🩹 Allow Keycloak authentication to pass 'IdP Hint'

* add App Config option for 'IdP Hint' under Keycloak Authentication
* refactor the authentication trigger mechanism to allow direct call
  to keyjclaok-js adapter login() function
* remove `onLoad` from construction options (as it belongs to init())
This commit is contained in:
Marcell Fülöp 2023-02-09 12:47:10 +00:00
parent 3e7b51da33
commit d9740427eb
2 changed files with 11 additions and 6 deletions

View File

@ -481,6 +481,11 @@
"type": "string",
"description": "The Client ID of the client you created for use with Dashy"
},
"idpHint": {
"title" : "IdP hint",
"type": "string",
"description": "Set to the 'Alias' of an existing Identity Provider in the specified realm to skip the Keycloak login page and redirect straight to the external IdP for authentication"
},
"legacySupport": {
"title": "Legacy Support",
"type": "boolean",

View File

@ -13,25 +13,25 @@ class KeycloakAuth {
constructor() {
const { auth } = getAppConfig();
const {
serverUrl, realm, clientId, legacySupport,
serverUrl, realm, clientId, idpHint, legacySupport,
} = auth.keycloak;
const url = legacySupport ? `${serverUrl}/auth` : serverUrl;
const initOptions = {
url, realm, clientId, onLoad: 'login-required',
};
const initOptions = { url, realm, clientId };
const loginOptions = idpHint ? { idpHint } : {};
this.loginOptions = loginOptions;
this.keycloakClient = Keycloak(initOptions);
}
login() {
return new Promise((resolve, reject) => {
this.keycloakClient.init({ onLoad: 'login-required' })
this.keycloakClient.init({ onLoad: 'check-sso' })
.then((auth) => {
if (auth) {
this.storeKeycloakInfo();
return resolve();
} else {
return reject(new Error('Not authenticated'));
return this.keycloakClient.login(this.loginOptions);
}
})
.catch((reason) => reject(reason));