Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Refactor to do a real login for OAuth #660

Merged
merged 4 commits into from
Apr 30, 2022
Merged

Refactor to do a real login for OAuth #660

merged 4 commits into from
Apr 30, 2022

Conversation

mraible
Copy link
Collaborator

@mraible mraible commented Apr 30, 2022
edited
Loading

Fixes #656.

@mraible mraible mentioned this pull request Apr 30, 2022
Closed
@mshima
Copy link
Member

mshima commented Apr 30, 2022
edited
Loading

Unfortunately, this won't work with Keycloak at a domain different then localhost.
This cypress bug, got me to implement the login using api.
Otherwise, the oauth2 login would be ready a couple of days ago =).

@mraible
Copy link
Collaborator Author

mraible commented Apr 30, 2022

You're right. If I try to do this:

export SPRING_SECURITY_OAUTH2_CLIENT_PROVIDER_OIDC_ISSUER_URI=http://keycloak:9080/auth/realms/jhipster

I get the following error when running Cypress tests.

Screen Shot 2022-04-30 at 12 32 21

This kinda stinks because it means you can't run Cypress tests when running the backend via Docker Compose. That's the only downside I see. You shouldn't be using Keycloak in production anyway. ;)

@mraible
Copy link
Collaborator Author

mraible commented Apr 30, 2022

What do you think about using the API method for Keycloak and using origin for Auth0 and Okta?

@mshima
Copy link
Member

mshima commented Apr 30, 2022

Sure, we can move keycloak ui once cypress fixes it.

@mshima mshima mentioned this pull request Apr 30, 2022
Closed
@mraible
Copy link
Collaborator Author

mraible commented Apr 30, 2022

OK, this PR now uses the API for Keycloak. I tested it on Keycloak with the default settings, as well as:

export SPRING_SECURITY_OAUTH2_CLIENT_PROVIDER_OIDC_ISSUER_URI=http://keycloak:9080/auth/realms/jhipster

I tested it on Okta and Auth0 too. There is a test in login.e2e-spec.ts that fails unless you change your user to have the first name of "Admin".

  // Incompatible with oauth login by api
  it('should login successfully with admin account', () => {
    cy.login(ADMIN_USERNAME, ADMIN_PASSWORD);
    cy.visit('/');

    const welcome = /Welcome, Admin/;
    cy.get('app-home ion-title').invoke('text').should('match', welcome);
  });

@mshima mshima merged commit f3f5aac into main Apr 30, 2022
@mshima mshima deleted the oauth-for-all branch April 30, 2022 21:51
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@mshima mshima mshima approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

Fix Auth0/Okta support
2 participants
@mraible @mshima