From 930306d00ffdcd4f111c6072b6982a2c905b176c Mon Sep 17 00:00:00 2001 From: Norman Schmidt <60552466+norman-schmidt@users.noreply.github.com> Date: Mon, 21 Aug 2023 11:29:51 +0200 Subject: [PATCH] fix: Keycloak logout issue --- .../src/app/header/header.component.ts | 7 ++--- .../services/user-service/user.service.ts | 29 ++----------------- security-c4po-cfg/docker-compose.yml | 2 +- 3 files changed, 5 insertions(+), 33 deletions(-) diff --git a/security-c4po-angular/src/app/header/header.component.ts b/security-c4po-angular/src/app/header/header.component.ts index 54b68f9..556d452 100644 --- a/security-c4po-angular/src/app/header/header.component.ts +++ b/security-c4po-angular/src/app/header/header.component.ts @@ -12,7 +12,6 @@ import {UserService} from '@shared/services/user-service/user.service'; import {User} from '@shared/models/user.model'; import {BehaviorSubject} from 'rxjs'; import {Route} from '@shared/models/route.enum'; -import {environment} from '../../environments/environment'; import {Router} from '@angular/router'; import {DialogService} from '@shared/services/dialog-service/dialog.service'; import {ProfileSettingsComponent} from '@shared/modules/profile-settings/profile-settings.component'; @@ -148,9 +147,7 @@ export class HeaderComponent implements OnInit { } onClickLogOut(): void { - // ToDo: Has to be implemented once HTTPS works - - /*this.userService.logout().then(() => { + this.userService.logout().then(() => { console.warn('logout success'); // Route user back to default page this.router.navigate([Route.HOME]).then(() => { @@ -162,6 +159,6 @@ export class HeaderComponent implements OnInit { }); }, err => { console.error(err); - });*/ + }); } } diff --git a/security-c4po-angular/src/shared/services/user-service/user.service.ts b/security-c4po-angular/src/shared/services/user-service/user.service.ts index 4b8d4f0..dca6478 100644 --- a/security-c4po-angular/src/shared/services/user-service/user.service.ts +++ b/security-c4po-angular/src/shared/services/user-service/user.service.ts @@ -1,24 +1,16 @@ import {Injectable} from '@angular/core'; -import {HttpClient, HttpHeaders} from '@angular/common/http'; +import {HttpHeaders} from '@angular/common/http'; import {User} from '../../models/user.model'; import {from, Observable, of, Subscriber} from 'rxjs'; -import {Store} from '@ngxs/store'; import {KeycloakService} from 'keycloak-angular'; import {map} from 'rxjs/operators'; -import {environment} from '../../../environments/environment'; -import {Route} from '@shared/models/route.enum'; -import {Project} from '@shared/models/project.model'; @Injectable({ providedIn: 'root' }) export class UserService { - private keycloakBaseURL = `${environment.keycloakURL}/`; - - constructor(private http: HttpClient, - private keycloakService: KeycloakService, - private store: Store) { + constructor(private keycloakService: KeycloakService) { } private static createHttpHeadersWithContentType(token: string): HttpHeaders { @@ -48,25 +40,8 @@ export class UserService { return this.keycloakService.logout(); } - // ToDo: Change update profile propterties OR ... - // ...In our angular application, best way to change password was to create “button” with “hardcoded” link to: - // https://keycloakUrl/realms/myrealm/protocol/openid-connect/auth 58 - // ?response_type=code - // &client_id=myclient - // &redirect_uri=myAppUrl - // &kc_action=UPDATE_PASSWORD - // ToDo: Or use API - // https://stackoverflow.com/questions/33910615/is-there-an-api-call-for-changing-user-password-on-keycloak - - // ToDo: https://www.keycloak.org/docs/latest/server_development/ public changeUserProperties(user: User): Observable { - // ToDo: There is a kc_action parameter available in keycloak to let application force required actions. console.warn(user); - /*../realms/myrealm/protocol/openid-connect/auth - ?response_type=code - &client_id=myclient - &redirect_uri=https://myclient.com - &kc_action=update_profile*/ return of(user); } diff --git a/security-c4po-cfg/docker-compose.yml b/security-c4po-cfg/docker-compose.yml index 6556d8c..9dca2f4 100644 --- a/security-c4po-cfg/docker-compose.yml +++ b/security-c4po-cfg/docker-compose.yml @@ -37,7 +37,7 @@ services: - ./cfg/c4po_realm_export.json/:/opt/keycloak/data/import/c4po_realm_export.json ports: - 8080:8080 - entrypoint: /opt/keycloak/bin/kc.sh start-dev --import-realm --http-relative-path=/auth + entrypoint: /opt/keycloak/bin/kc.sh --spi-login-protocol-openid-connect-legacy-logout-redirect-uri=true start-dev --import-realm --http-relative-path=/auth networks: - c4po # Services