From a5609aed918b4b53eda377f78374dd4abe5d2eb1 Mon Sep 17 00:00:00 2001 From: ychacon Date: Thu, 8 Jun 2023 12:42:31 +0200 Subject: [PATCH] Improvement: get realm from config file Issue-ID: NONRTRIC-833 Signed-off-by: ychacon Change-Id: I22cca61c8cda6b1ce71bc811203a329634a90da8 --- capifcore/README.md | 6 +++++- capifcore/configs/keycloak.yaml | 1 + capifcore/docker-compose.yml | 12 ++++++++++++ capifcore/internal/keycloak/keycloak.go | 23 ++++++++++++++++++++--- 4 files changed, 38 insertions(+), 4 deletions(-) diff --git a/capifcore/README.md b/capifcore/README.md index b4149f9..38a0aa2 100644 --- a/capifcore/README.md +++ b/capifcore/README.md @@ -104,8 +104,12 @@ To run the Core Function from the command line, run the following commands from ./capifcore [-port ] [-secPort ] [-chartMuseumUrl ] [-repoName ] [-loglevel ] [-certPath ] [-keyPath ] -Use docker compose file to start Keycloak: +Use docker compose file to start CAPIF core together with Keycloak: docker-compose up +**NOTE!** There is a configuration file in configs/keycloak.yaml with information related to keycloak host, when running locally the host value must be set to localhost (Eg. host: "localhost") and when using docker-compose set value of host to keycloak (Eg. host:"keycloak") + +Before using CAPIF API invoker management, an invoker realm must be created in keycloak. Make sure it is created before running CAPIF core. After creating the realm in keycloak, set the name in the keycloak.yaml configuration file. + To run CAPIF Core as a K8s pod together with ChartMuseum, start and stop scripts are provided. The pod configurations are provided in the `configs` folder. CAPIF Core is then available on port `31570`. diff --git a/capifcore/configs/keycloak.yaml b/capifcore/configs/keycloak.yaml index 3f05b42..7fb171f 100644 --- a/capifcore/configs/keycloak.yaml +++ b/capifcore/configs/keycloak.yaml @@ -23,4 +23,5 @@ authorizationServer: user: "admin" password: "secret" realms: + master: "master" invokerrealm: "invokerrealm" diff --git a/capifcore/docker-compose.yml b/capifcore/docker-compose.yml index da2be5b..7772559 100644 --- a/capifcore/docker-compose.yml +++ b/capifcore/docker-compose.yml @@ -74,9 +74,21 @@ services: networks: - capif + capifcore: + container_name: sme-capifcore + image: capifcore:v1 + ports: + - 8090:8090 + depends_on: + - keycloak + entrypoint: ["/capifcore"] + networks: + - capif + networks: capif: driver: bridge + name: capifnet volumes: postgres_data: diff --git a/capifcore/internal/keycloak/keycloak.go b/capifcore/internal/keycloak/keycloak.go index 200f8d4..a4506e0 100644 --- a/capifcore/internal/keycloak/keycloak.go +++ b/capifcore/internal/keycloak/keycloak.go @@ -84,7 +84,12 @@ type Jwttoken struct { func (km *KeycloakManager) GetToken(realm string, data map[string][]string) (Jwttoken, error) { var jwt Jwttoken - getTokenUrl := km.keycloakServerUrl + "/realms/" + realm + "/protocol/openid-connect/token" + realmVal, ok := km.realms[realm] + if !ok { + log.Errorf("error realm does not exist\n") + return jwt, errors.New("realm does not exist") + } + getTokenUrl := km.keycloakServerUrl + "/realms/" + realmVal + "/protocol/openid-connect/token" resp, err := http.PostForm(getTokenUrl, data) if err != nil { @@ -128,7 +133,13 @@ func (km *KeycloakManager) AddClient(clientId string, realm string) error { return err } - createClientUrl := km.keycloakServerUrl + "/admin/realms/" + realm + "/clients" + realmVal, ok := km.realms[realm] + if !ok { + log.Errorf("error realm does not exist\n") + return errors.New("realm does not exist") + } + + createClientUrl := km.keycloakServerUrl + "/admin/realms/" + realmVal + "/clients" newClient := map[string]interface{}{"clientId": clientId, "serviceAccountsEnabled": true} body, err := json.Marshal(newClient) @@ -156,7 +167,13 @@ func (km *KeycloakManager) GetClientRepresentation(clientId string, realm string return nil, err } - createClientUrl, _ := url.Parse(km.keycloakServerUrl + "/admin/realms/" + realm + "/clients") + realmVal, ok := km.realms[realm] + if !ok { + log.Errorf("error realm does not exist\n") + return nil, errors.New("realm does not exist") + } + + createClientUrl, _ := url.Parse(km.keycloakServerUrl + "/admin/realms/" + realmVal + "/clients") q := createClientUrl.Query() q.Add("clientId", clientId) createClientUrl.RawQuery = q.Encode() -- 2.16.6