Id": userObject.group.id,
|
|
@@ -2867,7 +2866,7 @@ class KeycloakService extends Keycloak {
|
|
|
2867
2866
|
}
|
|
2868
2867
|
|
|
2869
2868
|
//First send the newly created user to CX DB.
|
|
2870
|
-
let URL3 = `${keycloakConfig[ "ef-server-url" ]}users/`;
|
|
2869
|
+
let URL3 = `${this.keycloakConfig[ "ef-server-url" ]}users/`;
|
|
2871
2870
|
|
|
2872
2871
|
let data = {
|
|
2873
2872
|
"id": userId,
|
|
@@ -2896,7 +2895,7 @@ class KeycloakService extends Keycloak {
|
|
|
2896
2895
|
}
|
|
2897
2896
|
|
|
2898
2897
|
//Assign Agent to a team
|
|
2899
|
-
let URL4 = `${keycloakConfig[ "ef-server-url" ]}team/${userObject.group.id}/member`;
|
|
2898
|
+
let URL4 = `${this.keycloakConfig[ "ef-server-url" ]}team/${userObject.group.id}/member`;
|
|
2900
2899
|
|
|
2901
2900
|
data = {
|
|
2902
2901
|
"type": "agent",
|
|
@@ -2942,7 +2941,7 @@ class KeycloakService extends Keycloak {
|
|
|
2942
2941
|
let supervisorTeamId = supervisedGroup.id;
|
|
2943
2942
|
|
|
2944
2943
|
//Check whether team of Supervisor already exists in CX Core or not
|
|
2945
|
-
let URL5 = `${keycloakConfig[ "ef-server-url" ]}team?ids=${supervisorTeamId}`;
|
|
2944
|
+
let URL5 = `${this.keycloakConfig[ "ef-server-url" ]}team?ids=${supervisorTeamId}`;
|
|
2946
2945
|
|
|
2947
2946
|
config1.url = URL5;
|
|
2948
2947
|
|
|
@@ -2954,7 +2953,7 @@ class KeycloakService extends Keycloak {
|
|
|
2954
2953
|
if ( getSupervisorCXTeam.data.length == 0 ) {
|
|
2955
2954
|
|
|
2956
2955
|
//Creating or Updating Supervisor team in CX Core.
|
|
2957
|
-
let URL6 = `${keycloakConfig[ "ef-server-url" ]}team`;
|
|
2956
|
+
let URL6 = `${this.keycloakConfig[ "ef-server-url" ]}team`;
|
|
2958
2957
|
|
|
2959
2958
|
let data = {
|
|
2960
2959
|
"team_Id": supervisorTeamId,
|
|
@@ -2992,7 +2991,7 @@ class KeycloakService extends Keycloak {
|
|
|
2992
2991
|
if ( getSupervisorCXTeam.data[ 0 ].supervisor_Id != null ) {
|
|
2993
2992
|
|
|
2994
2993
|
//Assign Secondary Supervisor to a team
|
|
2995
|
-
let URL7 = `${keycloakConfig[ "ef-server-url" ]}team/${supervisorTeamId}/member`;
|
|
2994
|
+
let URL7 = `${this.keycloakConfig[ "ef-server-url" ]}team/${supervisorTeamId}/member`;
|
|
2996
2995
|
|
|
2997
2996
|
data = {
|
|
2998
2997
|
"type": "secondary-supervisor",
|
|
@@ -3024,7 +3023,7 @@ class KeycloakService extends Keycloak {
|
|
|
3024
3023
|
} else {
|
|
3025
3024
|
|
|
3026
3025
|
//Check whether team of Supervisor already exists in CX Core or not
|
|
3027
|
-
let URL8 = `${keycloakConfig[ "ef-server-url" ]}team/${supervisorTeamId}`;
|
|
3026
|
+
let URL8 = `${this.keycloakConfig[ "ef-server-url" ]}team/${supervisorTeamId}`;
|
|
3028
3027
|
|
|
3029
3028
|
let data = {
|
|
3030
3029
|
"team_name": getSupervisorCXTeam.data[ 0 ].team_name,
|
|
@@ -3133,7 +3132,7 @@ class KeycloakService extends Keycloak {
|
|
|
3133
3132
|
}
|
|
3134
3133
|
|
|
3135
3134
|
//get user attributes to check its user_name and extension
|
|
3136
|
-
let URL = `${keycloakConfig[ "auth-server-url" ]}${keycloakConfig[ "USERNAME_ADMIN" ]}/realms/${keycloakConfig[ "realm" ]}/users/${keyObj.id}`;
|
|
3135
|
+
let URL = `${this.keycloakConfig[ "auth-server-url" ]}${this.keycloakConfig[ "USERNAME_ADMIN" ]}/realms/${this.keycloakConfig[ "realm" ]}/users/${keyObj.id}`;
|
|
3137
3136
|
|
|
3138
3137
|
let config = {
|
|
3139
3138
|
|
|
@@ -3185,7 +3184,7 @@ class KeycloakService extends Keycloak {
|
|
|
3185
3184
|
if ( Object.keys( data ).length > 0 ) {
|
|
3186
3185
|
|
|
3187
3186
|
|
|
3188
|
-
let URL1 = `${keycloakConfig[ "auth-server-url" ]}${keycloakConfig[ "USERNAME_ADMIN" ]}/realms/${keycloakConfig[ "realm" ]}/users/${keyObj.id}`;
|
|
3187
|
+
let URL1 = `${this.keycloakConfig[ "auth-server-url" ]}${this.keycloakConfig[ "USERNAME_ADMIN" ]}/realms/${this.keycloakConfig[ "realm" ]}/users/${keyObj.id}`;
|
|
3189
3188
|
|
|
3190
3189
|
config.url = URL1;
|
|
3191
3190
|
config.method = 'put';
|
|
@@ -3297,7 +3296,7 @@ class KeycloakService extends Keycloak {
|
|
|
3297
3296
|
};
|
|
3298
3297
|
|
|
3299
3298
|
//User Groups
|
|
3300
|
-
let URL2 = keycloakConfig[ "ef-server-url" ] + "team/user/" + userId;
|
|
3299
|
+
let URL2 = this.keycloakConfig[ "ef-server-url" ] + "team/user/" + userId;
|
|
3301
3300
|
config1.url = URL2;
|
|
3302
3301
|
|
|
3303
3302
|
let config2 = {
|
|
@@ -3344,7 +3343,7 @@ class KeycloakService extends Keycloak {
|
|
|
3344
3343
|
|
|
3345
3344
|
//We have to both add agent to a team corresponding to Finesse and remove it from CX team.
