Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Allow to call getCurrentUser and oAuth API with machine token #16383

Closed
wants to merge 8 commits into from
Closed

Allow to call getCurrentUser and oAuth API with machine token #16383

Show file tree
Hide file tree
Changes from 5 commits
Commits
Show all changes
8 commits
Select commit Hold shift + click to select a range
84246f7
Make it possible to call oAuth service API with machine token
vinokurig Mar 17, 2020
758af14
Merge branch 'master' of github.com:eclipse/che into che-15261
vinokurig Mar 23, 2020
289fba2
Merge branch 'master' of github.com:eclipse/che into che-15261
vinokurig Mar 24, 2020
595b37b
commit
vinokurig Mar 24, 2020
1d73835
commit
vinokurig Mar 26, 2020
0203436
Merge branch 'master' of github.com:eclipse/che into che-15261
vinokurig Mar 27, 2020
5d894f0
Merge branch 'master' of github.com:eclipse/che into che-15261
vinokurig Mar 30, 2020
2056431
commit
vinokurig Mar 30, 2020
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
125 changes: 125 additions & 0 deletions assembly/assembly-root-war/src/main/webapp/_app/keycloackLoader.js
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,125 @@
/*
* Copyright (c) 2012-2018 Red Hat, Inc.
* This program and the accompanying materials are made
* available under the terms of the Eclipse Public License 2.0
* which is available at https://www.eclipse.org/legal/epl-2.0/
*
* SPDX-License-Identifier: EPL-2.0
*
* Contributors:
* Red Hat, Inc. - initial API and implementation
*/
export class KeycloakLoader {
/**
* Load keycloak settings
*/
loadKeycloakSettings() {
const msg = "Cannot load keycloak settings. This is normal for single-user mode.";

return new Promise((resolve, reject) => {
try {
if (window.parent && window.parent['_keycloak']) {
window['_keycloak'] = window.parent['_keycloak'];
resolve(window['_keycloak']);
return;
}
} catch (e) {
// parent frame has different origin, so access to parent frame is forbidden
console.error(msg, e);
}

try {
const request = new XMLHttpRequest();

request.onerror = request.onabort = function() {
reject(new Error(msg));
};

request.onload = () => {
if (request.status == 200) {
resolve(this.injectKeycloakScript(JSON.parse(request.responseText)));
} else {
reject(new Error(msg));
}
};

const url = "/api/keycloak/settings";
request.open("GET", url, true);
request.send();
} catch (e) {
reject(new Error(msg + e.message));
}
});
}

/**
* Injects keycloak javascript
*/
injectKeycloakScript(keycloakSettings) {
return new Promise((resolve, reject) => {
const script = document.createElement('script');
script.type = 'text/javascript';
script.language = 'javascript';
script.async = true;
script.src = keycloakSettings['che.keycloak.js_adapter_url'];

script.onload = () => {
resolve(this.initKeycloak(keycloakSettings));
};

script.onerror = script.onabort = () => {
reject(new Error('cannot load ' + script.src));
};

document.head.appendChild(script);
});
}

/**
* Initialize keycloak
*/
initKeycloak(keycloakSettings) {
return new Promise((resolve, reject) => {

function keycloakConfig() {
const theOidcProvider = keycloakSettings['che.keycloak.oidc_provider'];
if (!theOidcProvider) {
return {
url: keycloakSettings['che.keycloak.auth_server_url'],
realm: keycloakSettings['che.keycloak.realm'],
clientId: keycloakSettings['che.keycloak.client_id']
};
} else {
return {
oidcProvider: theOidcProvider,
clientId: keycloakSettings['che.keycloak.client_id']
};
}
}
const keycloak = Keycloak(keycloakConfig());

window['_keycloak'] = keycloak;

var useNonce;
if (typeof keycloakSettings['che.keycloak.use_nonce'] === 'string') {
useNonce = keycloakSettings['che.keycloak.use_nonce'].toLowerCase() === 'true';
}
window.sessionStorage.setItem('oidcIdeRedirectUrl', location.href);
keycloak
.init({
onLoad: 'login-required',
checkLoginIframe: false,
useNonce: useNonce,
scope: 'email profile',
redirectUri: keycloakSettings['che.keycloak.redirect_url.ide']
})
.success(() => {
resolve(keycloak);
})
.error(() => {
reject(new Error('[Keycloak] Failed to initialize Keycloak'));
});
});
}

}
13 changes: 1 addition & 12 deletions assembly/assembly-root-war/src/main/webapp/_app/loader.html
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -19,24 +19,13 @@
<title>Workspace token loader</title>

