diff --git a/extensions/oidc/deployment/src/main/java/io/quarkus/oidc/deployment/devservices/AbstractDevConsoleProcessor.java b/extensions/oidc/deployment/src/main/java/io/quarkus/oidc/deployment/devservices/AbstractDevUIProcessor.java similarity index 56% rename from extensions/oidc/deployment/src/main/java/io/quarkus/oidc/deployment/devservices/AbstractDevConsoleProcessor.java rename to extensions/oidc/deployment/src/main/java/io/quarkus/oidc/deployment/devservices/AbstractDevUIProcessor.java index ddfe711e52275..890c86f22a6b3 100644 --- a/extensions/oidc/deployment/src/main/java/io/quarkus/oidc/deployment/devservices/AbstractDevConsoleProcessor.java +++ b/extensions/oidc/deployment/src/main/java/io/quarkus/oidc/deployment/devservices/AbstractDevUIProcessor.java @@ -11,19 +11,13 @@ import io.quarkus.deployment.Capability; import io.quarkus.deployment.annotations.BuildProducer; import io.quarkus.deployment.builditem.ConfigurationBuildItem; -import io.quarkus.deployment.pkg.builditem.CurateOutcomeBuildItem; -import io.quarkus.devconsole.runtime.spi.DevConsolePostHandler; -import io.quarkus.devconsole.spi.DevConsoleRouteBuildItem; -import io.quarkus.devconsole.spi.DevConsoleRuntimeTemplateInfoBuildItem; -import io.quarkus.devconsole.spi.DevConsoleTemplateInfoBuildItem; import io.quarkus.devui.spi.page.CardPageBuildItem; import io.quarkus.devui.spi.page.Page; -import io.quarkus.oidc.runtime.OidcConfigPropertySupplier; import io.quarkus.oidc.runtime.devui.OidcDevUiRecorder; import io.quarkus.oidc.runtime.devui.OidcDevUiRpcSvcPropertiesBean; import io.quarkus.vertx.http.deployment.NonApplicationRootPathBuildItem; -public abstract class AbstractDevConsoleProcessor { +public abstract class AbstractDevUIProcessor { protected static final String CONFIG_PREFIX = "quarkus.oidc."; protected static final String CLIENT_ID_CONFIG_KEY = CONFIG_PREFIX + "client-id"; protected static final String CLIENT_SECRET_CONFIG_KEY = CONFIG_PREFIX + "credentials.secret"; @@ -33,68 +27,6 @@ public abstract class AbstractDevConsoleProcessor { protected static final String POST_LOGOUT_URI_PARAM_CONFIG_KEY = CONFIG_PREFIX + "logout.post-logout-uri-param"; protected static final String SCOPES_KEY = CONFIG_PREFIX + "authentication.scopes"; - protected void produceDevConsoleTemplateItems(Capabilities capabilities, - BuildProducer devConsoleTemplate, - BuildProducer devConsoleRuntimeInfo, - CurateOutcomeBuildItem curateOutcomeBuildItem, - String oidcProviderName, - String oidcApplicationType, - String oidcGrantType, - String authorizationUrl, - String tokenUrl, - String logoutUrl, - boolean introspectionIsAvailable) { - if (oidcProviderName != null) { - devConsoleTemplate.produce(new DevConsoleTemplateInfoBuildItem("oidcProviderName", oidcProviderName)); - } - devConsoleTemplate.produce(new DevConsoleTemplateInfoBuildItem("oidcApplicationType", oidcApplicationType)); - devConsoleTemplate.produce(new DevConsoleTemplateInfoBuildItem("oidcGrantType", oidcGrantType)); - - if (capabilities.isPresent(Capability.SMALLRYE_OPENAPI)) { - devConsoleTemplate.produce(new DevConsoleTemplateInfoBuildItem("swaggerIsAvailable", true)); - } - if (capabilities.isPresent(Capability.SMALLRYE_GRAPHQL)) { - devConsoleTemplate.produce(new DevConsoleTemplateInfoBuildItem("graphqlIsAvailable", true)); - } - devConsoleTemplate.produce(new DevConsoleTemplateInfoBuildItem("introspectionIsAvailable", introspectionIsAvailable)); - - devConsoleRuntimeInfo.produce( - new DevConsoleRuntimeTemplateInfoBuildItem("clientId", - new OidcConfigPropertySupplier(CLIENT_ID_CONFIG_KEY), this.getClass(), curateOutcomeBuildItem)); - devConsoleRuntimeInfo.produce( - new DevConsoleRuntimeTemplateInfoBuildItem("clientSecret", - new OidcConfigPropertySupplier(CLIENT_SECRET_CONFIG_KEY, ""), this.getClass(), curateOutcomeBuildItem)); - devConsoleRuntimeInfo.produce( - new DevConsoleRuntimeTemplateInfoBuildItem("authorizationUrl", - new OidcConfigPropertySupplier(AUTHORIZATION_PATH_CONFIG_KEY, authorizationUrl, true), this.getClass(), - curateOutcomeBuildItem)); - devConsoleRuntimeInfo.produce( - new DevConsoleRuntimeTemplateInfoBuildItem("tokenUrl", - new OidcConfigPropertySupplier(TOKEN_PATH_CONFIG_KEY, tokenUrl, true), this.getClass(), - curateOutcomeBuildItem)); - devConsoleRuntimeInfo.produce( - new DevConsoleRuntimeTemplateInfoBuildItem("logoutUrl", - new OidcConfigPropertySupplier(END_SESSION_PATH_CONFIG_KEY, logoutUrl, true), this.getClass(), - curateOutcomeBuildItem)); - devConsoleRuntimeInfo.produce( - new DevConsoleRuntimeTemplateInfoBuildItem("postLogoutUriParam", - new OidcConfigPropertySupplier(POST_LOGOUT_URI_PARAM_CONFIG_KEY), this.getClass(), - curateOutcomeBuildItem)); - devConsoleRuntimeInfo.produce( - new DevConsoleRuntimeTemplateInfoBuildItem("scopes", - new OidcConfigPropertySupplier(SCOPES_KEY), this.getClass(), curateOutcomeBuildItem)); - - } - - protected void produceDevConsoleRouteItems(BuildProducer devConsoleRoute, - DevConsolePostHandler