|
|
3346
3345
|
//Removing agent from CX team first
|
|
3347
|
-
let URL3 = `${keycloakConfig[ "ef-server-url" ]}team/${userTeam.teamId}/member?type=agent&usernames=${finObj.username.toLowerCase()}`;
|
|
3346
|
+
let URL3 = `${this.keycloakConfig[ "ef-server-url" ]}team/${userTeam.teamId}/member?type=agent&usernames=${finObj.username.toLowerCase()}`;
|
|
3348
3347
|
|
|
3349
3348
|
config1.method = 'delete';
|
|
3350
3349
|
config1.url = URL3;
|
|
@@ -3365,7 +3364,7 @@ class KeycloakService extends Keycloak {
|
|
|
3365
3364
|
}
|
|
3366
3365
|
|
|
3367
3366
|
//Check whether team of Agent already exists in CX Core or not
|
|
3368
|
-
let URL4 = `${keycloakConfig[ "ef-server-url" ]}team?ids=${finObj.group.id}`;
|
|
3367
|
+
let URL4 = `${this.keycloakConfig[ "ef-server-url" ]}team?ids=${finObj.group.id}`;
|
|
3369
3368
|
|
|
3370
3369
|
config1.method = 'get';
|
|
3371
3370
|
config1.url = URL4;
|
|
@@ -3381,7 +3380,7 @@ class KeycloakService extends Keycloak {
|
|
|
3381
3380
|
if ( getAgentCXTeam.data.length == 0 ) {
|
|
3382
3381
|
|
|
3383
3382
|
//Setting URL to Create CX team of Agent
|
|
3384
|
-
let URL5 = `${keycloakConfig[ "ef-server-url" ]}team`;
|
|
3383
|
+
let URL5 = `${this.keycloakConfig[ "ef-server-url" ]}team`;
|
|
3385
3384
|
|
|
3386
3385
|
let data = {
|
|
3387
3386
|
"team_Id": finObj.group.id,
|
|
@@ -3413,7 +3412,7 @@ class KeycloakService extends Keycloak {
|
|
|
3413
3412
|
}
|
|
3414
3413
|
|
|
3415
3414
|
//Assign Agent to a team
|
|
3416
|
-
let URL6 = `${keycloakConfig[ "ef-server-url" ]}team/${finObj.group.id}/member`;
|
|
3415
|
+
let URL6 = `${this.keycloakConfig[ "ef-server-url" ]}team/${finObj.group.id}/member`;
|
|
3417
3416
|
|
|
3418
3417
|
data = {
|
|
3419
3418
|
"type": "agent",
|
|
@@ -3461,7 +3460,7 @@ class KeycloakService extends Keycloak {
|
|
|
3461
3460
|
if ( supervisedTeam.type === 'secondary supervisor' ) {
|
|
3462
3461
|
|
|
3463
3462
|
//Removing user from Secondary Supervisor in CX Core
|
|
3464
|
-
let URL13 = `${keycloakConfig[ "ef-server-url" ]}team/${supervisedTeam.teamId}/member?type=secondary-supervisor&usernames=${finObj.username.toLowerCase()}`;
|
|
3463
|
+
let URL13 = `${this.keycloakConfig[ "ef-server-url" ]}team/${supervisedTeam.teamId}/member?type=secondary-supervisor&usernames=${finObj.username.toLowerCase()}`;
|
|
3465
3464
|
|
|
3466
3465
|
config2.method = 'delete';
|
|
3467
3466
|
config2.url = URL13;
|
|
@@ -3486,7 +3485,7 @@ class KeycloakService extends Keycloak {
|
|
|
3486
3485
|
} else {
|
|
3487
3486
|
|
|
3488
3487
|
//Removing user from Supervising team in CX Core or not
|
|
3489
|
-
let URL7 = `${keycloakConfig[ "ef-server-url" ]}team/${supervisedTeam.teamId}`;
|
|
3488
|
+
let URL7 = `${this.keycloakConfig[ "ef-server-url" ]}team/${supervisedTeam.teamId}`;
|
|
3490
3489
|
|
|
3491
3490
|
let data = {
|
|
3492
3491
|
"team_name": supervisedTeam.teamName,
|
|
@@ -3538,7 +3537,7 @@ class KeycloakService extends Keycloak {
|
|
|
3538
3537
|
let supervisorTeamId = teamToAdd.id;
|
|
3539
3538
|
|
|
3540
3539
|
//Check whether team of Supervisor already exists in CX Core or not
|
|
3541
|
-
let URL8 = `${keycloakConfig[ "ef-server-url" ]}team?ids=${supervisorTeamId}`;
|
|
3540
|
+
let URL8 = `${this.keycloakConfig[ "ef-server-url" ]}team?ids=${supervisorTeamId}`;
|
|
3542
3541
|
|
|
3543
3542
|
config1.url = URL8;
|
|
3544
3543
|
|
|
@@ -3550,7 +3549,7 @@ class KeycloakService extends Keycloak {
|
|
|
3550
3549
|
if ( getSupervisorCXTeam.data.length == 0 ) {
|
|
3551
3550
|
|
|
3552
3551
|
//Creating or Updating Supervisor team in CX Core.
