Skip to content

Commit

Permalink
fix api platform doc auth
Browse files Browse the repository at this point in the history
  • Loading branch information
@4rthem
4rthem committed Nov 21, 2024
1 parent 5790005 commit b08434a
Show file tree
Hide file tree
Showing 5 changed files with 27 additions and 20 deletions.
10 changes: 9 additions & 1 deletion configurator/src/Configurator/Vendor/Keycloak/KeycloakConfigurator.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -70,12 +70,18 @@ public function configure(OutputInterface $output, array $presets): void
$appScopes = $this->getAppScopes();
foreach ($this->symfonyApplications as $app) {
$clientId = getenv(sprintf('%s_ADMIN_CLIENT_ID', strtoupper($app)));
$baseUri = getenv(sprintf('%s_API_URL', strtoupper($app)));

$clientData = $this->configureClient(
$clientId,
getenv(sprintf('%s_ADMIN_CLIENT_SECRET', strtoupper($app))),
getenv(sprintf('%s_API_URL', strtoupper($app))).'/admin',
$baseUri,
[
'serviceAccountsEnabled' => true,
],
redirectUris: [
$baseUri.'/admin/*',
$baseUri.'/bundles/apiplatform/swagger-ui/oauth2-redirect.html',
]
);

Expand Down Expand Up @@ -198,12 +204,14 @@ private function configureClient(
?string $clientSecret,
string $baseUri,
array $data = [],
?array $redirectUris = null,
): array {
$clientData = $this->keycloakManager->createClient(
$clientId,
$clientSecret,
$baseUri,
$data,
$redirectUris,
);

foreach ([
Expand Down
11 changes: 6 additions & 5 deletions configurator/src/Configurator/Vendor/Keycloak/KeycloakManager.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -274,8 +274,9 @@ public function addServiceAccountRole(
public function createClient(
string $clientId,
?string $clientSecret,
?string $baseUri,
?string $rootUrl,
array $data = [],
?array $redirectUris = null,
): array {
$client = $this->getClientByClientId($clientId);

Expand All @@ -284,10 +285,10 @@ public function createClient(
'secret' => $clientSecret,
'publicClient' => null === $clientSecret,
'frontchannelLogout' => false,
'rootUrl' => $baseUri,
'redirectUris' => $baseUri ? [
$baseUri.'/*',
] : null,
'rootUrl' => $rootUrl,
'redirectUris' => $redirectUris ?? ($rootUrl ? [
$rootUrl.'/*',
] : null),
], $data);

if (null !== $client) {
Expand Down
4 changes: 2 additions & 2 deletions databox/api/config/packages/api_platform.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -18,7 +18,7 @@ api_platform:
oauth:
clientId: '%env(ADMIN_CLIENT_ID)%'
clientSecret: '%env(ADMIN_CLIENT_SECRET)%'
tokenUrl: '%env(KEYCLOAK_URL)%/oauth/v2/token'
tokenUrl: '%env(KEYCLOAK_URL)%/realms/%env(KEYCLOAK_REALM_NAME)%/protocol/openid-connect/token'
authorizationUrl: '%env(KEYCLOAK_URL)%/realms/%env(KEYCLOAK_REALM_NAME)%/protocol/openid-connect/auth'
flow: authorizationCode
authorizationUrl: '%env(KEYCLOAK_URL)%/oauth/v2/auth'
event_listeners_backward_compatibility_layer: false
11 changes: 5 additions & 6 deletions expose/api/config/packages/api_platform.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -10,9 +10,8 @@ api_platform:
html: ['text/html']
multipart: ['multipart/form-data']
oauth:
enabled: true
type: 'oauth2'
flow: 'password'
tokenUrl: '%env(KEYCLOAK_URL)%/oauth/v2/token'
authorizationUrl: '%env(KEYCLOAK_URL)%/oauth/v2/auth'
scopes: []
clientId: '%env(ADMIN_CLIENT_ID)%'
clientSecret: '%env(ADMIN_CLIENT_SECRET)%'
tokenUrl: '%env(KEYCLOAK_URL)%/realms/%env(KEYCLOAK_REALM_NAME)%/protocol/openid-connect/token'
authorizationUrl: '%env(KEYCLOAK_URL)%/realms/%env(KEYCLOAK_REALM_NAME)%/protocol/openid-connect/auth'
flow: authorizationCode
11 changes: 5 additions & 6 deletions uploader/api/config/packages/api_platform.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -15,9 +15,8 @@ api_platform:
html: ['text/html']
multipart: ['multipart/form-data']
oauth:
enabled: true
type: 'oauth2'
flow: 'password'
tokenUrl: '%env(KEYCLOAK_URL)%/oauth/v2/token'
authorizationUrl: '%env(KEYCLOAK_URL)%/oauth/v2/auth'
scopes: []
clientId: '%env(ADMIN_CLIENT_ID)%'
clientSecret: '%env(ADMIN_CLIENT_SECRET)%'
tokenUrl: '%env(KEYCLOAK_URL)%/realms/%env(KEYCLOAK_REALM_NAME)%/protocol/openid-connect/token'
authorizationUrl: '%env(KEYCLOAK_URL)%/realms/%env(KEYCLOAK_REALM_NAME)%/protocol/openid-connect/auth'
flow: authorizationCode

0 comments on commit b08434a

Please sign in to comment.