testServiceWithToken, - DevConsolePostHandler exchangeCodeForTokens, - DevConsolePostHandler passwordClientCredHandler) { - devConsoleRoute.produce(new DevConsoleRouteBuildItem("testServiceWithToken", "POST", testServiceWithToken)); - devConsoleRoute.produce(new DevConsoleRouteBuildItem("exchangeCodeForTokens", "POST", exchangeCodeForTokens)); - devConsoleRoute.produce(new DevConsoleRouteBuildItem("testService", "POST", passwordClientCredHandler)); - } - protected static CardPageBuildItem createProviderWebComponent(OidcDevUiRecorder recorder, Capabilities capabilities, String oidcProviderName, diff --git a/extensions/oidc/deployment/src/main/java/io/quarkus/oidc/deployment/devservices/OidcAuthorizationCodePostHandler.java b/extensions/oidc/deployment/src/main/java/io/quarkus/oidc/deployment/devservices/OidcAuthorizationCodePostHandler.java deleted file mode 100644 index bc89bf0f29b71..0000000000000 --- a/extensions/oidc/deployment/src/main/java/io/quarkus/oidc/deployment/devservices/OidcAuthorizationCodePostHandler.java +++ /dev/null @@ -1,57 +0,0 @@ -package io.quarkus.oidc.deployment.devservices; - -import static io.quarkus.oidc.runtime.devui.OidcDevServicesUtils.getTokens; - -import java.time.Duration; -import java.util.Map; - -import org.jboss.logging.Logger; - -import io.quarkus.devconsole.runtime.spi.DevConsolePostHandler; -import io.vertx.core.MultiMap; -import io.vertx.core.Vertx; -import io.vertx.ext.web.RoutingContext; - -public class OidcAuthorizationCodePostHandler extends DevConsolePostHandler { - - private static final Logger LOG = Logger.getLogger(OidcAuthorizationCodePostHandler.class); - Vertx vertxInstance; - Duration timeout; - Map grantOptions; - - public OidcAuthorizationCodePostHandler(Vertx vertxInstance, Duration timeout, - Map> grantOptions) { - this.vertxInstance = vertxInstance; - this.timeout = timeout; - this.grantOptions = grantOptions.get("code"); - } - - @Override - protected void handlePostAsync(RoutingContext event, MultiMap form) throws Exception { - try { - final String tokens = getTokens( - form.get("tokenUrl"), - form.get("client"), - form.get("clientSecret"), - form.get("authorizationCode"), - form.get("redirectUri"), - vertxInstance, - grantOptions) - .onFailure().recoverWithNull() - .await().atMost(timeout); - event.put("tokens", tokens); - } catch (Throwable t) { - LOG.errorf("Token can not be acquired from OpenId Connect provider: %s", t.toString()); - } - } - - @Override - protected void actionSuccess(RoutingContext event) { - event.response().setStatusCode(200); - String tokens = (String) event.get("tokens"); - if (tokens != null) { - event.response().end(tokens); - } - } - -} diff --git a/extensions/oidc/deployment/src/main/java/io/quarkus/oidc/deployment/devservices/OidcDevConsoleProcessor.java b/extensions/oidc/deployment/src/main/java/io/quarkus/oidc/deployment/devservices/OidcDevUIProcessor.java similarity index 79% rename from extensions/oidc/deployment/src/main/java/io/quarkus/oidc/deployment/devservices/OidcDevConsoleProcessor.java rename to extensions/oidc/deployment/src/main/java/io/quarkus/oidc/deployment/devservices/OidcDevUIProcessor.java index 2951847d8fcde..7e094aeccf6c6 100644 --- a/extensions/oidc/deployment/src/main/java/io/quarkus/oidc/deployment/devservices/OidcDevConsoleProcessor.java +++ b/extensions/oidc/deployment/src/main/java/io/quarkus/oidc/deployment/devservices/OidcDevUIProcessor.java @@ -17,10 +17,6 @@ import io.quarkus.deployment.builditem.ConfigurationBuildItem; import io.quarkus.deployment.builditem.CuratedApplicationShutdownBuildItem; import io.quarkus.deployment.builditem.RuntimeConfigSetupCompleteBuildItem; -import io.quarkus.deployment.pkg.builditem.CurateOutcomeBuildItem; -import io.quarkus.devconsole.spi.DevConsoleRouteBuildItem; -import io.quarkus.devconsole.spi.DevConsoleRuntimeTemplateInfoBuildItem; -import io.quarkus.devconsole.spi.DevConsoleTemplateInfoBuildItem; import io.quarkus.devui.spi.JsonRPCProvidersBuildItem; import io.quarkus.devui.spi.page.CardPageBuildItem; import io.quarkus.oidc.OidcTenantConfig; @@ -41,9 +37,9 @@ import io.vertx.mutiny.ext.web.client.HttpResponse; import io.vertx.mutiny.ext.web.client.WebClient; -public class OidcDevConsoleProcessor extends AbstractDevConsoleProcessor { +public class OidcDevUIProcessor extends AbstractDevUIProcessor { static volatile Vertx vertxInstance; - private static final Logger LOG = Logger.getLogger(OidcDevConsoleProcessor.class); + private static final Logger LOG = Logger.getLogger(OidcDevUIProcessor.class); private static final String TENANT_ENABLED_CONFIG_KEY = CONFIG_PREFIX + "tenant-enabled"; private static final String DISCOVERY_ENABLED_CONFIG_KEY = CONFIG_PREFIX + "discovery-enabled"; @@ -63,11 +59,8 @@ public class OidcDevConsoleProcessor extends AbstractDevConsoleProcessor { @Record(ExecutionTime.RUNTIME_INIT) @BuildStep(onlyIf = IsDevelopment.class) @Consume(RuntimeConfigSetupCompleteBuildItem.class) - void