|
|
3553
|
-
let URL9 = `${keycloakConfig[ "ef-server-url" ]}team`;
|
|
3552
|
+
let URL9 = `${this.keycloakConfig[ "ef-server-url" ]}team`;
|
|
3554
3553
|
|
|
3555
3554
|
let data = {
|
|
3556
3555
|
"team_Id": supervisorTeamId,
|
|
@@ -3586,7 +3585,7 @@ class KeycloakService extends Keycloak {
|
|
|
3586
3585
|
if ( getSupervisorCXTeam.data[ 0 ].supervisor_Id != null ) {
|
|
3587
3586
|
|
|
3588
3587
|
//Assign Agent to a team
|
|
3589
|
-
let URL10 = `${keycloakConfig[ "ef-server-url" ]}team/${supervisorTeamId}/member`;
|
|
3588
|
+
let URL10 = `${this.keycloakConfig[ "ef-server-url" ]}team/${supervisorTeamId}/member`;
|
|
3590
3589
|
|
|
3591
3590
|
data = {
|
|
3592
3591
|
"type": "secondary-supervisor",
|
|
@@ -3616,7 +3615,7 @@ class KeycloakService extends Keycloak {
|
|
|
3616
3615
|
} else {
|
|
3617
3616
|
|
|
3618
3617
|
//Adding current user as Supervisor to team
|
|
3619
|
-
let URL11 = `${keycloakConfig[ "ef-server-url" ]}team/${supervisorTeamId}`;
|
|
3618
|
+
let URL11 = `${this.keycloakConfig[ "ef-server-url" ]}team/${supervisorTeamId}`;
|
|
3620
3619
|
|
|
3621
3620
|
let data = {
|
|
3622
3621
|
"team_name": getSupervisorCXTeam.data[ 0 ].team_name,
|
|
@@ -3678,7 +3677,7 @@ class KeycloakService extends Keycloak {
|
|
|
3678
3677
|
if ( supervisedTeam.type === 'secondary supervisor' ) {
|
|
3679
3678
|
|
|
3680
3679
|
//Removing user from Secondary Supervisor in CX Core
|
|
3681
|
-
let URL11 = `${keycloakConfig[ "ef-server-url" ]}team/${supervisedTeam.teamId}/member?type=secondary-supervisor&usernames=${finObj.username.toLowerCase()}`;
|
|
3680
|
+
let URL11 = `${this.keycloakConfig[ "ef-server-url" ]}team/${supervisedTeam.teamId}/member?type=secondary-supervisor&usernames=${finObj.username.toLowerCase()}`;
|
|
3682
3681
|
|
|
3683
3682
|
config2.method = 'delete';
|
|
3684
3683
|
config2.url = URL11;
|
|
@@ -3703,7 +3702,7 @@ class KeycloakService extends Keycloak {
|
|
|
3703
3702
|
} else {
|
|
3704
3703
|
|
|
3705
3704
|
//Removing user from Supervising team in CX Core
|
|
3706
|
-
let URL12 = `${keycloakConfig[ "ef-server-url" ]}team/${supervisedTeam.teamId}`;
|
|
3705
|
+
let URL12 = `${this.keycloakConfig[ "ef-server-url" ]}team/${supervisedTeam.teamId}`;
|
|
3707
3706
|
|
|
3708
3707
|
let data = {
|
|
3709
3708
|
"team_name": supervisedTeam.teamName,
|
|
@@ -3777,8 +3776,8 @@ class KeycloakService extends Keycloak {
|
|
|
3777
3776
|
|
|
3778
3777
|
try {
|
|
3779
3778
|
|
|
3780
|
-
let adminToken = await this.getAccessToken( keycloakConfig[ "USERNAME_ADMIN" ], keycloakConfig[ "PASSWORD_ADMIN" ] );
|
|
3781
|
-
let cxTeams = await ciscoSyncService.syncCiscoData( finesseAdministratorUsername, finesseAdministratorPassword, finesseURL, keycloakConfig, adminToken.access_token );
|
|
3779
|
+
let adminToken = await this.getAccessToken( this.keycloakConfig[ "USERNAME_ADMIN" ], this.keycloakConfig[ "PASSWORD_ADMIN" ] );
|
|
3780
|
+
let cxTeams = await ciscoSyncService.syncCiscoData( finesseAdministratorUsername, finesseAdministratorPassword, finesseURL, this.keycloakConfig, adminToken.access_token );
|
|
3782
3781
|
|
|
3783
3782
|
resolve( cxTeams );
|
|
3784
3783
|
|
|
@@ -3832,9 +3831,9 @@ class KeycloakService extends Keycloak {
|
|
|
3832
3831
|
let responseObject;
|
|
3833
3832
|
user_name = ( user_name ).toLowerCase();
|
|
3834
3833
|
|
|
3835
|
-
