-
Notifications
You must be signed in to change notification settings - Fork 15
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Merge pull request #38 from vzakharchenko/add_express_middleware
add express middleware
- Loading branch information
Showing
52 changed files
with
6,846 additions
and
1 deletion.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
|
@@ -63,3 +63,4 @@ Icon? | |
.webpack/* | ||
.coverage/* | ||
.tgz | ||
.webpack |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
|
@@ -19,6 +19,7 @@ example/* | |
.circleci/* | ||
.idea/* | ||
.coverage | ||
.webpack | ||
__mocks__ | ||
__tests__ | ||
keycloak-cloudfront-dynamodb | ||
|
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,112 @@ | ||
jest.mock('../../../src/keycloakAuthorizer'); | ||
jest.mock('../../../src/Jwks'); | ||
jest.mock('../../../src/utils/optionsUtils'); | ||
jest.mock('jsonwebtoken'); | ||
const jwt = require('jsonwebtoken'); | ||
const keycloakAuthorizer = require('../../../src/keycloakAuthorizer'); | ||
const optionsUtils = require('../../../src/utils/optionsUtils'); | ||
|
||
const jwks = require('../../../src/Jwks'); | ||
|
||
const { middlewareAdapter } = require('../../../src/adapter/middlewareAdapter'); | ||
|
||
describe('testing middlewareAdapter', () => { | ||
beforeEach(() => { | ||
keycloakAuthorizer.adapter.mockImplementation(async () => 'adapter'); | ||
jwks.jwksUrlResponse.mockImplementation(() => 'jwksUrlResponse'); | ||
jwt.decode.mockImplementation(() => {}); | ||
optionsUtils.commonOptions.mockImplementation(() => ({ logger: console })); | ||
}); | ||
|
||
afterEach(() => { | ||
}); | ||
|
||
test('test middlewareAdapter jwks', async () => { | ||
optionsUtils.commonOptions.mockImplementation(() => ({ | ||
logger: console, | ||
keys: { | ||
publicKey: { | ||
key: 'test', | ||
}, | ||
}, | ||
})); | ||
const ma = middlewareAdapter({}, {}); | ||
await ma.middleware({ baseUrl: '/service/jwks' }, { | ||
json: (message) => { | ||
expect(message).toEqual('jwksUrlResponse'); | ||
}, | ||
}, {}); | ||
}); | ||
|
||
test('test middlewareAdapter', async () => { | ||
optionsUtils.commonOptions.mockImplementation(() => ({ | ||
logger: console, | ||
})); | ||
const ma = middlewareAdapter({}, {}); | ||
await ma.middleware({ headers: { authorization: 'Bearer auth' } }, { | ||
json: (message) => { | ||
expect(message).toEqual('jwksUrlResponse'); | ||
}, | ||
}, () => { | ||
expect(1).toEqual(1); | ||
}); | ||
}); | ||
|
||
test('test middlewareAdapter Error', async () => { | ||
optionsUtils.commonOptions.mockImplementation(() => ({ | ||
logger: console, | ||
})); | ||
keycloakAuthorizer.adapter.mockImplementation(async () => { throw new Error('111'); }); | ||
const ma = middlewareAdapter({}, {}); | ||
await ma.middleware({ headers: { authorization: 'Bearer auth' } }, { | ||
status: (code) => { | ||
expect(code).toEqual(403); | ||
return { | ||
end: () => { | ||
expect(1).toEqual(1); | ||
}, | ||
}; | ||
}, | ||
}, () => { | ||
throw new Error('Error'); | ||
}); | ||
}); | ||
|
||
test('test middlewareAdapter Authorization Error 1', async () => { | ||
optionsUtils.commonOptions.mockImplementation(() => ({ | ||
logger: console, | ||
})); | ||
const ma = middlewareAdapter({}, {}); | ||
await ma.middleware({ headers: { } }, { | ||
status: (code) => { | ||