prepareOidcDevConsole(BuildProducer devConsoleInfo, - BuildProducer devConsoleRuntimeInfo, - CuratedApplicationShutdownBuildItem closeBuildItem, - BuildProducer devConsoleRoute, - Capabilities capabilities, CurateOutcomeBuildItem curateOutcomeBuildItem, + void prepareOidcDevConsole(CuratedApplicationShutdownBuildItem closeBuildItem, + Capabilities capabilities, BuildProducer syntheticBeanBuildItemBuildProducer, NonApplicationRootPathBuildItem nonApplicationRootPathBuildItem, BuildProducer cardPageProducer, @@ -107,35 +100,8 @@ public void run() { } } String providerName = tryToGetProviderName(authServerUrl); - if (KEYCLOAK.equals(providerName)) { - devConsoleInfo.produce(new DevConsoleTemplateInfoBuildItem("keycloakAdminUrl", - authServerUrl.substring(0, authServerUrl.indexOf("/realms/")))); - } boolean metadataNotNull = metadata != null; - // old DEV UI - produceDevConsoleTemplateItems(capabilities, - devConsoleInfo, - devConsoleRuntimeInfo, - curateOutcomeBuildItem, - providerName, - getApplicationType(providerConfig), - oidcConfig.devui.grant.type.isPresent() ? oidcConfig.devui.grant.type.get().getGrantType() : "code", - metadataNotNull ? metadata.getString("authorization_endpoint") : null, - metadataNotNull ? metadata.getString("token_endpoint") : null, - metadataNotNull ? metadata.getString("end_session_endpoint") : null, - metadataNotNull - ? (metadata.containsKey("introspection_endpoint") || metadata.containsKey("userinfo_endpoint")) - : checkProviderUserInfoRequired(providerConfig)); - - produceDevConsoleRouteItems(devConsoleRoute, - new OidcTestServiceHandler(vertxInstance, oidcConfig.devui.webClientTimeout), - new OidcAuthorizationCodePostHandler(vertxInstance, oidcConfig.devui.webClientTimeout, - oidcConfig.devui.grantOptions), - new OidcPasswordClientCredHandler(vertxInstance, oidcConfig.devui.webClientTimeout, - oidcConfig.devui.grantOptions)); - - // new DEV UI final String keycloakAdminUrl; if (KEYCLOAK.equals(providerName)) { keycloakAdminUrl = authServerUrl.substring(0, authServerUrl.indexOf("/realms/")); diff --git a/extensions/oidc/deployment/src/main/java/io/quarkus/oidc/deployment/devservices/OidcPasswordClientCredHandler.java b/extensions/oidc/deployment/src/main/java/io/quarkus/oidc/deployment/devservices/OidcPasswordClientCredHandler.java deleted file mode 100644 index d7c9b82b47c65..0000000000000 --- a/extensions/oidc/deployment/src/main/java/io/quarkus/oidc/deployment/devservices/OidcPasswordClientCredHandler.java +++ /dev/null @@ -1,63 +0,0 @@ -package io.quarkus.oidc.deployment.devservices; - -import java.time.Duration; -import java.util.Map; - -import org.jboss.logging.Logger; - -import io.quarkus.devconsole.runtime.spi.DevConsolePostHandler; -import io.quarkus.oidc.runtime.devui.OidcDevServicesUtils; -import io.smallrye.mutiny.Uni; -import io.vertx.core.MultiMap; -import io.vertx.core.Vertx; -import io.vertx.ext.web.RoutingContext; - -public class OidcPasswordClientCredHandler extends DevConsolePostHandler { - private static final Logger LOG = Logger.getLogger(OidcPasswordClientCredHandler.class); - Map users; - - Vertx vertxInstance; - Duration timeout; - Map passwordGrantOptions; - Map clientCredGrantOptions; - - public OidcPasswordClientCredHandler(Vertx vertxInstance, Duration timeout, Map> grantOptions) { - this(vertxInstance, timeout, Map.of(), grantOptions); - } - - public OidcPasswordClientCredHandler(Vertx vertxInstance, Duration timeout, Map users, - Map> grantOptions) { - this.vertxInstance = vertxInstance; - this.timeout = timeout; - this.users = users; - this.passwordGrantOptions = grantOptions.get("password"); - this.clientCredGrantOptions = grantOptions.get("client"); - } - - @Override - protected void handlePostAsync(RoutingContext event, MultiMap form) throws Exception { - final Uni result; - if ("password".equals(form.get("grant"))) { - result = OidcDevServicesUtils - .testServiceWithPassword(form.get("tokenUrl"), form.get("serviceUrl"), form.get("client"), - form.get("clientSecret"), form.get("user"), form.get("password"), vertxInstance, timeout, - passwordGrantOptions, users); - } else { - result = OidcDevServicesUtils - .testServiceWithClientCred(form.get("tokenUrl"), form.get("serviceUrl"), form.get("client"), - form.get("clientSecret"), vertxInstance, timeout, clientCredGrantOptions); - } - event.put("result", result - .onFailure().recoverWithNull() - .await().indefinitely()); - } - - @Override - protected void actionSuccess(RoutingContext event) { - event.response().setStatusCode(200); - String result = (String) event.get("result"); - if (result != null) { - event.response().end(result); - } - } -} diff --git a/extensions/oidc/deployment/src/main/java/io/quarkus/oidc/deployment/devservices/OidcTestServiceHandler.java b/extensions/oidc/deployment/src/main/java/io/quarkus/oidc/deployment/devservices/OidcTestServiceHandler.java deleted file mode 100644 index e3917cc01a411..0000000000000 --- a/extensions/oidc/deployment/src/main/java/io/quarkus/oidc/deployment/devservices/OidcTestServiceHandler.java +++ /dev/null @@ -1,46 +0,0 @@ -package io.quarkus.oidc.deployment.devservices; - -import static io.quarkus.oidc.runtime.devui.OidcDevServicesUtils.testServiceWithToken; - -import java.time.Duration; - -import org.jboss.logging.Logger; - -import io.quarkus.devconsole.runtime.spi.DevConsolePostHandler; -import io.vertx.core.MultiMap; -import io.vertx.core.Vertx; -import io.vertx.ext.web.RoutingContext; - -public class OidcTestServiceHandler extends DevConsolePostHandler { - private static final Logger LOG = Logger.getLogger(OidcTestServiceHandler.class); - - Vertx vertxInstance; - Duration timeout; - - public OidcTestServiceHandler(Vertx vertxInstance, Duration timeout) { - this.vertxInstance = vertxInstance; - this.timeout = timeout; - } - - @Override - protected void handlePostAsync(RoutingContext event, MultiMap form) throws Exception { - testServiceInternal(event, form.get("serviceUrl"), form.get("token")); - } - - private void testServiceInternal(RoutingContext event, String serviceUrl, String token) { - var statusCode = testServiceWithToken(serviceUrl, token, vertxInstance) - .onFailure().recoverWithNull() - .await() - .atMost(timeout); - event.put("result", String.valueOf(statusCode)); - } - - @Override - protected void actionSuccess(RoutingContext event) { - event.response().setStatusCode(200); - String result = (String) event.get("result"); - if (result != null) { - event.response().end(result); - } - } -} diff --git a/extensions/oidc/deployment/src/main/java/io/quarkus/oidc/deployment/devservices/keycloak/KeycloakDevConsoleProcessor.java b/extensions/oidc/deployment/src/main/java/io/quarkus/oidc/deployment/devservices/keycloak/KeycloakDevUIProcessor.java similarity index 51% rename from extensions/oidc/deployment/src/main/java/io/quarkus/oidc/deployment/devservices/keycloak/KeycloakDevConsoleProcessor.java rename to extensions/oidc/deployment/src/main/java/io/quarkus/oidc/deployment/devservices/keycloak/KeycloakDevUIProcessor.java index 0f32d572e9861..1127d02c099a6 100644 --- a/extensions/oidc/deployment/src/main/java/io/quarkus/oidc/deployment/devservices/keycloak/KeycloakDevConsoleProcessor.java +++ b/extensions/oidc/deployment/src/main/java/io/quarkus/oidc/deployment/devservices/keycloak/KeycloakDevUIProcessor.java @@ -14,60 +14,20 @@ import io.quarkus.deployment.annotations.Record; import io.quarkus.deployment.builditem.ConfigurationBuildItem; import io.quarkus.deployment.builditem.RuntimeConfigSetupCompleteBuildItem; -import io.quarkus.deployment.pkg.builditem.CurateOutcomeBuildItem; -import io.quarkus.devconsole.spi.DevConsoleRouteBuildItem; -import io.quarkus.devconsole.spi.DevConsoleRuntimeTemplateInfoBuildItem; -import io.quarkus.devconsole.spi.DevConsoleTemplateInfoBuildItem; import io.quarkus.devui.spi.JsonRPCProvidersBuildItem; import io.quarkus.devui.spi.page.CardPageBuildItem; import io.quarkus.devui.spi.page.Page; import io.quarkus.oidc.deployment.OidcBuildTimeConfig; -import io.quarkus.oidc.deployment.devservices.AbstractDevConsoleProcessor; -import io.quarkus.oidc.deployment.devservices.OidcAuthorizationCodePostHandler; -import io.quarkus.oidc.deployment.devservices.OidcPasswordClientCredHandler; -import io.quarkus.oidc.deployment.devservices.OidcTestServiceHandler; +import io.quarkus.oidc.deployment.devservices.AbstractDevUIProcessor; import io.quarkus.oidc.runtime.devui.OidcDevJsonRpcService; import io.quarkus.oidc.runtime.devui.OidcDevUiRecorder; import io.quarkus.vertx.http.deployment.NonApplicationRootPathBuildItem; -public class KeycloakDevConsoleProcessor extends AbstractDevConsoleProcessor { +public class KeycloakDevUIProcessor extends AbstractDevUIProcessor { KeycloakBuildTimeConfig keycloakConfig; OidcBuildTimeConfig oidcConfig; - @BuildStep(onlyIf = IsDevelopment.class) - @Consume(RuntimeConfigSetupCompleteBuildItem.class) - public void setConfigProperties(BuildProducer devConsoleInfo, - BuildProducer devConsoleRuntimeInfo, - Optional configProps, - Capabilities capabilities, CurateOutcomeBuildItem curateOutcomeBuildItem) { - if (configProps.isPresent() && configProps.get().getConfig().containsKey("keycloak.url")) { - devConsoleInfo.produce( - new DevConsoleTemplateInfoBuildItem("keycloakAdminUrl", configProps.get().getConfig().get("keycloak.url"))); - devConsoleInfo.produce( - new DevConsoleTemplateInfoBuildItem("keycloakUsers", - configProps.get().getProperties().get("oidc.users"))); - devConsoleInfo.produce( - new DevConsoleTemplateInfoBuildItem("keycloakRealms", - configProps.get().getProperties().get("keycloak.realms"))); - - String realmUrl = configProps.get().getConfig().get("quarkus.oidc.auth-server-url"); - - produceDevConsoleTemplateItems(capabilities, - devConsoleInfo, - devConsoleRuntimeInfo, - curateOutcomeBuildItem, - "Keycloak", - (String) configProps.get().getConfig().get("quarkus.oidc.application-type"), - oidcConfig.devui.grant.type.isPresent() ? oidcConfig.devui.grant.type.get().getGrantType() - : keycloakConfig.devservices.grant.type.getGrantType(), - realmUrl + "/protocol/openid-connect/auth", - realmUrl + "/protocol/openid-connect/token", - realmUrl + "/protocol/openid-connect/logout", - true); - } - } - @Record(ExecutionTime.RUNTIME_INIT) @BuildStep(onlyIf = IsDevelopment.class) @Consume(RuntimeConfigSetupCompleteBuildItem.class) @@ -122,21 +82,4 @@ void produceProviderComponent(Optional confi JsonRPCProvidersBuildItem produceOidcDevJsonRpcService() { return new JsonRPCProvidersBuildItem(OidcDevJsonRpcService.class); } - - @BuildStep(onlyIf = IsDevelopment.class) - void invokeEndpoint(BuildProducer devConsoleRoute, - Optional configProps) { - if (configProps.isPresent() && configProps.get().getConfig().containsKey("keycloak.url")) { - @SuppressWarnings("unchecked") - Map users = (Map) configProps.get().getProperties().get("oidc.users"); - produceDevConsoleRouteItems(devConsoleRoute, - new OidcTestServiceHandler(KeycloakDevServicesProcessor.vertxInstance, oidcConfig.devui.webClientTimeout), - new OidcAuthorizationCodePostHandler(KeycloakDevServicesProcessor.vertxInstance, - oidcConfig.devui.webClientTimeout, - oidcConfig.devui.grantOptions), - new OidcPasswordClientCredHandler(KeycloakDevServicesProcessor.vertxInstance, - oidcConfig.devui.webClientTimeout, users, - oidcConfig.devui.grantOptions)); - } - } } diff --git a/extensions/oidc/deployment/src/main/resources/dev-templates/embedded.html b/extensions/oidc/deployment/src/main/resources/dev-templates/embedded.html deleted file mode 100644 index 6166e2f8b5631..0000000000000 --- a/extensions/oidc/deployment/src/main/resources/dev-templates/embedded.html +++ /dev/null @@ -1,13 +0,0 @@ -{#if info:oidcProviderUrlBase??} - - - Provider: {info:oidcProviderName} -{#else if info:oidcProviderName??} - - - Provider: {info:oidcProviderName} -{#else if info:authorizationUrl??} - - - Dev Console -{/if} diff --git a/extensions/oidc/deployment/src/main/resources/dev-templates/provider.html b/extensions/oidc/deployment/src/main/resources/dev-templates/provider.html deleted file mode 100644 index 2e459b2375ce1..0000000000000 --- a/extensions/oidc/deployment/src/main/resources/dev-templates/provider.html +++ /dev/null @@ -1,856 +0,0 @@ -{#include main fluid=true} -{#title} -{#if info:oidcProviderName??} -{info:oidcProviderName} -{#else} -OpenId Connect Dev Console -{/if} -{/title} -{#script} - -var port = {config:property('quarkus.http.port')}; - -{#if info:oidcApplicationType is 'service' || info:oidcApplicationType is 'hybrid'} - var devRoot = '{devRootAppend}'; - var encodedDevRoot = devRoot.replaceAll("/", "%2F"); - - {#if info:oidcGrantType is 'implicit' || info:oidcGrantType is 'code'} - var accessToken; - var idToken; - var loggedIn = false; - var userName; - - $( document ).ready(function() { - - if(tokensInUrl()){ - loggedIn === true; - $('.implicitLoggedOut').hide(); - $('.loginError').hide(); - $('.implicitLoggedIn').show(); - var hash = window.location.hash; - accessToken = hash.match(/access_token=([^&]+)/)[1]; - idToken = hash.match(/id_token=([^&]+)/)[1]; - $('#accessTokenEncodedArea').html(prettyToken(accessToken)); - $('#accessTokenDecodedArea').html(decodeToken(accessToken)); - $('#idTokenEncodedArea').html(prettyToken(idToken)); - $('#idTokenDecodedArea').html(decodeToken(idToken)); - }else if(codeInUrl()){ - loggedIn === true; - $('.implicitLoggedOut').hide(); - $('.loginError').hide(); - $('.implicitLoggedIn').show(); - var search = window.location.search; - var code = decodeURIComponent(search.match(/code=([^&]+)/)[1]); - var state = search.match(/state=([^&]+)/)[1]; - exchangeCodeForTokens(code, state); - }else if(errorInUrl()){ - loggedIn === false; - $('.implicitLoggedOut').hide(); - $('.implicitLoggedIn').hide(); - $('.loginError').show(); - printLoginError(); - }else{ - loggedIn === false; - $('.implicitLoggedOut').show(); - $('.implicitLoggedIn').hide(); - $('.loginError').hide(); - accessToken = null; - idToken = null; - userName = null; - $('#accessTokenEncodedArea').text(''); - $('#accessTokenDecodedArea').text(''); - $('#idTokenEncodedArea').text(''); - $('#idTokenDecodedArea').text(''); - $('#errorDescription').text(''); - } - }); - - function showLoginToSpa() { - $('.implicitLoggedOut').show(); - $('.loginError').hide(); - } - - function tokensInUrl(){ - return idTokenInUrl() && accessTokenInUrl(); - } - - function idTokenInUrl(){ - return inUrl('id_token'); - } - - function accessTokenInUrl(){ - return inUrl('access_token'); - } - - function codeInUrl(){ - return inUrl('code'); - } - - function errorInUrl(){ - return inUrl('error_description'); - } - - function inUrl(field){ - var url = window.location.href; - if(url.indexOf('?' + field + '=') != -1) - return true; - else if(url.indexOf('&' + field + '=') != -1) - return true; - return false; - } - - function signInToOidcProviderAndGetTokens() { - var address; - var state; - var clientId = getClientId(); - var scopes = '{info:scopes??