From 9fd9fa482cba2f37eed158c9fa5d80f9fc9129a9 Mon Sep 17 00:00:00 2001
From: Martin Weise <martin.weise@tuwien.ac.at>
Date: Mon, 3 Feb 2025 09:16:59 +0100
Subject: [PATCH] Push correct urls

Signed-off-by: Martin Weise <martin.weise@tuwien.ac.at>
---
 .docker/docker-compose.yml           |  1 -
 .docs/api/auth-service.md            |  4 ----
 .docs/api/ui.md                      |  1 +
 .gitlab/agents/dev/values.yaml       |  2 +-
 dbrepo-ui/layouts/default.vue        |  1 +
 dbrepo-ui/nuxt.config.ts             | 17 ++++++++++-------
 docker-compose.yml                   |  7 +++++--
 helm/dbrepo/templates/ui-secret.yaml |  7 +++++--
 8 files changed, 23 insertions(+), 17 deletions(-)

diff --git a/.docker/docker-compose.yml b/.docker/docker-compose.yml
index d82f3b45f8..4d33cc34e5 100644
--- a/.docker/docker-compose.yml
+++ b/.docker/docker-compose.yml
@@ -305,7 +305,6 @@ services:
       NUXT_PUBLIC_API_CLIENT: "${BASE_URL:-http://localhost}"
       NUXT_PUBLIC_API_SERVER: "${BASE_URL:-http://gateway-service}"
       NUXT_PUBLIC_UPLOAD_CLIENT: "${BASE_URL:-http://localhost}/api/upload/files"
-      NUXT_OIDC_PROVIDERS_KEYCLOAK_BASE_URL: "${BASE_URL:-http://localhost:8080}/realms/dbrepo"
       NUXT_OIDC_PROVIDERS_KEYCLOAK_CLIENT_ID: "${AUTH_SERVICE_CLIENT:-dbrepo-client}"
       NUXT_OIDC_PROVIDERS_KEYCLOAK_CLIENT_SECRET: "${AUTH_SERVICE_CLIENT:-MUwRc7yfXSJwX8AdRMWaQC3Nep1VjwgG}"
       NUXT_OIDC_PROVIDERS_KEYCLOAK_REDIRECT_URI: "${BASE_URL:-http://localhost}/auth/keycloak/callback"
diff --git a/.docs/api/auth-service.md b/.docs/api/auth-service.md
index 93e87beaf2..7b28901a9b 100644
--- a/.docs/api/auth-service.md
+++ b/.docs/api/auth-service.md
@@ -88,10 +88,6 @@ which is imported into Keycloak on startup.
 
 ## Limitations
 
-* No support for sending e-mails through Keycloak by default.
-* No support for temporary passwords.
-* No support for multi-factor authentication.
-
 !!! question "Do you miss functionality? Do these limitations affect you?"
 
     We strongly encourage you to help us implement it as we are welcoming contributors to open-source software and get
diff --git a/.docs/api/ui.md b/.docs/api/ui.md
index 30b32c0a0c..b82058c19b 100644
--- a/.docs/api/ui.md
+++ b/.docs/api/ui.md
@@ -101,6 +101,7 @@ See the [API Overview](..) page for detailed examples.
 
 ## Limitations
 
+* Changing the OIDC provider URL requires to build the UI from scratch.
 * When developing locally, the `axios` module does not parse custom headers (such as `X-Count`, `X-Headers`) and/or
   blocks CORS requests wrongfully.
 
diff --git a/.gitlab/agents/dev/values.yaml b/.gitlab/agents/dev/values.yaml
index 70ada3ca20..b4f5790706 100644
--- a/.gitlab/agents/dev/values.yaml
+++ b/.gitlab/agents/dev/values.yaml
@@ -132,7 +132,7 @@ metricdb:
 ui:
   enabled: true
   image:
-    name: registry.datalab.tuwien.ac.at/dbrepo/ui:1.6.3rc0
+    name: registry.datalab.tuwien.ac.at/dbrepo/ui:1.6.3rc3-datalab-dev
   public:
     api:
       client: https://s155.datalab.tuwien.ac.at
diff --git a/dbrepo-ui/layouts/default.vue b/dbrepo-ui/layouts/default.vue
index 50aa155d86..bd2b12e13a 100644
--- a/dbrepo-ui/layouts/default.vue
+++ b/dbrepo-ui/layouts/default.vue
@@ -173,6 +173,7 @@ useServerHead({
 import JumboBox from '@/components/JumboBox.vue'
 import { useCacheStore } from '@/stores/cache.js'
 import { errorCodeKey, makeError } from '@/utils'
+import {useNuxtApp} from "#app";
 
 export default {
   components: {
diff --git a/dbrepo-ui/nuxt.config.ts b/dbrepo-ui/nuxt.config.ts
index 28505257a2..911e91131d 100644
--- a/dbrepo-ui/nuxt.config.ts
+++ b/dbrepo-ui/nuxt.config.ts
@@ -110,22 +110,25 @@ export default defineNuxtConfig({
   },
 
