keycloak-express-middleware 6.3.1 → 6.3.2

package/CHANGELOG.md

@@ -2,6 +2,17 @@
 
 All notable changes to this project will be documented in this file.
 
+## [6.3.2] - 2026-03-18
+
+### Added
+- Automatic test config bootstrap via `test/helpers/ensure-test-config.js`.
+- `npm run setup-keycloak` now ensures missing test config files are recreated before interactive setup:
+  - `test/config/secrets.json`
+  - `test/docker-keycloak/.env`
+
+### Changed
+- npm package `files` whitelist keeps `test/` assets available on install while excluding sensitive/generated files (`test/config/secrets.json`, `test/docker-keycloak/.env`, local cert files).
+
 ## [6.3.1] - 2026-03-18
 
 ### Changed

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "keycloak-express-middleware",
-  "version": "6.3.1",
+  "version": "6.3.2",
   "description": "Adapter API to integrate Node.js (Express) applications with Keycloak. Provides middleware for authentication, authorization, token validation, and route protection via OpenID Connect.",
   "main": "index.js",
   "typings": "index.d.ts",
@@ -26,14 +26,20 @@
     "test/*.test.js",
     "test/package.json",
     "test/package-lock.json",
-    "test/config/**",
+    "test/config/default.json",
+    "test/config/secrets.json.example",
     "test/helpers/**",
     "test/support/**",
-    "test/docker-keycloak/**"
+    "test/docker-keycloak/README.md",
+    "test/docker-keycloak/docker-compose.yml",
+    "test/docker-keycloak/docker-compose-https.yml",
+    "test/docker-keycloak/setup-keycloak.js",
+    "test/docker-keycloak/certs/README.md",
+    "test/docker-keycloak/certs/.gitkeep"
   ],
   "scripts": {
-    "test": "npm --prefix test install && npm --prefix test run setup-keycloak && NODE_PATH=./test/node_modules npm --prefix test test",
-    "setup-keycloak": "eval \"$(ssh-agent -s)\" && ssh-add ~/.ssh/id_ed25519 && NODE_ENV=test node test/docker-keycloak/setup-keycloak.js"
+    "test": "node test/helpers/ensure-test-config.js && npm --prefix test install && npm --prefix test run setup-keycloak && NODE_PATH=./test/node_modules npm --prefix test test",
+    "setup-keycloak": "node test/helpers/ensure-test-config.js && eval \"$(ssh-agent -s)\" && ssh-add ~/.ssh/id_ed25519 && NODE_ENV=test node test/docker-keycloak/setup-keycloak.js"
   },
   "dependencies": {
     "express-session": "^1.19.0",

package/test/helpers/ensure-test-config.js

@@ -0,0 +1,114 @@
+#!/usr/bin/env node
+
+/**
+ * Ensures local test configuration files exist with valid defaults.
+ *
+ * Generated files (if missing):
+ * - test/config/secrets.json
+ * - test/docker-keycloak/.env
+ *
+ * Usage:
+ *   node test/helpers/ensure-test-config.js
+ *   node test/helpers/ensure-test-config.js --regenerate
+ */
+
+const fs = require('fs');
+const path = require('path');
+
+const force = process.argv.includes('--regenerate');
+
+const repoRoot = path.join(__dirname, '..', '..');
+const secretsPath = path.join(repoRoot, 'test', 'config', 'secrets.json');
+const dockerEnvPath = path.join(repoRoot, 'test', 'docker-keycloak', '.env');
+
+function ensureDir(filePath) {
+  fs.mkdirSync(path.dirname(filePath), { recursive: true });
+}
+
+function readJsonSafe(filePath) {
+  try {
+    return JSON.parse(fs.readFileSync(filePath, 'utf8'));
+  } catch (_err) {
+    return null;
+  }
+}
+
+function writeJson(filePath, data) {
+  ensureDir(filePath);
+  fs.writeFileSync(filePath, `${JSON.stringify(data, null, 2)}\n`, 'utf8');
+}
+
+function ensureSecrets() {
+  const defaults = {
+    test: {
+      keycloak: {
+        adminPassword: 'admin',
+        clientSecret: 'test-client-secret',
+        testPassword: 'test-password'
+      }
+    }
+  };
+
+  if (!fs.existsSync(secretsPath) || force) {
+    writeJson(secretsPath, defaults);
+    console.log(`[ensure-test-config] ${force ? 'Regenerated' : 'Created'} test/config/secrets.json`);
+    return;
+  }
+
+  const current = readJsonSafe(secretsPath);
+  if (!current) {
+    writeJson(secretsPath, defaults);
+    console.log('[ensure-test-config] Repaired invalid test/config/secrets.json');
+    return;
+  }
+
+  const merged = {
+    ...current,
+    test: {
+      ...(current.test || {}),
+      keycloak: {
+        ...defaults.test.keycloak,
+        ...((current.test && current.test.keycloak) || {})
+      }
+    }
+  };
+
+  // Update only if required keys are missing.
+  const currentString = JSON.stringify(current);
+  const mergedString = JSON.stringify(merged);
+  if (currentString !== mergedString) {
+    writeJson(secretsPath, merged);
+    console.log('[ensure-test-config] Added missing keys in test/config/secrets.json');
+  } else {
+    console.log('[ensure-test-config] test/config/secrets.json already valid');
+  }
+}
+
+function ensureDockerEnv() {
+  const content = [
+    'KEYCLOAK_CERT_PATH=./certs',
+    'KEYCLOAK_HOSTNAME=localhost'
+  ].join('\n') + '\n';
+
+  if (!fs.existsSync(dockerEnvPath) || force) {
+    ensureDir(dockerEnvPath);
+    fs.writeFileSync(dockerEnvPath, content, 'utf8');
+    console.log(`[ensure-test-config] ${force ? 'Regenerated' : 'Created'} test/docker-keycloak/.env`);
+    return;
+  }
+
+  const existing = fs.readFileSync(dockerEnvPath, 'utf8');
+  if (!existing.includes('KEYCLOAK_CERT_PATH=') || !existing.includes('KEYCLOAK_HOSTNAME=')) {
+    fs.writeFileSync(dockerEnvPath, content, 'utf8');
+    console.log('[ensure-test-config] Repaired test/docker-keycloak/.env');
+  } else {
+    console.log('[ensure-test-config] test/docker-keycloak/.env already valid');
+  }
+}
+
+function main() {
+  ensureSecrets();
+  ensureDockerEnv();
+}
+
+main();

package/test/config/secrets.json

@@ -1,9 +0,0 @@
-{
-  "test": {
-    "keycloak": {
-      "adminPassword": "admin",
-      "clientSecret": "test-client-secret",
-      "testPassword": "test-password"
-    }
-  }
-}

package/test/docker-keycloak/.env

@@ -1,2 +0,0 @@
-KEYCLOAK_CERT_PATH=./certs
-KEYCLOAK_HOSTNAME=smart-dell-sml.crs4.it