let URL = keycloakConfig[ "auth-server-url" ] + "realms/" + keycloakConfig[ "realm" ] + "/protocol/openid-connect/token";
|
|
3834
|
+
let URL = this.keycloakConfig[ "auth-server-url" ] + "realms/" + this.keycloakConfig[ "realm" ] + "/protocol/openid-connect/token";
|
|
3836
3835
|
|
|
3837
|
-
//keycloakConfig["auth-server-url"] +'realms
|
|
3836
|
+
//this.keycloakConfig["auth-server-url"] +'realms
|
|
3838
3837
|
let config = {
|
|
3839
3838
|
|
|
3840
3839
|
method: "post",
|
|
@@ -3846,10 +3845,10 @@ class KeycloakService extends Keycloak {
|
|
|
3846
3845
|
},
|
|
3847
3846
|
data: {
|
|
3848
3847
|
username: user_name,
|
|
3849
|
-
password: keycloakConfig[ "SYNC_AGENT_PASSWORD" ],
|
|
3850
|
-
client_id: keycloakConfig.CLIENT_ID,
|
|
3851
|
-
client_secret: keycloakConfig.credentials.secret,
|
|
3852
|
-
grant_type: keycloakConfig.GRANT_TYPE,
|
|
3848
|
+
password: this.keycloakConfig[ "SYNC_AGENT_PASSWORD" ],
|
|
3849
|
+
client_id: this.keycloakConfig.CLIENT_ID,
|
|
3850
|
+
client_secret: this.keycloakConfig.credentials.secret,
|
|
3851
|
+
grant_type: this.keycloakConfig.GRANT_TYPE,
|
|
3853
3852
|
},
|
|
3854
3853
|
|
|
3855
3854
|
};
|
|
@@ -3880,11 +3879,11 @@ class KeycloakService extends Keycloak {
|
|
|
3880
3879
|
try {
|
|
3881
3880
|
|
|
3882
3881
|
let config1 = { ...config };
|
|
3883
|
-
config1.data.username = keycloakConfig.USERNAME_ADMIN;
|
|
3884
|
-
config1.data.password = keycloakConfig.PASSWORD_ADMIN;
|
|
3882
|
+
config1.data.username = this.keycloakConfig.USERNAME_ADMIN;
|
|
3883
|
+
config1.data.password = this.keycloakConfig.PASSWORD_ADMIN;
|
|
3885
3884
|
delete config1.data.token;
|
|
3886
3885
|
|
|
3887
|
-
config1.url = keycloakConfig[ "auth-server-url" ] + "realms/" + keycloakConfig[ "realm" ] + "/protocol/openid-connect/token";
|
|
3886
|
+
config1.url = this.keycloakConfig[ "auth-server-url" ] + "realms/" + this.keycloakConfig[ "realm" ] + "/protocol/openid-connect/token";
|
|
3888
3887
|
|
|
3889
3888
|
let adminTokenResponse = await requestController.httpRequest( config1, true );
|
|
3890
3889
|
|
|
@@ -3896,7 +3895,7 @@ class KeycloakService extends Keycloak {
|
|
|
3896
3895
|
|
|
3897
3896
|
config1.headers.Authorization = "Bearer " + admin_token;
|
|
3898
3897
|
config1.method = "get";
|
|
3899
|
-
config1.url = keycloakConfig[ "auth-server-url" ] + "admin/realms/" + keycloakConfig[ "realm" ] + "/users?username=" + user_name + "&exact=true";
|
|
3898
|
+
config1.url = this.keycloakConfig[ "auth-server-url" ] + "admin/realms/" + this.keycloakConfig[ "realm" ] + "/users?username=" + user_name + "&exact=true";
|
|
3900
3899
|
delete config1.data;
|
|
3901
3900
|
|
|
3902
3901
|
let getuserDetails = await requestController.httpRequest( config1, true );
|
|
@@ -3910,7 +3909,7 @@ class KeycloakService extends Keycloak {
|
|
|
3910
3909
|
lastName: getuserDetails?.data[ 0 ]?.lastName ? getuserDetails?.data[ 0 ]?.lastName : "",
|
|
3911
3910
|
username: getuserDetails?.data[ 0 ]?.username,
|
|
3912
3911
|
roles: ( 'realm_access' in intro_token_response?.data && 'roles' in intro_token_response?.data?.realm_access ) ? intro_token_response?.data?.realm_access?.roles : [],
|
|
3913
|
-
realm: keycloakConfig[ "realm" ]
|
|
3912
|
+
realm: this.keycloakConfig[ "realm" ]
|
|
3914
3913
|
};
|
|
3915
3914
|
|
|
3916
3915
|
//Adding user custom attribute to our token object data.
