----- Original Message -----
> From: "Bruno Oliveira" <bruno(a)abstractj.org>
> To: "Stian Thorgersen" <stian(a)redhat.com>
> Cc: "keycloak dev" <keycloak-dev(a)lists.jboss.org>
> Sent: Tuesday, 25 November, 2014 1:29:24 PM
> Subject: Re: [keycloak-dev] Programatic configuration
>
> On 2014-11-25, Stian Thorgersen wrote:
>>
>>
>> ----- Original Message -----
>>> From: "Bruno Oliveira" <bruno(a)abstractj.org>
>>> To: "keycloak dev" <keycloak-dev(a)lists.jboss.org>
>>> Sent: Tuesday, 25 November, 2014 12:22:22 PM
>>> Subject: [keycloak-dev] Programatic configuration
>>>
>>> Good morning, we've been discussing the following workflow on AeroGear:
>>>
>>> First time
>>>
>>> 1. Developer create an UPS instance on OpenShift
>>> 2. Visit
https://myups-abstractj.rhcloud.com/ag-push
>>> 3. The application automagically redirect to the configuration page the
>>> with
>>> options default or Custom — where default make use of the embbeded
>>> Keycloak on UPS and custom our developer would be able to specify
>>> another Keycloak instance (
http://andresgalante.com/configuration/)
>>> 4. App changes the keycloak.json/ups-realm.json file based on the URL
>>> provided.
>>>
>>> Second time
>>>
>>> 1. Visit
https://myups-abstractj.rhcloud.com/ag-push
>>> 2. The application check if some configuration already exists (default
>>> or custom)
>>> 3. Redirect users to UPS login page or Keycloak login page. It pretty
>>> much depends.
>>>
>>> I would like to programatically change (via Java) `ups-realm.json`,
>>> `keycloak.json`
>>> and `admin-ui-keycloak.json`. See
>>>
https://github.com/abstractj/aerogear-unifiedpush-server/commit/e8fc8461f...
>>>
>>> Possible alternatives off the top of my head:
>>>
>>> 1. Read/manipulate JSON files from the database and provide
>>> `keycloak.json`
>>> and
>>> `admin-ui-keycloak.json` as a resource like Keycloak team did for
>>> JavaScript
>>>
https://github.com/keycloak/keycloak/blob/master/services/src/main/java/o...
>>> 2. Dinamically generate to a shared place on WildFly `keycloak.json` and
>>> `admin-ui-keycloak.json` files.
>>>
>>> Do you have a better idea?
>>
>> Is it only the auth-server url you're changing? keycloak.json supports
>> system properties so you can use for example { "auth-server" :
>> "${keycloak.url}" }. If you do that you don't have to rewrite the
file at
>> all.
>
> Yes! That's gorgeous! Am I supposed to define it during the bootstrap?
> For ups-realm.json file, I'm considering to make use of
> AdapterDeploymentContext like we did in the past, because the redirect
> url must dinamically change
>
https://github.com/abstractj/aerogear-unifiedpush-server/commit/e8fc8461f...
How would AdapterDeploymentContext work for a remote KC server?
In the past I had an idea of adding support for server aliases, so you could for example
do "http://${ups}/ag-push" as the redirect-uri in KC. Then we could provide some
easy way to manage server-aliases, even allowing it to resolve to one or more urls.
The idea was that the UPS mgmt console would allow you to specify a
remote keycloak URL. It would store this URL, then update the
AdapterDeploymentContext at runtime.
--
Bill Burke
JBoss, a division of Red Hat