6:50 a.m.
----- Original Message -----
From: "Bruno Oliveira" <bruno(a)abstractj.org>
To: "Stian Thorgersen" <stian(a)redhat.com>
Cc: "keycloak dev" <keycloak-dev(a)lists.jboss.org>
Sent: Tuesday, 25 November, 2014 1:29:24 PM
Subject: Re: [keycloak-dev] Programatic configuration
On 2014-11-25, Stian Thorgersen wrote:
>
>
> ----- Original Message -----
> > From: "Bruno Oliveira" <bruno(a)abstractj.org>
> > To: "keycloak dev" <keycloak-dev(a)lists.jboss.org>
> > Sent: Tuesday, 25 November, 2014 12:22:22 PM
> > Subject: [keycloak-dev] Programatic configuration
> >
> > Good morning, we've been discussing the following workflow on AeroGear:
> >
> > First time
> >
> > 1. Developer create an UPS instance on OpenShift
> > 2. Visit https://myups-abstractj.rhcloud.com/ag-push
> > 3. The application automagically redirect to the configuration page the
> > with
> > options default or Custom — where default make use of the embbeded
> > Keycloak on UPS and custom our developer would be able to specify
> > another Keycloak instance (http://andresgalante.com/configuration/)
> > 4. App changes the keycloak.json/ups-realm.json file based on the URL
> > provided.
> >
> > Second time
> >
> > 1. Visit https://myups-abstractj.rhcloud.com/ag-push
> > 2. The application check if some configuration already exists (default
> > or custom)
> > 3. Redirect users to UPS login page or Keycloak login page. It pretty
> > much depends.
> >
> > I would like to programatically change (via Java) `ups-realm.json`,
> > `keycloak.json`
> > and `admin-ui-keycloak.json`. See
> >
https://github.com/abstractj/aerogear-unifiedpush-server/commit/e8fc8461f...
> >
> > Possible alternatives off the top of my head:
> >
> > 1. Read/manipulate JSON files from the database and provide
> > `keycloak.json`
> > and
> > `admin-ui-keycloak.json` as a resource like Keycloak team did for
> > JavaScript
> >
https://github.com/keycloak/keycloak/blob/master/services/src/main/java/o...
> > 2. Dinamically generate to a shared place on WildFly `keycloak.json` and
> > `admin-ui-keycloak.json` files.
> >
> > Do you have a better idea?
>
> Is it only the auth-server url you're changing? keycloak.json supports
> system properties so you can use for example { "auth-server" :
> "${keycloak.url}" }. If you do that you don't have to rewrite the file
at
> all.
Yes! That's gorgeous! Am I supposed to define it during the bootstrap?
For ups-realm.json file, I'm considering to make use of
AdapterDeploymentContext like we did in the past, because the redirect
url must dinamically change
https://github.com/abstractj/aerogear-unifiedpush-server/commit/e8fc8461f...
How would AdapterDeploymentContext work for a remote KC server?
In the past I had an idea of adding support for server aliases, so you could for example
do "http://${ups}/ag-push" as the redirect-uri in KC. Then we could provide some
easy way to manage server-aliases, even allowing it to resolve to one or more urls.
>
> >
> > Thanks in advance.
> >
> >
> >
> > --
> >
> > abstractj
> > PGP: 0x84DC9914
> > _______________________________________________
> > keycloak-dev mailing list
> > keycloak-dev(a)lists.jboss.org
> > https://lists.jboss.org/mailman/listinfo/keycloak-dev
--
abstractj
PGP: 0x84DC9914