Code Review / nonrtric / plt / sme.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | review | tree
raw | patch | inline | side by side (from parent 1: c1c21a5)
Improvement: get realm from config file 98/11298/1 1.1.0
authorychacon <yennifer.chacon@est.tech>
Thu, 8 Jun 2023 10:42:31 +0000 (12:42 +0200)
committerychacon <yennifer.chacon@est.tech>
Thu, 8 Jun 2023 10:42:31 +0000 (12:42 +0200)
Issue-ID: NONRTRIC-833
Signed-off-by: ychacon <yennifer.chacon@est.tech>
Change-Id: I22cca61c8cda6b1ce71bc811203a329634a90da8

capifcore/README.md patch | blob | history
capifcore/configs/keycloak.yaml patch | blob | history
capifcore/docker-compose.yml patch | blob | history
capifcore/internal/keycloak/keycloak.go patch | blob | history

diff --git a/capifcore/README.md b/capifcore/README.md
index b4149f9..38a0aa2 100644 (file)
--- a/capifcore/README.md
+++ b/capifcore/README.md
@@ -104,8 +104,12 @@ To run the Core Function from the command line, run the following commands from
 
     ./capifcore [-port <port (default 8090)>] [-secPort <Secure port (default 4433)>] [-chartMuseumUrl <URL to ChartMuseum>] [-repoName <Helm repo name (default capifcore)>] [-loglevel <log level (default Info)>] [-certPath <Path to certificate>] [-keyPath <Path to private key>]
 
-Use docker compose file to start Keycloak:
+Use docker compose file to start CAPIF core together with Keycloak:
 
     docker-compose up
 
+**NOTE!** There is a configuration file in configs/keycloak.yaml with information related to keycloak host, when running locally the host value must be set to localhost (Eg. host: "localhost") and when using docker-compose set value of host to keycloak (Eg. host:"keycloak")
+
+Before using CAPIF API invoker management, an invoker realm must be created in keycloak. Make sure it is created before running CAPIF core. After creating the realm in keycloak, set the name in the keycloak.yaml configuration file.
+
 To run CAPIF Core as a K8s pod together with ChartMuseum, start and stop scripts are provided. The pod configurations are provided in the `configs` folder. CAPIF Core is then available on port `31570`.
diff --git a/capifcore/configs/keycloak.yaml b/capifcore/configs/keycloak.yaml
index 3f05b42..7fb171f 100644 (file)
--- a/capifcore/configs/keycloak.yaml
+++ b/capifcore/configs/keycloak.yaml
@@ -23,4 +23,5 @@ authorizationServer:
     user: "admin"
     password: "secret"
   realms:
+   master: "master"
    invokerrealm: "invokerrealm"
diff --git a/capifcore/docker-compose.yml b/capifcore/docker-compose.yml
index da2be5b..7772559 100644 (file)
--- a/capifcore/docker-compose.yml
+++ b/capifcore/docker-compose.yml
@@ -74,9 +74,21 @@ services:
     networks:
       - capif
 
+  capifcore:
+    container_name: sme-capifcore
+    image: capifcore:v1
+    ports:
+      - 8090:8090
+    depends_on:
+      - keycloak
+    entrypoint: ["/capifcore"]
+    networks:
+      - capif
+
 networks:
   capif:
     driver: bridge
+    name: capifnet
 
 volumes:
     postgres_data:
diff --git a/capifcore/internal/keycloak/keycloak.go b/capifcore/internal/keycloak/keycloak.go
index 200f8d4..a4506e0 100644 (file)
--- a/capifcore/internal/keycloak/keycloak.go
+++ b/capifcore/internal/keycloak/keycloak.go
@@ -84,7 +84,12 @@ type Jwttoken struct {
 
 func (km *KeycloakManager) GetToken(realm string, data map[string][]string) (Jwttoken, error) {
        var jwt Jwttoken
-       getTokenUrl := km.keycloakServerUrl + "/realms/" + realm + "/protocol/openid-connect/token"
+       realmVal, ok := km.realms[realm]
+       if !ok {
+               log.Errorf("error realm does not exist\n")
+               return jwt, errors.New("realm does not exist")
+       }
+       getTokenUrl := km.keycloakServerUrl + "/realms/" + realmVal + "/protocol/openid-connect/token"
        resp, err := http.PostForm(getTokenUrl, data)
 
        if err != nil {
@@ -128,7 +133,13 @@ func (km *KeycloakManager) AddClient(clientId string, realm string) error {
                return err
        }
 
-       createClientUrl := km.keycloakServerUrl + "/admin/realms/" + realm + "/clients"
+       realmVal, ok := km.realms[realm]
+       if !ok {
+               log.Errorf("error realm does not exist\n")
+               return errors.New("realm does not exist")
+       }
+
+       createClientUrl := km.keycloakServerUrl + "/admin/realms/" + realmVal + "/clients"
        newClient := map[string]interface{}{"clientId": clientId, "serviceAccountsEnabled": true}
 
        body, err := json.Marshal(newClient)
@@ -156,7 +167,13 @@ func (km *KeycloakManager) GetClientRepresentation(clientId string, realm string
                return nil, err
        }
 
-       createClientUrl, _ := url.Parse(km.keycloakServerUrl + "/admin/realms/" + realm + "/clients")
+       realmVal, ok := km.realms[realm]
+       if !ok {
+               log.Errorf("error realm does not exist\n")
+               return nil, errors.New("realm does not exist")
+       }
+
+       createClientUrl, _ := url.Parse(km.keycloakServerUrl + "/admin/realms/" + realmVal + "/clients")
        q := createClientUrl.Query()
        q.Add("clientId", clientId)
        createClientUrl.RawQuery = q.Encode()
"nonrtric_plt_sme"