   oidc: {
+    defaultProvider: 'keycloak',
     providers: {
       keycloak: {
-        audience: 'account',
-        baseUrl: 'http://localhost/realms/dbrepo',
-        clientId: 'dbrepo-client',
+        clientId: '',
         clientSecret: '', // inject on runtime
+        authorizationUrl: '',
+        userInfoUrl: '',
+        tokenUrl: '',
+        logoutUrl: '',
         scope: ['openid', 'roles'],
         optionalClaims: ['realm_access'],
-        redirectUri: 'http://localhost/auth/keycloak/callback',
-        userNameClaim: 'preferred_username',
+        redirectUri: '',
         exposeAccessToken: true,
-        logoutRedirectUri: 'http://localhost',
+        logoutRedirectUri: '',
       },
     },
     middleware: {
-      globalMiddlewareEnabled: false
+      globalMiddlewareEnabled: false,
+      customLoginPage: false
     },
   },
 
diff --git a/docker-compose.yml b/docker-compose.yml
index 25e0b39733..8e81d42e04 100644
--- a/docker-compose.yml
+++ b/docker-compose.yml
@@ -335,11 +335,14 @@ services:
       NUXT_PUBLIC_API_CLIENT: "${BASE_URL:-http://localhost}"
       NUXT_PUBLIC_API_SERVER: "${BASE_URL:-http://gateway-service}"
       NUXT_PUBLIC_UPLOAD_CLIENT: "${BASE_URL:-http://localhost}/api/upload/files"
-      NUXT_OIDC_PROVIDERS_KEYCLOAK_BASE_URL: "${BASE_URL:-http://localhost}/realms/dbrepo"
+      NUXT_OIDC_PROVIDERS_KEYCLOAK_AUTHORIZATION_URL: "${BASE_URL:-http://localhost}/realms/dbrepo/protocol/openid-connect/auth"
       NUXT_OIDC_PROVIDERS_KEYCLOAK_CLIENT_ID: "${AUTH_SERVICE_CLIENT:-dbrepo-client}"
       NUXT_OIDC_PROVIDERS_KEYCLOAK_CLIENT_SECRET: "${AUTH_SERVICE_CLIENT:-MUwRc7yfXSJwX8AdRMWaQC3Nep1VjwgG}"
-      NUXT_OIDC_PROVIDERS_KEYCLOAK_REDIRECT_URI: "${BASE_URL:-http://localhost}/auth/keycloak/callback"
       NUXT_OIDC_PROVIDERS_KEYCLOAK_LOGOUT_REDIRECT_URI: "${BASE_URL:-http://localhost}"
+      NUXT_OIDC_PROVIDERS_KEYCLOAK_LOGOUT_URL: "${BASE_URL:-http://localhost}/realms/dbrepo/protocol/openid-connect/logout"
+      NUXT_OIDC_PROVIDERS_KEYCLOAK_REDIRECT_URI: "${BASE_URL:-http://localhost}/auth/keycloak/callback"
+      NUXT_OIDC_PROVIDERS_KEYCLOAK_TOKEN_URL: "${BASE_URL:-http://localhost}/realms/dbrepo/protocol/openid-connect/token"
+      NUXT_OIDC_PROVIDERS_KEYCLOAK_USER_INFO_URL: "${BASE_URL:-http://localhost}/realms/dbrepo/protocol/openid-connect/userinfo"
     depends_on:
       dbrepo-search-service:
         condition: service_healthy
diff --git a/helm/dbrepo/templates/ui-secret.yaml b/helm/dbrepo/templates/ui-secret.yaml
index 3e1a6c6388..3afb602785 100644
--- a/helm/dbrepo/templates/ui-secret.yaml
+++ b/helm/dbrepo/templates/ui-secret.yaml
@@ -22,9 +22,12 @@ stringData:
   NUXT_PUBLIC_PID_DEFAULT_PUBLISHER: "{{ .Values.ui.public.pid.default.publisher }}"
   NUXT_PUBLIC_UPLOAD_CLIENT: "{{ .Values.ui.public.upload.client | default $uploadEndpoint }}"
   NUXT_PUBLIC_BROKER_CONNECTIONS: "{{ include "dbrepo.broker.connections" . }}"
-  NUXT_OIDC_PROVIDERS_KEYCLOAK_BASE_URL: "{{ .Values.gateway }}/realms/dbrepo"
+  NUXT_OIDC_PROVIDERS_KEYCLOAK_AUTHORIZATION_URL: "{{ .Values.gateway }}/realms/dbrepo/protocol/openid-connect/auth"
   NUXT_OIDC_PROVIDERS_KEYCLOAK_CLIENT_ID: "{{ .Values.authservice.client.id }}"
   NUXT_OIDC_PROVIDERS_KEYCLOAK_CLIENT_SECRET: "{{ .Values.authservice.client.secret }}"
-  NUXT_OIDC_PROVIDERS_KEYCLOAK_REDIRECT_URI: "{{ .Values.gateway }}/auth/keycloak/callback"
   NUXT_OIDC_PROVIDERS_KEYCLOAK_LOGOUT_REDIRECT_URI: "{{ .Values.gateway }}"
+  NUXT_OIDC_PROVIDERS_KEYCLOAK_LOGOUT_URL: "{{ .Values.gateway }}/realms/dbrepo/protocol/openid-connect/logout"
+  NUXT_OIDC_PROVIDERS_KEYCLOAK_REDIRECT_URI: "{{ .Values.gateway }}/auth/keycloak/callback"
+  NUXT_OIDC_PROVIDERS_KEYCLOAK_TOKEN_URL: "{{ .Values.gateway }}/realms/dbrepo/protocol/openid-connect/token"
+  NUXT_OIDC_PROVIDERS_KEYCLOAK_USER_INFO_URL: "{{ .Values.gateway }}/realms/dbrepo/protocol/openid-connect/userinfo"
 {{- end }}
-- 
GitLab