expect(code).toEqual(403); | ||
return { | ||
end: () => { | ||
expect(1).toEqual(1); | ||
}, | ||
}; | ||
}, | ||
}, () => { | ||
throw new Error('Error'); | ||
}); | ||
}); | ||
|
||
test('test middlewareAdapter Authorization Error 2', async () => { | ||
optionsUtils.commonOptions.mockImplementation(() => ({ | ||
logger: console, | ||
})); | ||
const ma = middlewareAdapter({}, {}); | ||
await ma.middleware({ headers: { authorization: 'test' } }, { | ||
status: (code) => { | ||
expect(code).toEqual(403); | ||
return { | ||
end: () => { | ||
expect(1).toEqual(1); | ||
}, | ||
}; | ||
}, | ||
}, () => { | ||
throw new Error('Error'); | ||
}); | ||
}); | ||
}); |
Loading
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
Loading
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
Loading
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
Loading
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,62 @@ | ||
# Chain of service calls | ||
![](../../keycloak-cross-client-authentication3.png) | ||
|
||
## 1. Start Keycloak | ||
|
||
### Docker | ||
Using the image from https://hub.docker.com/r/jboss/keycloak/ | ||
``` | ||
docker run -p 8090:8080 -e JAVA_OPTS="-Dkeycloak.profile.feature.scripts=enabled -Dkeycloak.profile.feature.upload_scripts=enabled -server -Xms64m -Xmx512m -XX:MetaspaceSize=96M -XX:MaxMetaspaceSize=256m -Djava.net.preferIPv4Stack=true -Djboss.modules.system.pkgs=org.jboss.byteman -Djava.awt.headless=true" -e KEYCLOAK_USER=admin -e KEYCLOAK_PASSWORD=admin -v `pwd`/example/chain-service-calls:/chain-service-calls -e KEYCLOAK_IMPORT=/chain-service-calls/example-realm-export.json jboss/keycloak | ||
``` | ||
### Standard | ||
``` | ||
sh bin/standalone.sh -c standalone.xml -b 0.0.0.0 -Djboss.bind.address.management=0.0.0.0 --debug 8190 -Djboss.http.port=8090 | ||
``` | ||
Open the Keycloak admin console, click on Add Realm, click on import 'Select file', select example-realm-export.json and click Create. | ||
|
||
## 2. Run Services Locally | ||
- Service1 | ||
```bash | ||
cd service1 | ||
npm i | ||
npm run start | ||
``` | ||
- Service2 | ||
```bash | ||
cd service2 | ||
npm i | ||
npm run offline | ||
``` | ||
- Service3 | ||
```bash | ||
cd service3 | ||
npm i | ||
npm run offline | ||
``` | ||
|
||
## 3. Run UI locally | ||
|
||
```bash | ||
cd frontend | ||
npm i | ||
npm run start | ||
``` | ||
|
||
## 4. Open UI | ||
[http://localhost:3001](http://localhost:3001) | ||
|
||
users: | ||
|
||
| User | Password | Service 1 Role 1 | Service 1 Role 2 | Service 2 Role | Service 3 Role | | ||
|:----------|:-----------|:-----------------|:-----------------|:---------------|:---------------| | ||
| user | user | X | X | X | X | | ||
| user1 | user1 | - | - | X | X | | ||
| user2 | user2 | X | - | - | X | | ||
|
||
## 6. Results | ||
|
||
| User | Result | Description | | ||
|:----------|:-------------------------------------------------------------------------------------------------------|:------------------------------------------------------| | ||
| User | ![](../../docs/userChain.png) | All Access | | ||
| User1 | ![](../../docs/user1Chain.png) | FrontEnd->Service2 and FrontEnd->Service3->Service2 | | | ||
| User1 | ![](../../docs/user2Chain.png) | FrontEnd->Service1->Service2 and FrontEnd->Service2 | |
Oops, something went wrong.