}'; - {#if info:keycloakAdminUrl?? && info:keycloakRealms??} - address = '{info:keycloakAdminUrl??}' + "/realms/" + $('#keycloakRealm').val() + "/protocol/openid-connect/auth"; - state = makeid() + "_" + $('#keycloakRealm').val() + "_" + clientId; - {#else} - address = '{info:authorizationUrl??}'; - state = makeid(); - {/if} - {#if info:oidcGrantType is 'implicit'} - window.location.href = address - + "?client_id=" + clientId - + "&redirect_uri=" + "http%3A%2F%2Flocalhost%3A" + port + encodedDevRoot + "%2Fio.quarkus.quarkus-oidc%2Fprovider" - + "&scope=" + scopes + "&response_type=token id_token&response_mode=query&prompt=login" - + "&nonce=" + makeid() - + "&state=" + state; - {#else} - window.location.href = address - + "?client_id=" + clientId - + "&redirect_uri=" + "http%3A%2F%2Flocalhost%3A" + port + encodedDevRoot + "%2Fio.quarkus.quarkus-oidc%2Fprovider" - + "&scope=" + scopes + "&response_type=code&response_mode=query&prompt=login" - + "&nonce=" + makeid() - + "&state=" + state; - {/if} - } - - function testServiceWithAccessToken(){ - var servicePath = getServicePath(); - $.post("testServiceWithToken", - { - serviceUrl: "http://localhost:" + port + servicePath, - token: accessToken - }, - function(data, status){ - printResponseData(data, "Access Token, " + "service path: " + servicePath); - }); - } - - function testServiceWithIdToken(){ - var servicePath = getServicePath(); - $.post("testServiceWithToken", - { - serviceUrl: "http://localhost:" + port + servicePath, - token: idToken - }, - function(data, status){ - printResponseData(data, "ID Token, " + "service path: " + servicePath); - }); - } - - function makeid() { - var result = ''; - var characters = 'ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789'; - var charactersLength = characters.length; - for ( var i = 0; i < 7; i++ ) { - result += characters.charAt(Math.floor(Math.random() * charactersLength)); - } - return result; - } - - function accessTokenToClipboard(){ - copyToClipboard(accessToken,"dummyAccessTokenClipBoard"); - } - - function idTokenToClipboard(){ - copyToClipboard(idToken,"dummyIdTokenClipBoard"); - } - - function navigateToSwaggerUi(){ - navigateToSwaggerUiWithToken(getTokenForNavigation()) - } - - function navigateToGraphQLUi(){ - navigateToGraphQLUiWithToken(getTokenForNavigation()) - } - - function getTokenForNavigation(){ - {#if info:introspectionIsAvailable??} - return accessToken; - {#else} - var parts = accessToken.split("."); - return parts.length == 3 ? accessToken : idToken; - {/if} - } - - function copyToClipboard(token, type){ - var dummy = document.createElement("input"); - document.body.appendChild(dummy); - dummy.setAttribute("id", type); - document.getElementById(type).value=token; - dummy.select(); - document.execCommand("copy"); - document.body.removeChild(dummy); - } - - function logout() { - localStorage.removeItem('authorized'); - - var address; - {#if info:keycloakAdminUrl?? && info:keycloakRealms??} - address = '{info:keycloakAdminUrl??}' + "/realms/" + $('#keycloakRealm').val() + "/protocol/openid-connect/logout"; - {#else} - address = '{info:logoutUrl??}'; - {/if} - window.location.assign(address - + "?" + '{info:postLogoutUriParam??}' + "=" + "http%3A%2F%2Flocalhost%3A" + port + encodedDevRoot + "%2Fio.quarkus.quarkus-oidc%2Fprovider" - + "&" + "id_token_hint" + "=" + idToken); - } - - function exchangeCodeForTokens(code, state){ - var address = '{info:tokenUrl??}'; - var clientId = '{info:clientId??}'; - if (state && state.includes("_")) { - var parts = state.substring(index + 1).split("_"); - var index = address.indexOf("/realms/"); - address = address.substring(0, index + 8) + parts[1] + "/protocol/openid-connect/token"; - clientId = parts[2]; - } - $.post("exchangeCodeForTokens", - { - tokenUrl: address, - client: clientId, - clientSecret: '{info:clientSecret}', - authorizationCode: code, - redirectUri: "http://localhost:" + port + devRoot + "/io.quarkus.quarkus-oidc/provider" - }, - function(data, status){ - var tokens = JSON.parse(data); - accessToken = tokens.access_token - $('#accessTokenEncodedArea').html(prettyToken(accessToken)); - $('#accessTokenDecodedArea').html(decodeToken(accessToken)); - if ("id_token" in tokens) { - idToken = tokens.id_token - $('#idTokenEncodedArea').html(prettyToken(idToken)); - $('#idTokenDecodedArea').html(decodeToken(idToken)); - } - }); - } - - function decodeToken(token) { - var parts = token.split("."); - if (parts.length == 3) { - var headers = window.atob(parts[0]); - var payload = window.atob(parts[1]); - var jsonPayload = JSON.parse(payload); - if (!userName) { - if (jsonPayload.upn) { - userName = jsonPayload.upn; - } else if (jsonPayload.preferred_username) { - userName = jsonPayload.preferred_username; - } else if (jsonPayload.name) { - userName = jsonPayload.name; - } - if (userName) { - $('#loggedInUser').append("Logged in as " + userName + " "); - } - } - return "
" + 
