KnockOutWhist/KnockOutWhist-Web
4
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases 72 Wiki Activity

feat: Simplify authorization request creation in OpenIDConnectService and use environment variables for Keycloak configuration

Browse Source
This commit is contained in:
Janis
2026-01-20 20:39:48 +01:00
parent 6479f68b6c
commit 82a9706deb
2 changed files with 11 additions and 26 deletions
Download Patch File Download Diff File Expand all files Collapse all files

33
knockoutwhistweb/app/services/OpenIDConnectService.scala
View File

@@ -75,30 +75,15 @@ class OpenIDConnectService@Inject(ws: WSClient, config: Configuration)(implicit
def getAuthorizationUrl(providerName: String, state: String, nonce: String): Option[String] = { def getAuthorizationUrl(providerName: String, state: String, nonce: String): Option[String] = {
providers.get(providerName).map { provider => providers.get(providerName).map { provider =>
val authRequest = if (provider.scopes.contains("openid")) { val authRequest = new AuthorizationRequest.Builder(
// Use OpenID Connect AuthenticationRequest for OpenID providers new ResponseType(ResponseType.Value.CODE),
new AuthenticationRequest.Builder( new com.nimbusds.oauth2.sdk.id.ClientID(provider.clientId)
new ResponseType(ResponseType.Value.CODE), )
new com.nimbusds.oauth2.sdk.Scope(provider.scopes.mkString(" ")), .scope(new com.nimbusds.oauth2.sdk.Scope(provider.scopes.mkString(" ")))
new com.nimbusds.oauth2.sdk.id.ClientID(provider.clientId), .state(new com.nimbusds.oauth2.sdk.id.State(state))
URI.create(provider.redirectUri) .redirectionURI(URI.create(provider.redirectUri))
) .endpointURI(URI.create(provider.authorizationEndpoint))
.state(new com.nimbusds.oauth2.sdk.id.State(state)) .build()
.nonce(new Nonce(nonce))
.endpointURI(URI.create(provider.authorizationEndpoint))
.build()
} else {
// Use standard OAuth2 AuthorizationRequest for non-OpenID providers (like Discord)
new AuthorizationRequest.Builder(
new ResponseType(ResponseType.Value.CODE),
new com.nimbusds.oauth2.sdk.id.ClientID(provider.clientId)
)
.scope(new com.nimbusds.oauth2.sdk.Scope(provider.scopes.mkString(" ")))
.state(new com.nimbusds.oauth2.sdk.id.State(state))
.redirectionURI(URI.create(provider.redirectUri))
.endpointURI(URI.create(provider.authorizationEndpoint))
.build()
}
authRequest.toURI.toString authRequest.toURI.toString
} }

4
knockoutwhistweb/conf/prod.conf
View File

@@ -28,8 +28,8 @@ openid {
} }
keycloak { keycloak {
clientId = "your-keycloak-client-id" clientId = ${?KEYCLOAK_CLIENT_ID}
clientSecret = "your-keycloak-client-secret" clientSecret = ${?KEYCLOAK_CLIENT_SECRET}
redirectUri = "https://knockout.janis-eccarius.de/api/auth/keycloak/callback" redirectUri = "https://knockout.janis-eccarius.de/api/auth/keycloak/callback"
authUrl = ${?KEYCLOAK_AUTH_URL} authUrl = ${?KEYCLOAK_AUTH_URL}
authUrl = "https://identity.janis-eccarius.de/realms/master" authUrl = "https://identity.janis-eccarius.de/realms/master"