<link rel="stylesheet" href="./loader.css"></link>
<script src="./loader.js" defer></script>
<script type="module" src="loader.js" defer></script>
</head>

<body style="background-color: #21252b; transition: background-color 0.5s ease;">

<div id="workspace-loader">
<div id="workspace-loader-label">Loading a runtime token...</div>
<div id="workspace-loader-progress">
<div>
<div id="workspace-loader-progress-bar"></div>
</div>
</div>
<div id="workspace-loader-reload">Press F5 or click <a href="#">here</a> to try again.</div>
</div>
<div id="workspace-console">
<div id="workspace-console-container"></div>
</div>

</body>

</html>
114 changes: 1 addition & 113 deletions assembly/assembly-root-war/src/main/webapp/_app/loader.js
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -9,120 +9,8 @@
* Contributors:
* Red Hat, Inc. - initial API and implementation
*/
class KeycloakLoader {
/**
* Load keycloak settings
*/
loadKeycloakSettings() {
const msg = "Cannot load keycloak settings. This is normal for single-user mode.";

return new Promise((resolve, reject) => {
try {
if (window.parent && window.parent['_keycloak']) {
window['_keycloak'] = window.parent['_keycloak'];
resolve(window['_keycloak']);
return;
}
} catch (e) {
// parent frame has different origin, so access to parent frame is forbidden
console.error(msg, e);
}

try {
const request = new XMLHttpRequest();

request.onerror = request.onabort = function() {
reject(new Error(msg));
};

request.onload = () => {
if (request.status == 200) {
resolve(this.injectKeycloakScript(JSON.parse(request.responseText)));
} else {
reject(new Error(msg));
}
};

const url = "/api/keycloak/settings";
request.open("GET", url, true);
request.send();
} catch (e) {
reject(new Error(msg + e.message));
}
});
}

/**
* Injects keycloak javascript
*/
injectKeycloakScript(keycloakSettings) {
return new Promise((resolve, reject) => {
const script = document.createElement('script');
script.type = 'text/javascript';
script.language = 'javascript';
script.async = true;
script.src = keycloakSettings['che.keycloak.js_adapter_url'];

script.onload = () => {
resolve(this.initKeycloak(keycloakSettings));
};

script.onerror = script.onabort = () => {
reject(new Error('cannot load ' + script.src));
};

document.head.appendChild(script);
});
}

/**
* Initialize keycloak
*/
initKeycloak(keycloakSettings) {
return new Promise((resolve, reject) => {

function keycloakConfig() {
const theOidcProvider = keycloakSettings['che.keycloak.oidc_provider'];
if (!theOidcProvider) {
return {
url: keycloakSettings['che.keycloak.auth_server_url'],
realm: keycloakSettings['che.keycloak.realm'],
clientId: keycloakSettings['che.keycloak.client_id']
};
} else {
return {
oidcProvider: theOidcProvider,
clientId: keycloakSettings['che.keycloak.client_id']
};
}
}
const keycloak = Keycloak(keycloakConfig());

window['_keycloak'] = keycloak;

var useNonce;
if (typeof keycloakSettings['che.keycloak.use_nonce'] === 'string') {
useNonce = keycloakSettings['che.keycloak.use_nonce'].toLowerCase() === 'true';
}
window.sessionStorage.setItem('oidcIdeRedirectUrl', location.href);
keycloak
.init({
onLoad: 'login-required',
checkLoginIframe: false,
useNonce: useNonce,
scope: 'email profile',
redirectUri: keycloakSettings['che.keycloak.redirect_url.ide']
})
.success(() => {
resolve(keycloak);
})
.error(() => {
reject(new Error('[Keycloak] Failed to initialize Keycloak'));
});
});
}

}
import { KeycloakLoader } from './keycloackLoader.js';

class Loader {

Expand Down
31 changes: 31 additions & 0 deletions assembly/assembly-root-war/src/main/webapp/_app/oauth.html
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,31 @@
<!--

Copyright (c) 2012-2018 Red Hat, Inc.
This program and the accompanying materials are made
available under the terms of the Eclipse Public License 2.0
which is available at https://www.eclipse.org/legal/epl-2.0/

SPDX-License-Identifier: EPL-2.0

Contributors:
Red Hat, Inc. - initial API and implementation

-->
<!DOCTYPE html>
<html lang="en">

<head>
<meta charset="UTF-8">
<title>Authentication</title>
<script type="module" src="./oauthLoader.js" defer></script>
</head>

<body style="background-color: #21252b; transition: background-color 0.5s ease;">

<div id="workspace-console">
<div id="workspace-console-container"></div>
</div>

</body>

</html>
Loading