|
|
@@ -4001,16 +4000,16 @@ class KeycloakService extends Keycloak {
|
|
|
4001
4000
|
},
|
|
4002
4001
|
data: {
|
|
4003
4002
|
username: user_name,
|
|
4004
|
-
password: keycloakConfig[ "SYNC_AGENT_PASSWORD" ],
|
|
4005
|
-
client_id: keycloakConfig.CLIENT_ID,
|
|
4006
|
-
client_secret: keycloakConfig.credentials.secret,
|
|
4007
|
-
grant_type: keycloakConfig.GRANT_TYPE,
|
|
4003
|
+
password: this.keycloakConfig[ "SYNC_AGENT_PASSWORD" ],
|
|
4004
|
+
client_id: this.keycloakConfig.CLIENT_ID,
|
|
4005
|
+
client_secret: this.keycloakConfig.credentials.secret,
|
|
4006
|
+
grant_type: this.keycloakConfig.GRANT_TYPE,
|
|
4008
4007
|
},
|
|
4009
4008
|
|
|
4010
4009
|
};
|
|
4011
4010
|
|
|
4012
4011
|
config.data.grant_type = "urn:ietf:params:oauth:grant-type:uma-ticket";
|
|
4013
|
-
config.data.audience = keycloakConfig.CLIENT_ID;
|
|
4012
|
+
config.data.audience = this.keycloakConfig.CLIENT_ID;
|
|
4014
4013
|
config.headers.Authorization = "Bearer " + token;
|
|
4015
4014
|
|
|
4016
4015
|
// T.O.K.E.N R.E.Q.U.E.S.T # 2 (A.C.C.E.S.S T.O.K.E.N W.I.T.H P.E.R.M.I.S.S.I.O.N.S)
|
|
@@ -4023,7 +4022,7 @@ class KeycloakService extends Keycloak {
|
|
|
4023
4022
|
refresh_token = rptResponse.data.refresh_token;
|
|
4024
4023
|
|
|
4025
4024
|
let userToken = token;
|
|
4026
|
-
config.data.grant_type = keycloakConfig.GRANT_TYPE;
|
|
4025
|
+
config.data.grant_type = this.keycloakConfig.GRANT_TYPE;
|
|
4027
4026
|
config.data.token = token;
|
|
4028
4027
|
URL = URL + "/introspect";
|
|
4029
4028
|
config.url = URL;
|
|
@@ -4118,7 +4117,7 @@ class KeycloakService extends Keycloak {
|
|
|
4118
4117
|
return new Promise( async ( resolve, reject ) => {
|
|
4119
4118
|
|
|
4120
4119
|
let passwordUpdate = false;
|
|
4121
|
-
let URL = keycloakConfig[ "auth-server-url" ] + "admin/realms/" + keycloakConfig[ "realm" ] + "/users?search=" + userName + "&briefRepresentation=false&exact=true"
|
|
4120
|
+
let URL = this.keycloakConfig[ "auth-server-url" ] + "admin/realms/" + this.keycloakConfig[ "realm" ] + "/users?search=" + userName + "&briefRepresentation=false&exact=true"
|
|
4122
4121
|
|
|
4123
4122
|
let config = {
|
|
4124
4123
|
method: "get",
|
|
@@ -4174,7 +4173,7 @@ class KeycloakService extends Keycloak {
|
|
|
4174
4173
|
let userId = userResponse.data[ 0 ].id;
|
|
4175
4174
|
|
|
4176
4175
|
//API URL used to update the password.
|
|
4177
|
-
let URL2 = keycloakConfig[ "auth-server-url" ] + "admin/realms/" + keycloakConfig[ "realm" ] + "/users/" + userId + "/reset-password"
|
|
4176
|
+
let URL2 = this.keycloakConfig[ "auth-server-url" ] + "admin/realms/" + this.keycloakConfig[ "realm" ] + "/users/" + userId + "/reset-password"
|
|
4178
4177
|
|
|
4179
4178
|
let data = {
|
|
4180
4179
|
"temporary": false,
|
|
@@ -4235,7 +4234,7 @@ class KeycloakService extends Keycloak {
|
|
|
4235
4234
|
async generateAccessTokenFromRefreshToken( refreshToken ) {
|
|
4236
4235
|
return new Promise( async ( resolve, reject ) => {
|
|
4237
4236
|
let accessToken;
|
|
4238
|
-
let URL = keycloakConfig[ "auth-server-url" ] + "realms/" + keycloakConfig.realm + "/protocol/openid-connect/token";
|
|
4237
|
+
let URL = this.keycloakConfig[ "auth-server-url" ] + "realms/" + this.keycloakConfig.realm + "/protocol/openid-connect/token";
|
|
4239
4238
|
|
|
4240
4239
|
let config = {
|
|
4241
4240
|
method: "post",
|
|
@@ -4244,8 +4243,8 @@ class KeycloakService extends Keycloak {
|
|
|
4244
4243
|
"Content-Type": "application/x-www-form-urlencoded",
|
|
4245
4244
|
},
|
|
4246
4245
|
data: {
|
|
4247
|
-
client_id: keycloakConfig.CLIENT_ID,
|
|
4248
|
-
client_secret: keycloakConfig.credentials.secret,
|
|
4246
|
+
client_id: this.keycloakConfig.CLIENT_ID,
|
|
4247
|
+
client_secret: this.keycloakConfig.credentials.secret,
|
|
4249
4248
|
grant_type: "refresh_token",
|
|
4250
4249
|
refresh_token: refreshToken,
|
|
4251
4250
|
},
|
|
@@ -4276,12 +4275,322 @@ class KeycloakService extends Keycloak {
|
|
|
4276
4275
|
} );
|
|
4277
4276
|
}
|
|
4278
4277
|
|
|
4278
|
+
// !-------------- Multitenancy -----------------!
