ef-keycloak-connect 1.8.4-patch-3.0 → 1.8.4-patch-5.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/package.json +1 -1
- package/services/keycloakService.js +78 -5
package/package.json
CHANGED
|
@@ -62,7 +62,7 @@ class KeycloakService extends Keycloak {
|
|
|
62
62
|
if ( !attributesFromToken || !attributesFromToken.is2FARegistered || attributesFromToken.is2FARegistered == 'false' ) {
|
|
63
63
|
|
|
64
64
|
// getting admin access token to update the user attributes for RSA & Auht Apps
|
|
65
|
-
const adminData = await this.getAccessToken( keycloakConfig.USERNAME_ADMIN, keycloakConfig.PASSWORD_ADMIN );
|
|
65
|
+
const adminData = await this.getAccessToken( this.keycloakConfig.USERNAME_ADMIN, this.keycloakConfig.PASSWORD_ADMIN );
|
|
66
66
|
const adminToken = adminData.access_token;
|
|
67
67
|
|
|
68
68
|
// appending extra information regarding 2FA in response object
|
|
@@ -239,7 +239,7 @@ class KeycloakService extends Keycloak {
|
|
|
239
239
|
|
|
240
240
|
return new Promise( async ( resolve, reject ) => {
|
|
241
241
|
|
|
242
|
-
let URL = keycloakConfig[ "auth-server-url" ] + "realms/" + keycloakConfig[ "realm" ] + "/protocol/openid-connect/token/introspect";
|
|
242
|
+
let URL = this.keycloakConfig[ "auth-server-url" ] + "realms/" + this.keycloakConfig[ "realm" ] + "/protocol/openid-connect/token/introspect";
|
|
243
243
|
|
|
244
244
|
let config = {
|
|
245
245
|
method: "post",
|
|
@@ -275,6 +275,79 @@ class KeycloakService extends Keycloak {
|
|
|
275
275
|
} );
|
|
276
276
|
}
|
|
277
277
|
|
|
278
|
+
|
|
279
|
+
// function for getting user details against user id (and extracting attributes)
|
|
280
|
+
async getUserDetailsById( userId ) {
|
|
281
|
+
|
|
282
|
+
return new Promise( async ( resolve, reject ) => {
|
|
283
|
+
|
|
284
|
+
let keycloakAdminToken;
|
|
285
|
+
|
|
286
|
+
try {
|
|
287
|
+
|
|
288
|
+
//Fetching admin token, we pass it in our "Create User" API for authorization
|
|
289
|
+
keycloakAdminToken = await this.getAccessToken( this.keycloakConfig[ "USERNAME_ADMIN" ], this.keycloakConfig[ "PASSWORD_ADMIN" ] );
|
|
290
|
+
|
|
291
|
+
let URL = this.keycloakConfig[ "auth-server-url" ] + "admin/realms/" + this.keycloakConfig[ "realm" ] + "/users/" + userId;
|
|
292
|
+
|
|
293
|
+
let config = {
|
|
294
|
+
method: "get",
|
|
295
|
+
url: URL,
|
|
296
|
+
headers: {
|
|
297
|
+
Accept: "application/json",
|
|
298
|
+
"Content-Type": "application/json",
|
|
299
|
+
"Authorization": `Bearer ${keycloakAdminToken.access_token}`
|
|
300
|
+
}
|
|
301
|
+
};
|
|
302
|
+
|
|
303
|
+
try {
|
|
304
|
+
|
|
305
|
+
let userDetailsAgainstId = await requestController.httpRequest( config, true );
|
|
306
|
+
|
|
307
|
+
if ( userDetailsAgainstId?.data ) {
|
|
308
|
+
|
|
309
|
+
resolve( userDetailsAgainstId.data ) // extracting user details from response object
|
|
310
|
+
