|
|
@@ -25,7 +25,7 @@ const CLIENTS = {
|
|
|
|
|
|
// Hilfsfunktion für API-Fehlerbehandlung
|
|
|
const handleAxiosError = (error, operation, config, response) => {
|
|
|
- console.error(`Error during ${operation}:`);
|
|
|
+ console.error(`Error during ${operation}:`);
|
|
|
if (config) {
|
|
|
console.error('Request:', {
|
|
|
method: config.method,
|
|
|
@@ -120,6 +120,7 @@ async function checkClientExists(token, clientId) {
|
|
|
return !!client;
|
|
|
}
|
|
|
|
|
|
+
|
|
|
async function getClientMappers(token, clientId) {
|
|
|
try {
|
|
|
const client = await getClient(token, clientId);
|
|
|
@@ -141,6 +142,83 @@ async function getClientMappers(token, clientId) {
|
|
|
}
|
|
|
}
|
|
|
|
|
|
+async function getClientScopes(token, clientId){
|
|
|
+ try {
|
|
|
+ const client = await getClient(token, clientId);
|
|
|
+ if(!client)
|
|
|
+ return [];
|
|
|
+
|
|
|
+ const response = await axios.get(
|
|
|
+ `${KEYCLOAK_URL}/admin/realms/${REALM_NAME}/clients/${client.id}/client-scopes`,
|
|
|
+ {
|
|
|
+ headers: {
|
|
|
+ 'Authorization': `Bearer ${token}`
|
|
|
+ }
|
|
|
+ }
|
|
|
+ );
|
|
|
+
|
|
|
+ return response.data;
|
|
|
+
|
|
|
+ } catch(error){
|
|
|
+ handleAxiosError(error, `getting client scopes for ${clientId}`, error.config, error.response);
|
|
|
+ return [];
|
|
|
+ }
|
|
|
+}
|
|
|
+
|
|
|
+async function getClientScope(token, scopeName) {
|
|
|
+ try {
|
|
|
+ const response = await axios.get(
|
|
|
+ `${KEYCLOAK_URL}/admin/realms/${REALM_NAME}/client-scopes`,
|
|
|
+ {
|
|
|
+ headers: {
|
|
|
+ 'Authorization': `Bearer ${token}`
|
|
|
+ },
|
|
|
+ params: {
|
|
|
+ name: scopeName
|
|
|
+ }
|
|
|
+ }
|
|
|
+ );
|
|
|
+
|
|
|
+ if(response.data.length === 0){
|
|
|
+ console.error(`Client Scope ${scopeName} not found`);
|
|
|
+ return null;
|
|
|
+ }
|
|
|
+
|
|
|
+ return response.data[0]
|
|
|
+ } catch (error){
|
|
|
+ handleAxiosError(error, `getting client scope ${scopeName}`, error.config, error.response);
|
|
|
+ return null;
|
|
|
+ }
|
|
|
+}
|
|
|
+
|
|
|
+async function addDefaultClientScope(token, clientId, scopeName){
|
|
|
+ try {
|
|
|
+ const client = await getClient(token, clientId);
|
|
|
+ const scope = await getClientScope(token, scopeName);
|
|
|
+ if(!client || !scope){
|
|
|
+ return null;
|
|
|
+ }
|
|
|
+
|
|
|
+
|
|
|
+ await axios.put(
|
|
|
+ `${KEYCLOAK_URL}/admin/realms/${REALM_NAME}/clients/${client.id}/default-client-scopes/${scope.id}`,
|
|
|
+ null,
|
|
|
+ {
|
|
|
+ headers: {
|
|
|
+ 'Authorization': `Bearer ${token}`,
|
|
|
+ 'Content-Type': 'application/json'
|
|
|
+ }
|
|
|
+ }
|
|
|
+ );
|
|
|
+
|
|
|
+ console.log(`Client scope ${scopeName} added as default scope for client ${clientId}`)
|
|
|
+
|
|
|
+ } catch(error){
|
|
|
+ handleAxiosError(error, `adding client scope ${scopeName} as default for client ${clientId}`);
|
|
|
+ }
|
|
|
+}
|
|
|
+
|
|
|
+
|
|
|
// Realm erstellen
|
|
|
async function createRealm(token) {
|
|
|
const realmConfig = {
|
|
|
@@ -390,7 +468,7 @@ async function createDefaultGroups(token) {
|
|
|
|
|
|
async function createTestToken(token, username) {
|
|
|
try {
|
|
|
- const nextcloudClientId = Object.keys(CLIENTS).find(key => key.includes('nextcloud')) || 'nextcloud';
|
|
|
+ const nextcloudClientId = Object.keys(CLIENTS).find(key => key.includes('nextcloud')) || 'nextcloud';
|
|
|
const client = await getClient(token, nextcloudClientId);
|
|
|
|
|
|
if (!client)
|
|
|
@@ -523,10 +601,13 @@ async function setupRealm() {
|
|
|
}
|
|
|
|
|
|
// Clients erstellen
|
|
|
- for (const clientId in CLIENTS) {
|
|
|
+ for (const clientId in CLIENTS) {
|
|
|
await createClient(token, clientId, clientId, CLIENTS[clientId].redirectUris);
|
|
|
}
|
|
|
|
|
|
+ const nextcloudClientId = Object.keys(CLIENTS).find(key => key.includes('nextcloud')) || 'nextcloud';
|
|
|
+ await addDefaultClientScope(token, nextcloudClientId, "openid");
|
|
|
+
|
|
|
// Gruppen erstellen
|
|
|
await createDefaultGroups(token);
|
|
|
|
mrx8086