|
|
4279
|
+
|
|
4280
|
+
async createRealmAsTenant( tenantName, realmDataString, authzConfigDataString ) {
|
|
4281
|
+
|
|
4282
|
+
return new Promise( async ( resolve, reject ) => {
|
|
4283
|
+
|
|
4284
|
+
let realmData;
|
|
4285
|
+
let authzConfigData;
|
|
4286
|
+
|
|
4287
|
+
|
|
4288
|
+
try {
|
|
4289
|
+
|
|
4290
|
+
realmData = JSON.parse( realmDataString );
|
|
4291
|
+
|
|
4292
|
+
} catch ( parseError ) {
|
|
4293
|
+
|
|
4294
|
+
if ( parseError instanceof SyntaxError ) {
|
|
4295
|
+
|
|
4296
|
+
reject( {
|
|
4297
|
+
"error_message": "Error occurred while parsing Realm file during Tenant creation process.",
|
|
4298
|
+
"error_detail": {
|
|
4299
|
+
"status": 400,
|
|
4300
|
+
"reason": `Invalid JSON in realm configuration file: ${parseError.message} `
|
|
4301
|
+
}
|
|
4302
|
+
} );
|
|
4303
|
+
}
|
|
4304
|
+
|
|
4305
|
+
reject( {
|
|
4306
|
+
"error_message": "Error occurred while parsing Realm file during Tenant creation process.",
|
|
4307
|
+
"error_detail": {
|
|
4308
|
+
"status": 500,
|
|
4309
|
+
"reason": `Error parsing realm configuration file: ${parseError.message}`
|
|
4310
|
+
}
|
|
4311
|
+
} );
|
|
4312
|
+
}
|
|
4313
|
+
|
|
4314
|
+
if ( Object.keys( realmData ).length < 1 ) {
|
|
4315
|
+
|
|
4316
|
+
reject( {
|
|
4317
|
+
errorStatus: 400,
|
|
4318
|
+
errorMessage: `Received no realm data to import while creating tenant. Please send the correct realm data from realm file`
|
|
4319
|
+
} );
|
|
4320
|
+
}
|
|
4321
|
+
|
|
4322
|
+
let realmImportSuccessful = false;
|
|
4323
|
+
let mainMessage = "";
|
|
4324
|
+
|
|
4325
|
+
let accessToken;
|
|
4326
|
+
let URL = this.keycloakConfig[ "auth-server-url" ] + "realms/master/protocol/openid-connect/token";
|
|
4327
|
+
|
|
4328
|
+
let config = {
|
|
4329
|
+
method: "post",
|
|
4330
|
+
url: URL,
|
|
4331
|
+
headers: {
|
|
4332
|
+
"Content-Type": "application/x-www-form-urlencoded",
|
|
4333
|
+
},
|
|
4334
|
+
data: {
|
|
4335
|
+
client_id: "admin-cli",
|
|
4336
|
+
grant_type: "password",
|
|
4337
|
+
username: this.keycloakConfig[ "MASTER_USERNAME" ],
|
|
4338
|
+
password: this.keycloakConfig[ "MASTER_PASSWORD" ]
|
|
4339
|
+
},
|
|
4340
|
+
};
|
|
4341
|
+
|
|
4342
|
+
try {
|
|
4343
|
+
|
|
4344
|
+
let adminAccessToken = await requestController.httpRequest( config, true );
|
|
4345
|
+
|
|
4346
|
+
accessToken = adminAccessToken.data.access_token;
|
|
4347
|
+
|
|
4348
|
+
let createRealmUrl = this.keycloakConfig[ "auth-server-url" ] + 'admin/realms';
|
|
4349
|
+
|
|
4350
|
+
// 1. Read the realm configuration JSON file
|
|
4351
|
+
console.log( `Reading realm configuration from provided realm data.` );
|
|
4352
|
+
|
|
4353
|
+
realmData.id = tenantName;
|
|
4354
|
+
realmData.realm = tenantName;
|
|
4355
|
+
|
|
4356
|
+
|
|
4357
|
+
let config1 = {
|
|
4358
|
+
|
|
4359
|
+
method: "post",
|
|
4360
|
+
url: createRealmUrl,
|
|
4361
|
+
headers: {
|
|
4362
|
+
"Content-Type": "application/json",
|
|
4363
|
+
"Authorization": `Bearer ${accessToken}`
|
|
4364
|
+
},
|
|
4365
|
+
data: realmData
|
|
4366
|
+
};
|
|
4367
|
+
|
|
4368
|
+
console.log( realmData );
|
|
4369
|
+
|
|
4370
|
+
try {
|
|
4371
|
+
|
|
4372
|
+
let realmCreation = await requestController.httpRequest( config1, false );
|
|
4373
|
+
|
|
4374
|
+
if ( realmCreation.status === 201 ) {
|
|
4375
|
+
|
|
4376
|
+
realmImportSuccessful = true;
|
|
4377
|
+
mainMessage = `Realm '${tenantName}' imported successfully!\n`;
|
|
4378
|
+
|
|
4379
|
+
}
|
|
4380
|
+
|
|
4381
|
+
console.log( mainMessage );
|
|
4382
|
+
|
|
4383
|
+
// --- Authorization Settings Import (if applicable) ---
|
|
4384
|
+
if ( realmImportSuccessful && authzConfigDataString ) {
|
|
4385
|
+
|
|
4386
|
+
let targetClientIdForAuthz = 'cim';
|
|
4387
|
+
|
|
4388
|
+
console.log( `Proceeding to import authorization settings for client '${targetClientIdForAuthz}' in realm '${tenantName}'.` );
|
|
4389
|
+
let clientUuid = '';
|
|
4390
|
+
|
|
4391
|
+
try {
|
|
4392
|
+
|
|
4393
|
+
// 4. Get the internal UUID of the target client
|
|
4394
|
+
console.log( `Fetching UUID for client '${targetClientIdForAuthz}' in realm '${tenantName}'...` );
|
|
4395
|
+
const getClientUrl = `${this.keycloakConfig[ "auth-server-url" ]}admin/realms/${tenantName}/clients`;
|
|
4396
|
+
|
|
4397
|
+
let config2 = {
