diff --git a/PiBox.Plugins/Authorization/Keycloak/src/PiBox.Plugins.Authorization.Keycloak/KeycloakPluginConfiguration.cs b/PiBox.Plugins/Authorization/Keycloak/src/PiBox.Plugins.Authorization.Keycloak/KeycloakPluginConfiguration.cs index b219bb6..912f71d 100644 --- a/PiBox.Plugins/Authorization/Keycloak/src/PiBox.Plugins.Authorization.Keycloak/KeycloakPluginConfiguration.cs +++ b/PiBox.Plugins/Authorization/Keycloak/src/PiBox.Plugins.Authorization.Keycloak/KeycloakPluginConfiguration.cs @@ -20,7 +20,7 @@ public class KeycloakPluginConfiguration public Uri GetHealthCheck() { if (string.IsNullOrEmpty(HealthCheck.Host)) throw new ArgumentException("Keycloak.Uri was not specified but health check is enabled!"); - var httpScheme = (Insecure ? HttpScheme.Http : HttpScheme.Https).ToString(); + var httpScheme = (HealthCheck.Insecure ? HttpScheme.Http : HttpScheme.Https).ToString(); return Port.HasValue ? new UriBuilder(httpScheme, HealthCheck.Host, HealthCheck.Port.Value).Uri : new UriBuilder(httpScheme, HealthCheck.Host).Uri; @@ -43,6 +43,7 @@ public class RealmsConfig public class HealthCheckConfig { + public bool Insecure { get; set; } = true; public string Host { get; set; } public int? Port { get; set; } = 9000; public string Prefix { get; set; } = "/health/ready"; diff --git a/PiBox.Plugins/Authorization/Keycloak/test/PiBox.Plugins.Authorization.Keycloak.Tests/KeycloakPluginTests.cs b/PiBox.Plugins/Authorization/Keycloak/test/PiBox.Plugins.Authorization.Keycloak.Tests/KeycloakPluginTests.cs index a062dfe..938b37e 100644 --- a/PiBox.Plugins/Authorization/Keycloak/test/PiBox.Plugins.Authorization.Keycloak.Tests/KeycloakPluginTests.cs +++ b/PiBox.Plugins/Authorization/Keycloak/test/PiBox.Plugins.Authorization.Keycloak.Tests/KeycloakPluginTests.cs @@ -127,6 +127,47 @@ public void ConfigureHealthChecks_Use9000ForHealth() } }; var uriBuilder = new UriBuilder(config.GetHealthCheck()) { Path = config.HealthCheck.Prefix }; + uriBuilder.Uri.Should().Be("http://example.com:9000/health/ready"); + } + + [Test] + public void ConfigureHealthChecks_UseInsecureAsDefaultForHealth() + { + var config = new KeycloakPluginConfiguration + { + Enabled = true, + Host = "example.com", + Insecure = false, + Port = 8080, + HealthCheck = new HealthCheckConfig + { + Host = "example.com", + Port = 9000, + Prefix = "/health/ready" + } + }; + var uriBuilder = new UriBuilder(config.GetHealthCheck()) { Path = config.HealthCheck.Prefix }; + uriBuilder.Uri.Should().Be("http://example.com:9000/health/ready"); + } + + [Test] + public void ConfigureHealthChecks_InsecureFalseForcesHttps() + { + var config = new KeycloakPluginConfiguration + { + Enabled = true, + Host = "example.com", + Insecure = false, + Port = 8080, + HealthCheck = new HealthCheckConfig + { + Host = "example.com", + Port = 9000, + Prefix = "/health/ready", + Insecure = false + } + }; + var uriBuilder = new UriBuilder(config.GetHealthCheck()) { Path = config.HealthCheck.Prefix }; uriBuilder.Uri.Should().Be("https://example.com:9000/health/ready"); } @@ -146,7 +187,7 @@ public void ConfigureHealthChecks_WithSettingHealthCheckHost() }; var uriBuilder = new UriBuilder(config.GetHealthCheck()) { Path = config.HealthCheck.Prefix }; - uriBuilder.Uri.Should().Be("https://example.com:9000/health/ready"); + uriBuilder.Uri.Should().Be("http://example.com:9000/health/ready"); } [Test] @@ -166,7 +207,7 @@ public void ConfigureHealthChecks_DifferentPrefixAndPort() } }; var uriBuilder = new UriBuilder(config.GetHealthCheck()) { Path = config.HealthCheck.Prefix }; - uriBuilder.Uri.Should().Be("https://health.com:9999/something/notready"); + uriBuilder.Uri.Should().Be("http://health.com:9999/something/notready"); } [Test] @@ -186,7 +227,7 @@ public void ConfigureHealthChecks_DefaultHealthHost() } }; var uriBuilder = new UriBuilder(config.GetHealthCheck()) { Path = config.HealthCheck.Prefix }; - uriBuilder.Uri.Should().Be("https://example.com:9999/something/notready"); + uriBuilder.Uri.Should().Be("http://example.com:9999/something/notready"); } private static void AssertMiddleware(ICall call)