Skip to content

Commit ac61ae5

Browse files
MasterCarlMasterCarl
authored
feat: keycloak internal server URL
* Fix examples * Add serverUrlInternal option
1 parent eef7119 commit ac61ae5

File tree

3 files changed

+13
-3
lines changed

3 files changed

+13
-3
lines changed

playground/.env.example

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -32,6 +32,7 @@ NUXT_OAUTH_BATTLEDOTNET_CLIENT_SECRET=
3232
NUXT_OAUTH_KEYCLOAK_CLIENT_ID=
3333
NUXT_OAUTH_KEYCLOAK_CLIENT_SECRET=
3434
NUXT_OAUTH_KEYCLOAK_SERVER_URL=
35+
NUXT_OAUTH_KEYCLOAK_SERVER_URL_INTERNAL=
3536
NUXT_OAUTH_KEYCLOAK_REALM=
3637
# LinkedIn
3738
NUXT_OAUTH_LINKEDIN_CLIENT_ID=

src/module.ts

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -232,6 +232,7 @@ export default defineNuxtModule<ModuleOptions>({
232232
clientId: '',
233233
clientSecret: '',
234234
serverUrl: '',
235+
serverUrlInternal: '',
235236
realm: '',
236237
redirectURL: '',
237238
})

src/runtime/server/lib/oauth/keycloak.ts

Lines changed: 11 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -19,10 +19,17 @@ export interface OAuthKeycloakConfig {
1919
clientSecret?: string
2020
/**
2121
* Keycloak OAuth Server URL
22-
* @example http://192.168.1.10:8080/auth
22+
* @example http://192.168.1.10:8080
2323
* @default process.env.NUXT_OAUTH_KEYCLOAK_SERVER_URL
2424
*/
2525
serverUrl?: string
26+
/**
27+
* Optional Keycloak OAuth Server URL to use internally, e.g. if Nuxt connects to a Docker hostname while the browser
28+
* redirect goes to localhost
29+
* @example http://keycloak:8080
30+
* @default process.env.NUXT_OAUTH_KEYCLOAK_SERVER_URL_INTERNAL
31+
*/
32+
serverUrlInternal?: string
2633
/**
2734
* Keycloak OAuth Realm
2835
* @default process.env.NUXT_OAUTH_KEYCLOAK_REALM
@@ -40,7 +47,7 @@ export interface OAuthKeycloakConfig {
4047
*/
4148
authorizationParams?: Record<string, string>
4249
/**
43-
* Redirect URL to to allow overriding for situations like prod failing to determine public hostname
50+
* Redirect URL to allow overriding for situations like prod failing to determine public hostname
4451
* @default process.env.NUXT_OAUTH_KEYCLOAK_REDIRECT_URL or current URL
4552
*/
4653
redirectURL?: string
@@ -78,9 +85,10 @@ export function defineOAuthKeycloakEventHandler({
7885
}
7986

8087
const realmURL = `${config.serverUrl}/realms/${config.realm}`
88+
const realmURLInternal = `${config.serverUrlInternal || config.serverUrl}/realms/${config.realm}`
8189

8290
const authorizationURL = `${realmURL}/protocol/openid-connect/auth`
83-
const tokenURL = `${realmURL}/protocol/openid-connect/token`
91+
const tokenURL = `${realmURLInternal}/protocol/openid-connect/token`
8492
const redirectURL = config.redirectURL || getOAuthRedirectURL(event)
8593

8694
if (!query.code) {

0 commit comments

Comments
 (0)