Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Allow fallback configuration for KeycloakConnectModule #140

Open
blured75 opened this issue Nov 7, 2022 · 1 comment
Open

Allow fallback configuration for KeycloakConnectModule #140

blured75 opened this issue Nov 7, 2022 · 1 comment
Labels
Type: Enhancement New feature or request

Comments

@blured75
Copy link

blured75 commented Nov 7, 2022
edited
Loading

Hello,

First of all, thanks a lot for this module.
I've got however a proposition to extend this module : It would super helpful, that we can set 2 configurations for KCM. I mean one standard and the other in case of any problem with the first. The idea is to make the query with the first configuration and if there is anykind of problem like technical error or user rejected or not authorized, the fallback configuration could be used automatically.

The idea is that in my NestJs application I need to authenticate the "normal" user and the "technical" ones with the same endpoints. The "normal" ones use a KC Client with a signed JWT Authenticator and the "technical" ones with a clientId & Secret.

Current configuration in my app.module.ts

KeycloakConnectModule.registerAsync({
      useFactory: (configService: ConfigService) => {
        return {
          authServerUrl: configService.get('KEYCLOAK_URL'),
          realm: 'b2b',
          clientId: 'normal-service',
          secret: 'not-set',
          cookieKey: 'KEYCLOAK_JWT',
          logLevels: ['warn'],
          tokenValidation: TokenValidation.OFFLINE,
        };
      },
      imports: [ConfigModule],
      inject: [ConfigService],
    }),

What I would expect - something like

 KeycloakConnectModule.registerAsync({
      useFactory: (configService: ConfigService) => {
        return [{
          authServerUrl: configService.get('KEYCLOAK_URL'),
          realm: 'b2b',
          clientId: 'normal-service',
          secret: 'not-set',
          cookieKey: 'KEYCLOAK_JWT',
          logLevels: ['warn'],
          tokenValidation: TokenValidation.OFFLINE,
        },
        {
          authServerUrl: configService.get('KEYCLOAK_URL'),
          realm: 'b2b',
          clientId: 'fallback-service',
          secret: 'not-set',
          cookieKey: 'KEYCLOAK_JWT',
          logLevels: ['warn'],
          tokenValidation: TokenValidation.OFFLINE,
        }
        ];
      },
      imports: [ConfigModule],
      inject: [ConfigService],
    }),

I hope you'll find this idea not so crazy oder useless :)

Blured.
@ferrerojosh
Copy link
Owner

Its basically like an alternate client (not close enough to be called a load balancer, maybe secondary dns?). But its on the same keycloak instance. I find it quite strange and yes crazy.

@ferrerojosh ferrerojosh added the Type: Enhancement New feature or request label Dec 16, 2022
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
Type: Enhancement New feature or request
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@blured75 @ferrerojosh