|
|
4398
|
+
|
|
4399
|
+
method: "get",
|
|
4400
|
+
url: getClientUrl,
|
|
4401
|
+
headers: {
|
|
4402
|
+
"Content-Type": "application/json",
|
|
4403
|
+
"Authorization": `Bearer ${accessToken}`
|
|
4404
|
+
},
|
|
4405
|
+
params: {
|
|
4406
|
+
clientId: targetClientIdForAuthz,
|
|
4407
|
+
search: true
|
|
4408
|
+
}
|
|
4409
|
+
};
|
|
4410
|
+
|
|
4411
|
+
const clientSearchResponse = await requestController.httpRequest( config2, false );
|
|
4412
|
+
|
|
4413
|
+
if ( clientSearchResponse.data && clientSearchResponse.data.length > 0 ) {
|
|
4414
|
+
|
|
4415
|
+
// Filter to be sure, as Keycloak might return multiple if clientId is a substring without exact match flag
|
|
4416
|
+
const foundClient = clientSearchResponse?.data?.find( client => client?.clientId === targetClientIdForAuthz );
|
|
4417
|
+
|
|
4418
|
+
if ( foundClient ) {
|
|
4419
|
+
|
|
4420
|
+
clientUuid = foundClient.id;
|
|
4421
|
+
console.log( `Found client UUID: ${clientUuid}` );
|
|
4422
|
+
} else {
|
|
4423
|
+
|
|
4424
|
+
throw new Error( `Client with clientId '${targetClientIdForAuthz}' not found in realm '${tenantName}' after filtering.` );
|
|
4425
|
+
}
|
|
4426
|
+
} else {
|
|
4427
|
+
throw new Error( `Client with clientId '${targetClientIdForAuthz}' not found in realm '${tenantName}'. Response: ${JSON.stringify( clientSearchResponse.data )}` );
|
|
4428
|
+
}
|
|
4429
|
+
|
|
4430
|
+
|
|
4431
|
+
// 6. Make the API call to Keycloak to import/update authorization settings
|
|
4432
|
+
console.log( `Importing authorization settings for client UUID '${clientUuid}'...` );
|
|
4433
|
+
|
|
4434
|
+
try {
|
|
4435
|
+
|
|
4436
|
+
authzConfigData = JSON.parse( authzConfigDataString );
|
|
4437
|
+
|
|
4438
|
+
} catch ( parseError ) {
|
|
4439
|
+
|
|
4440
|
+
if ( parseError instanceof SyntaxError ) {
|
|
4441
|
+
|
|
4442
|
+
reject( {
|
|
4443
|
+
"error_message": `Error occurred while parsing Authz file while importing Permissions/Policies in ${targetClientIdForAuthz} during Tenant creation process.`,
|
|
4444
|
+
"error_detail": {
|
|
4445
|
+
"status": 400,
|
|
4446
|
+
"reason": `Invalid JSON in authz configuration file: ${parseError.message} `
|
|
4447
|
+
}
|
|
4448
|
+
} );
|
|
4449
|
+
}
|
|
4450
|
+
|
|
4451
|
+
reject( {
|
|
4452
|
+
"error_message": `Error occurred while parsing Authz file while importing Permissions/Policies in ${targetClientIdForAuthz} during Tenant creation process.`,
|
|
4453
|
+
"error_detail": {
|
|
4454
|
+
"status": 500,
|
|
4455
|
+
"reason": `Error parsing JSON in authz configuration file: ${parseError.message}`
|
|
4456
|
+
}
|
|
4457
|
+
} );
|
|
4458
|
+
}
|
|
4459
|
+
|
|
4460
|
+
if ( Object.keys( authzConfigData ).length < 1 ) {
|
|
4461
|
+
|
|
4462
|
+
reject( {
|
|
4463
|
+
errorStatus: 400,
|
|
4464
|
+
errorMessage: `Received no authorization data to import while creating tenant. Please send the correct authorization data from authz file`
|
|
4465
|
+
} );
|
|
4466
|
+
}
|
|
4467
|
+
|
|
4468
|
+
const importAuthzUrl = `${this.keycloakConfig[ "auth-server-url" ]}admin/realms/${tenantName}/clients/${clientUuid}/authz/resource-server/import`;
|
|
4469
|
+
|
|
4470
|
+
let config3 = {
|
|
4471
|
+
|
|
4472
|
+
method: "post",
|
|
4473
|
+
url: importAuthzUrl,
|
|
4474
|
+
headers: {
|
|
4475
|
+
"Content-Type": "application/json",
|
|
4476
|
+
"Authorization": `Bearer ${accessToken}`
|
|
4477
|
+
},
|
|
4478
|
+
data: authzConfigData
|
|
4479
|
+
};
|
|
4480
|
+
|
|
4481
|
+
const authzResponse = await requestController.httpRequest( config3, false );
|
|
4482
|
+
|
|
4483
|
+
try {
|
|
4484
|
+
|
|
4485
|
+
// Keycloak typically returns 204 No Content for successful PUT on authz settings
|
|
4486
|
+
if ( authzResponse.status === 204 || authzResponse.status === 200 || authzResponse.status === 201 ) {
|
|
4487
|
+
|
|
4488
|
+
const authzSuccessMessage = ` Authorization settings for client '${targetClientIdForAuthz}' (UUID: ${clientUuid}) imported successfully into realm '${tenantName}'.`;
|
|
4489
|
+
|
|
4490
|
+
console.log( authzSuccessMessage );
|
|
4491
|
+
mainMessage += `${authzSuccessMessage}`;
|
|
4492
|
+
|
|
4493
|
+
resolve( {
|
|
4494
|
+
|
|
4495
|
+
status: 201,
|
|
4496
|
+
message: mainMessage
|
|
4497
|
+
} );
|
|
4498
|
+
|
|
4499
|
+
} else {
|
|
4500
|
+
|
|
4501
|
+
