updated bb conf; login

2023-03-01 16:54:26 +01:00 · 2023-03-01 16:54:26 +01:00 · c5dce08e20
commit c5dce08e20
parent ca4480b122
4 changed files with 48 additions and 10 deletions
--- a/bbconf/broker-config.toml
+++ b/bbconf/broker-config.toml
@ -47,7 +47,7 @@ scope = "openid profile email"
 # Optional base URL for OAuth2 URLs, e.g. "https://domain.tld/auth"
 # If omitted, it will be derived from the fields in the [server] section.
-# base_url = "http://localhost:8080"
+# base_url = "http://127.0.0.1:8080"
 # Will be appended to `base_url` to form the OAuth2 callback URL
 redirect_path = "/oauth/callback"
@ -59,7 +59,18 @@ user_info_additional_claims_required = true
 # be redirected to the application URL.
 # If this is unset, the browser gets an empty 200 response on successful
 # authorization code flow completion.
-client_app_url = "http://127.0.0.1:8080/_test/ping"
+client_app_url = "http://127.0.0.1:5173/"
 # Path to the browser login URL.
 # This path is where the basebox broker returns a 302 response that redirects the browser to
 # the IdP login page; the target URL will contain all query parms needed to initiate an
 # auth code flow login procedure, incl. CSRF protection tokens etc.
 login_path = "/oauth/login"
 # Logout path that allows explicit, immediate logouts.
 # Simply POST to this URL with the session cookie or bearer token.
 logout_path = "/oauth/logout"
 [business_logic_layer]
 business_logic_layer_enabled = false
--- a/bbconf/dbproxy-config.toml
+++ b/bbconf/dbproxy-config.toml
@ -1,6 +1,6 @@
 [generic]
 # log level; can be error, warn, info, debug, trace
-log_level = "debug"
+log_level = "trace"
 [idp_config]
 # URL of IdP's discovery endpoint. If not set, the URL is made up by appending
@ -9,12 +9,14 @@ discovery_url = "https://kcdev.basebox.health:8443/realms/todo/.well-known/openi
 # URL of IdP's public keystore. If set, the discovery endpoint is not used at all.
 jwks_url = "https://kcdev.basebox.health:8443/realms/todo/protocol/openid-connect/certs"
-[id_token_validation]
+[openid_token_validation]
 # Incoming ID tokens are validated using, among other, the following fields.
 # Contents of 'iss' field, usually the URL of the authetnication realm
 iss = "https://kcdev.basebox.health:8443/realms/todo"
-# Contents of 'aud' field, aka the OpenID connect client ID
+# ID token audience field, usually OpenID Connect client ID
-aud = "todo-app"
+id_aud = "todo-app"
 # Access token audience field
 acc_aud = "account"
 [graphql]
 # path and file name to GraphQL schema file
--- a/src/store.js
+++ b/src/store.js
@ -12,9 +12,9 @@ export const store = reactive({
  /** true if a user is currently logged in */
  loggedIn: ref(false),
-  /** Username of the currently logged in user */
+  /** Username of the currently logged-in user */
  userName: ref("stranger"),
  /** The host that runs basebox and waits for GraphQL requests */
-  baseboxHost: "http://127.0.0.1:8000",
+  baseboxHost: "http://127.0.0.1:8080",
 })
--- a/src/views/HomeView.vue
+++ b/src/views/HomeView.vue
@ -1,11 +1,36 @@
 <script setup>
 import TheWelcome from '../components/TheAbout.vue'
 import { store } from "../store";
 /**
 * Perform a login.
 */
 function login() {
  location.href = `${store.baseboxHost}/oauth/login`;
 }
 </script>
 <template>
  <main>
-
+    <!-- Force user to log in before he/she can see tasks. -->
    <div v-if="!store.loggedIn" id="login-prompt">
      <p>Your are currently not logged in.</p>
      <button class="btn btn-primary" @click="login" type="button">Login</button>
    </div>
  </main>
 </template>
 <style lang="scss" scoped>
  #login-prompt {
    margin: 5rem 0;
    border: 1px solid var(--color-border);
    border-radius: .5rem;
    padding: 2rem;
    text-align: center;
    .btn {
      margin: 3rem 0 0 0;
    }
  }
 </style>