-                    JSON.stringify(JSON.parse(headers), null, 4) + 
-                    "
" + 
-                    JSON.stringify(jsonPayload,null,4) + "
" + - parts[2] + ""; - } else { - return token; - } - } - - function prettyToken(token){ - var parts = token.split("."); - if (parts.length == 3) { - var headers = parts[0]; - var payload = parts[1]; - var signature = parts[2]; - - return "" + parts[0] + "." + parts[1] + "." + parts[2] + ""; - } else { - return token; - } - } - - function printLoginError(){ - var search = window.location.search; - var errorDescription = search.match(/error_description=([^&]+)/)[1]; - $('#errorDescription').append(""); - $('#errorDescription').append("" + "Login error: " + decodeURI(errorDescription).replaceAll("+", " ") + ""); - } - - {/if} - -{#else} -function signInToService(servicePath) { - window.open("http://localhost:" + port + servicePath); -} -{/if} - -{#if info:oidcGrantType is 'password'} - - function testServiceWithPassword(userName, password, servicePath){ - $.post("testService", - { - tokenUrl: getTokenUrl(), - serviceUrl: "http://localhost:" + port + servicePath, - client: getClientId(), - clientSecret: getClientSecret(), - user: userName, - password: password, - grant: '{info:oidcGrantType}' - }, - function(data, status){ - printResponseData(data, "User: " + userName + ", " + "service path: " + servicePath); - }); - } - - function testServiceWithPasswordInSwaggerUi(userName, password){ - $.post("testService", - { - tokenUrl: getTokenUrl(), - client: getClientId(), - clientSecret: getClientSecret(), - user: userName, - password: password, - grant: '{info:oidcGrantType}' - }, - function(data, status){ - navigateToSwaggerUiWithToken(data); - }); - } - - function testServiceWithPasswordInGraphQLUi(userName){ - $.post("testService", - { - tokenUrl: getTokenUrl(), - client: getClientId(), - clientSecret: getClientSecret(), - user: userName, - grant: '{info:oidcGrantType}' - }, - function(data, status){ - navigateToGraphQLUiWithToken(data); - }); - } -{/if} - -{#if info:oidcGrantType is 'client_credentials'} - function testServiceWithClientCredentials(servicePath) { - $.post("testService", - { - tokenUrl: getTokenUrl(), - serviceUrl: "http://localhost:" + port + servicePath, - client: getClientId(), - clientSecret: getClientSecret(), - grant: '{info:oidcGrantType}' - }, - function(data, status){ - printResponseData(data, "Service path: " + servicePath); - }); - } - function testServiceWithClientCredentialsInSwaggerUi(){ - $.post("testService", - { - tokenUrl: getTokenUrl(), - client: getClientId(), - clientSecret: getClientSecret(), - grant: '{info:oidcGrantType}' - }, - function(data, status){ - navigateToSwaggerUiWithToken(data); - }); - } - - function testServiceWithClientCredentialsInGraphQLUi(){ - $.post("testService", - { - tokenUrl: getTokenUrl(), - client: getClientId(), - clientSecret: getClientSecret(), - grant: '{info:oidcGrantType}' - }, - function(data, status){ - navigateToGraphQLUiWithToken(data); - }); - } -{/if} - -function navigateToSwaggerUiWithToken(token){ - {#if info:swaggerIsAvailable??} - var url = "{config:http-path('quarkus.swagger-ui.path')}"; - - var authorizedValue = { - "SecurityScheme":{ - "schema":{ - "flow":"implicit", - "authorizationUrl":"{info:authorizationUrl??}", - "tokenUrl":"{info:tokenUrl??}", - "type":"oauth2", - "description":"Authentication" - }, - "clientId":"{info:clientId}", - "name":"SecurityScheme", - "token":{ - "access_token":token, - "token_type":"Bearer", - "expires_in":"900" - } - } - }; - - localStorage.setItem('authorized', JSON.stringify(authorizedValue)); - window.open(url, '_blank').focus(); - {/if} -} - -function navigateToGraphQLUiWithToken(token){ - {#if info:graphqlIsAvailable??} - var url = "{config:http-path('quarkus.smallrye-graphql.ui.root-path')}"; - var headerJson = '{"authorization": "Bearer ' + token + '"}'; - url = url + '/?' + encodeURIComponent('headers') + '=' + encodeURIComponent(headerJson); - window.open(url, '_blank').focus(); - {/if} -} - -function printResponseData(data, message){ - if(data.startsWith("2")){ - $('#results').append(""); - }else { - $('#results').append(""); - } - $('#results').append("" + new Date().toLocaleString() + " : "); - $('#results').append("" + message + ", result : "); - $('#results').append("" + data + ""); - $('#results').append("
"); -} - -function getServicePath() { - var servicePath = $('#servicePath').val(); - return servicePath.startsWith("/") ? servicePath : ("/" + servicePath); -} - -function getTokenUrl() { - {#if info:keycloakAdminUrl?? && info:keycloakRealms??} - return '{info:keycloakAdminUrl??}' + "/realms/" + $('#keycloakRealm').val() + "/protocol/openid-connect/token"; - {#else} - return '{info:tokenUrl??}'; - {/if} -} - -function clearResults() { - $('#results').text(''); -} - -function getClientId() { - {#if info:keycloakAdminUrl?? && info:keycloakRealms??} - return $('#clientId').val(); - {#else} - return '{info:clientId??}'; - {/if} -} - -function getClientSecret() { - {#if info:keycloakAdminUrl?? && info:keycloakRealms??} - return $('#clientSecret').val(); - {#else} - return '{info:clientSecret??}'; - {/if} -} - -{/script} - -{#body} -