}
|
|
311
|
+
|
|
312
|
+
}
|
|
313
|
+
catch ( er ) {
|
|
314
|
+
|
|
315
|
+
let error
|
|
316
|
+
|
|
317
|
+
if ( er?.status && er?.status === 404 ) {
|
|
318
|
+
|
|
319
|
+
error = {
|
|
320
|
+
status: 404,
|
|
321
|
+
reason: `No user exist in keycloak against given user id: ${userId}`
|
|
322
|
+
}
|
|
323
|
+
|
|
324
|
+
} else {
|
|
325
|
+
|
|
326
|
+
error = await errorService.handleError( er );
|
|
327
|
+
}
|
|
328
|
+
|
|
329
|
+
reject( {
|
|
330
|
+
error_message: "User Details API Error: Error occurred while getting user against user id",
|
|
331
|
+
error_detail: error
|
|
332
|
+
} );
|
|
333
|
+
|
|
334
|
+
}
|
|
335
|
+
} catch ( er ) {
|
|
336
|
+
|
|
337
|
+
console.log( er );
|
|
338
|
+
|
|
339
|
+
let error = await errorService.handleError( er );
|
|
340
|
+
|
|
341
|
+
reject( {
|
|
342
|
+
|
|
343
|
+
error_message: "Keycloak Admin Token Fetch Error: An error occurred while fetching the keycloak admin token in getUserDetailsById function.",
|
|
344
|
+
error_detail: error
|
|
345
|
+
} );
|
|
346
|
+
|
|
347
|
+
}
|
|
348
|
+
} );
|
|
349
|
+
}
|
|
350
|
+
|
|
278
351
|
// function for getting user details (and extracting attributes)
|
|
279
352
|
async getUserDetails( adminToken, username ) {
|
|
280
353
|
let URL = this.keycloakConfig[ "auth-server-url" ] + "admin/realms/" + this.keycloakConfig[ "realm" ] + "/users?username=" + username + "&exact=true";
|
|
@@ -507,7 +580,7 @@ class KeycloakService extends Keycloak {
|
|
|
507
580
|
// running OTP validation flow for RSA Authenticator
|
|
508
581
|
else if ( userAttributes.twoFAChannel[ 0 ] === 'rsa' ) {
|
|
509
582
|
// setting up SecurID API for MFA
|
|
510
|
-
let URL = keycloakConfig.RSA_Server_URL + "mfa/v1_1/authn/initialize";
|
|
583
|
+
let URL = this.keycloakConfig.RSA_Server_URL + "mfa/v1_1/authn/initialize";
|
|
511
584
|
|
|
512
585
|
// configuring headers & payload
|
|
513
586
|
let config = {
|
|
@@ -761,7 +834,7 @@ class KeycloakService extends Keycloak {
|
|
|
761
834
|
let rpt_token = rptResponse.data.access_token;
|
|
762
835
|
|
|
763
836
|
let userToken = token;
|
|
764
|
-
config.data.grant_type = keycloakConfig.GRANT_TYPE;
|
|
837
|
+
config.data.grant_type = this.keycloakConfig.GRANT_TYPE;
|
|
765
838
|
config.data.token = rpt_token;
|
|
766
839
|
URL = URL + "/introspect";
|
|
767
840
|
config.url = URL;
|
|
@@ -773,7 +846,7 @@ class KeycloakService extends Keycloak {
|
|
|
773
846
|
intrsopectionResponse.data.access_token = rpt_token;
|
|
774
847
|
|
|
775
848
|
responseObject.permittedResources = {
|
|
776
|
-
Resources: ( intrsopectionResponse
|
|
849
|
+
Resources: ( intrsopectionResponse?.data?.authorization?.permissions?.length > 0 ) ? intrsopectionResponse?.data?.authorization?.permissions : []
|
|
777
850
|
}
|
|
778
851
|
|
|
779
852
|
// T.O.K.E.N R.E.Q.U.E.S.T # 4 ( A.D.M.I.N. T.O.K.E.N)
|