const authzWarningMessage = ` Authorization settings import for client '${targetClientIdForAuthz}' may have completed with status: ${authzResponse.status}. Response: ${JSON.stringify( authzResponse.data )}`;
|
|
4502
|
+
console.warn( authzWarningMessage );
|
|
4503
|
+
mainMessage += `${authzWarningMessage}`;
|
|
4504
|
+
|
|
4505
|
+
resolve( {
|
|
4506
|
+
|
|
4507
|
+
status: 201,
|
|
4508
|
+
message: mainMessage
|
|
4509
|
+
} );
|
|
4510
|
+
}
|
|
4511
|
+
|
|
4512
|
+
} catch ( er ) {
|
|
4513
|
+
|
|
4514
|
+
console.error( `Error importing authorization settings for client '${targetClientIdForAuthz}':` );
|
|
4515
|
+
|
|
4516
|
+
if ( er?.response ) {
|
|
4517
|
+
|
|
4518
|
+
console.error( 'Keycloak API Error Status (Authz Import):', er?.response?.status );
|
|
4519
|
+
console.error( 'Keycloak API Error Data (Authz Import):', JSON.stringify( er?.response?.data, null, 2 ) );
|
|
4520
|
+
|
|
4521
|
+
} else if ( er?.request ) {
|
|
4522
|
+
|
|
4523
|
+
console.error( 'No response received from Keycloak (Authz Import):', er.request );
|
|
4524
|
+
|
|
4525
|
+
|
|
4526
|
+
} else {
|
|
4527
|
+
|
|
4528
|
+
console.error( 'Error during authz import request setup or client lookup:', er?.message );
|
|
4529
|
+
}
|
|
4530
|
+
|
|
4531
|
+
let error = await errorService.handleError( er );
|
|
4532
|
+
|
|
4533
|
+
reject( {
|
|
4534
|
+
error_message: "Realm Creation Error: Error while importing permissions/policies in newly created tenant in keycloak from authz file.",
|
|
4535
|
+
error_detail: error
|
|
4536
|
+
} );
|
|
4537
|
+
|
|
4538
|
+
}
|
|
4539
|
+
|
|
4540
|
+
} catch ( er ) {
|
|
4541
|
+
|
|
4542
|
+
let error = await errorService.handleError( er );
|
|
4543
|
+
|
|
4544
|
+
reject( {
|
|
4545
|
+
|
|
4546
|
+
error_message: "Realm Creation Error: Error occurred while fetching list of clients of newly created tenant",
|
|
4547
|
+
error_detail: error
|
|
4548
|
+
} );
|
|
4549
|
+
|
|
4550
|
+
}
|
|
4551
|
+
}
|
|
4552
|
+
|
|
4553
|
+
} catch ( er ) {
|
|
4554
|
+
|
|
4555
|
+
let error = await errorService.handleError( er );
|
|
4556
|
+
|
|
4557
|
+
reject( {
|
|
4558
|
+
error_message: "Realm Creation Error: Error while creating realm in keycloak from realm-file.",
|
|
4559
|
+
error_detail: error
|
|
4560
|
+
} );
|
|
4561
|
+
|
|
4562
|
+
}
|
|
4563
|
+
|
|
4564
|
+
} catch ( error ) {
|
|
4565
|
+
|
|
4566
|
+
if ( error.response ) {
|
|
4567
|
+
|
|
4568
|
+
if ( error.response.data.error_description == "Token is not active" ) {
|
|
4569
|
+
error.response.data.error_description = "Refresh Token Expired: The refresh token has expired. Please log in again.";
|
|
4570
|
+
}
|
|
4571
|
+
|
|
4572
|
+
reject( {
|
|
4573
|
+
status: error.response.status,
|
|
4574
|
+
message: `${error.response.data.error_description}`,
|
|
4575
|
+
} );
|
|
4576
|
+
} else {
|
|
4577
|
+
|
|
4578
|
+
reject( { message: error.message } );
|
|
4579
|
+
}
|
|
4580
|
+
|
|
4581
|
+
}
|
|
4582
|
+
} );
|
|
4583
|
+
|
|
4584
|
+
}
|
|
4585
|
+
|
|
4586
|
+
// !-------------- Multitenancy End -----------------!
|
|
4587
|
+
|
|
4279
4588
|
//start
|
|
4280
4589
|
startUserMonitoring = async ( { pollingInterval }, callback ) => {
|
|
4281
4590
|
|
|
4282
4591
|
return new Promise( ( resolve, reject ) => {
|
|
4283
4592
|
|
|
4284
|
-
if ( !keycloakConfig[ "auth-server-url" ] || !keycloakConfig[ "realm" ] ) {
|
|
4593
|
+
if ( !this.keycloakConfig[ "auth-server-url" ] || !this.keycloakConfig[ "realm" ] ) {
|
|
4285
4594
|
reject( {
|
|
4286
4595
|
error_message: "Configuration Error: baseUrl and realm are required in config.",
|
|
4287
4596
|
error_detail: "Missing required configuration parameters"
|
|
@@ -4299,7 +4608,7 @@ class KeycloakService extends Keycloak {
|
|
|
4299
4608
|
|
|
4300
4609
|
try {
|
|
4301
4610
|
|
|
4302
|
-
const events = await fetchAdminEvents( keycloakConfig[ "auth-server-url" ], keycloakConfig[ "realm" ], keycloakConfig[ "USERNAME_ADMIN" ], keycloakConfig[ "PASSWORD_ADMIN" ] );
|
|
4611
|
+
const events = await fetchAdminEvents( this.keycloakConfig[ "auth-server-url" ], this.keycloakConfig[ "realm" ], this.keycloakConfig[ "USERNAME_ADMIN" ], this.keycloakConfig[ "PASSWORD_ADMIN" ] );
|
|
4303
4612
|
const newEvents = getNewEvents( events );
|
|
4304
4613
|
|
|
4305
4614
|
newEvents.forEach( event => {
|