Skip to content

Commit

Permalink
feat: keycloak internal server URL
Browse files Browse the repository at this point in the history
* Fix examples

* Add serverUrlInternal option
  • Loading branch information
MasterCarl authored Dec 13, 2024
1 parent eef7119 commit ac61ae5
Show file tree
Hide file tree
Showing 3 changed files with 13 additions and 3 deletions.
1 change: 1 addition & 0 deletions playground/.env.example
Original file line number Diff line number Diff line change
Expand Up @@ -32,6 +32,7 @@ NUXT_OAUTH_BATTLEDOTNET_CLIENT_SECRET=
NUXT_OAUTH_KEYCLOAK_CLIENT_ID=
NUXT_OAUTH_KEYCLOAK_CLIENT_SECRET=
NUXT_OAUTH_KEYCLOAK_SERVER_URL=
NUXT_OAUTH_KEYCLOAK_SERVER_URL_INTERNAL=
NUXT_OAUTH_KEYCLOAK_REALM=
# LinkedIn
NUXT_OAUTH_LINKEDIN_CLIENT_ID=
Expand Down
1 change: 1 addition & 0 deletions src/module.ts
Original file line number Diff line number Diff line change
Expand Up @@ -232,6 +232,7 @@ export default defineNuxtModule<ModuleOptions>({
clientId: '',
clientSecret: '',
serverUrl: '',
serverUrlInternal: '',
realm: '',
redirectURL: '',
})
Expand Down
14 changes: 11 additions & 3 deletions src/runtime/server/lib/oauth/keycloak.ts
Original file line number Diff line number Diff line change
Expand Up @@ -19,10 +19,17 @@ export interface OAuthKeycloakConfig {
clientSecret?: string
/**
* Keycloak OAuth Server URL
* @example http://192.168.1.10:8080/auth
* @example http://192.168.1.10:8080
* @default process.env.NUXT_OAUTH_KEYCLOAK_SERVER_URL
*/
serverUrl?: string
/**
* Optional Keycloak OAuth Server URL to use internally, e.g. if Nuxt connects to a Docker hostname while the browser
* redirect goes to localhost
* @example http://keycloak:8080
* @default process.env.NUXT_OAUTH_KEYCLOAK_SERVER_URL_INTERNAL
*/
serverUrlInternal?: string
/**
* Keycloak OAuth Realm
* @default process.env.NUXT_OAUTH_KEYCLOAK_REALM
Expand All @@ -40,7 +47,7 @@ export interface OAuthKeycloakConfig {
*/
authorizationParams?: Record<string, string>
/**
* Redirect URL to to allow overriding for situations like prod failing to determine public hostname
* Redirect URL to allow overriding for situations like prod failing to determine public hostname
* @default process.env.NUXT_OAUTH_KEYCLOAK_REDIRECT_URL or current URL
*/
redirectURL?: string
Expand Down Expand Up @@ -78,9 +85,10 @@ export function defineOAuthKeycloakEventHandler({
}

const realmURL = `${config.serverUrl}/realms/${config.realm}`
const realmURLInternal = `${config.serverUrlInternal || config.serverUrl}/realms/${config.realm}`

const authorizationURL = `${realmURL}/protocol/openid-connect/auth`
const tokenURL = `${realmURL}/protocol/openid-connect/token`
const tokenURL = `${realmURLInternal}/protocol/openid-connect/token`
const redirectURL = config.redirectURL || getOAuthRedirectURL(event)

if (!query.code) {
Expand Down

0 comments on commit ac61ae5

Please sign in to comment.