- -{#if info:keycloakAdminUrl??} -

-{/if} - -
-{#if info:oidcApplicationType?? is 'service' || info:oidcApplicationType?? is 'hybrid'} - {#if info:oidcGrantType is 'implicit' || info:oidcGrantType is 'code'} - -
-
- {#if info:keycloakAdminUrl?? && info:keycloakRealms??} - {#let realms=info:keycloakRealms??} -
-
-
- -
-
- -
-
-
-
- -
-
- -
-
-
- {/let} - {/if} - - Log into Single Page Application - -
-
-
-
-
- -
-
- - - -
-
-
-
-
-
- Your tokens -
-
- - {#if info:logoutUrl??} - - - - {/if} -
-
-
- - -
-
-
-
-
-
Encoded
-

- -

-
-
-
-
-
Decoded
-

- -

-
-
- -
-
-
-
- - - -
-
-
-
-
-
Encoded
-

- -

-
-
-
-
-
Decoded
-

- -

-
-
- -
-
-
-
-
-
-
-
-
- Test your service -
-
- {#if info:swaggerIsAvailable??} - - Swagger UI - - {/if} - {#if info:graphqlIsAvailable??} - - GraphQL UI - - {/if} -
-
-
-
-
- -
-
- -
-
-
-
- -
-
- -
-
- -
- -
-
- - - - -
-
- {#else if info:oidcGrantType is 'password'} -
-
- Get access token and test your service -
-
- {#if info:keycloakAdminUrl?? && info:keycloakRealms??} - {#let realms=info:keycloakRealms??} -
-
-
- -
-
- -
-
-
-
- -
-
- -
-
-
-
- -
-
- -
-
-
- {/let} - {/if} -
-
- -
-
- -
-
-
-
- -
-
- -
-
-
-
- -
-
- -
-
-
-
- -
-
- {#if info:swaggerIsAvailable??} - - Swagger UI - - {/if} - {#if info:graphqlIsAvailable??} - - GraphQL UI - - {/if} -
-
- -
-
- -
- - - -
-
- {#else if info:oidcGrantType is 'client_credentials'} -
-
- Get access token for the client and test your service -
-
- {#if info:keycloakAdminUrl?? && info:keycloakRealms??} - {#let realms=info:keycloakRealms??} -
-
-
- -
-
- -
-
-
-
- -
-
- -
-
-
-
- -
-
- -
-
- {/let} - {/if} -
-
- -
-
- -
-
-
-
- -
-
- {#if info:swaggerIsAvailable??} - - Swagger UI - - {/if} - {#if info:graphqlIsAvailable??} - - GraphQL UI - - {/if} -
-
- -
-
- -
- - - -
-
- {/if} -{#else} -
-
-
-
- -
-
- -
-
-
-
- -
-
-
-
-{/if} -
-{/body} -{/include} diff --git a/integration-tests/devmode/src/test/java/io/quarkus/test/devconsole/DevConsoleOidcNoDiscoverySmokeTest.java b/integration-tests/devmode/src/test/java/io/quarkus/test/devconsole/DevConsoleOidcNoDiscoverySmokeTest.java deleted file mode 100644 index 9e157fa81e514..0000000000000 --- a/integration-tests/devmode/src/test/java/io/quarkus/test/devconsole/DevConsoleOidcNoDiscoverySmokeTest.java +++ /dev/null @@ -1,36 +0,0 @@ -package io.quarkus.test.devconsole; - -import org.hamcrest.Matchers; -import org.jboss.shrinkwrap.api.asset.StringAsset; -import org.junit.jupiter.api.Test; -import org.junit.jupiter.api.extension.RegisterExtension; - -import io.quarkus.test.QuarkusDevModeTest; -import io.restassured.RestAssured; - -/** - * Note that this test cannot be placed under the relevant {@code -deployment} module because then the DEV UI processor would - * not be able to locate the template resources correctly. - */ -public class DevConsoleOidcNoDiscoverySmokeTest { - - @RegisterExtension - static final QuarkusDevModeTest config = new QuarkusDevModeTest() - .withApplicationRoot((jar) -> jar.addAsResource(createApplicationProperties(), - "application.properties")); - - @Test - public void testOidcProviderTemplate() { - RestAssured.get("q/dev-v1/io.quarkus.quarkus-oidc/provider") - .then() - .statusCode(200).body(Matchers.containsString("OpenId Connect Dev Console")); - } - - private static StringAsset createApplicationProperties() { - return new StringAsset("quarkus.oidc.auth-server-url=http://localhost/oidc\n" - + "quarkus.oidc.client-id=client\n" - + "quarkus.oidc.discovery-enabled=false\n" - + "quarkus.oidc.introspection-path=introspect\n"); - - } -} diff --git a/integration-tests/devmode/src/test/java/io/quarkus/test/devconsole/DevConsoleOidcSmokeTest.java b/integration-tests/devmode/src/test/java/io/quarkus/test/devconsole/DevConsoleOidcSmokeTest.java deleted file mode 100644 index c35bd9c84a761..0000000000000 --- a/integration-tests/devmode/src/test/java/io/quarkus/test/devconsole/DevConsoleOidcSmokeTest.java +++ /dev/null @@ -1,26 +0,0 @@ -package io.quarkus.test.devconsole; - -import org.hamcrest.Matchers; -import org.junit.jupiter.api.Test; -import org.junit.jupiter.api.extension.RegisterExtension; - -import io.quarkus.test.QuarkusDevModeTest; -import io.restassured.RestAssured; - -/** - * Note that this test cannot be placed under the relevant {@code -deployment} module because then the DEV UI processor would - * not be able to locate the template resources correctly. - */ -public class DevConsoleOidcSmokeTest { - - @RegisterExtension - static final QuarkusDevModeTest config = new QuarkusDevModeTest() - .withEmptyApplication(); - - @Test - public void testOidcProviderTemplate() { - RestAssured.get("q/dev-v1/io.quarkus.quarkus-oidc/provider") - .then() - .statusCode(200).body(Matchers.containsString("OpenId Connect Dev Console")); - } -}