fix the client name to always be quepid when communicating with keycl…

…oak realm
o19s · Aug 11, 2021 · de9e0e6 · de9e0e6
1 parent c98c224
commit de9e0e6
Show file tree

Hide file tree

Showing 3 changed files with 17 additions and 3 deletions.
diff --git a/CHANGELOG.md b/CHANGELOG.md
@@ -1,6 +1,10 @@
 # Changelog
 
-## 6.6.0 - 2021-08-07
+## 6.6.1 - 2021-08-11
+
+* In testing the Keycloak oAuth integration via the Chorus project, identified that the name of the _Client_ that is passed to Keycloak was tied to the `KEYCLOAK_REALM` env setting.   Changed this to be hardcoded to `quepid` so it can be different then the _Realm_ name (i.e the Realm is _Chorus_ in the Chorus project, and the Client is _quepid_).
+
+## 6.6.0 - 2021-08-09
 
 ### Features
 

diff --git a/config/initializers/devise.rb b/config/initializers/devise.rb
@@ -324,7 +324,7 @@
   # ==> OmniAuth
   # config.omniauth_providers: %i[keycloakopenid google_oauth2]
   if Rails.application.config.keycloak_realm.present?
-    config.omniauth :keycloak_openid, Rails.application.config.keycloak_realm, 'example-secret-if-configured',
+    config.omniauth :keycloak_openid, 'quepid', 'example-secret-if-configured',
                     client_options: {
                       site:  Rails.application.config.keycloak_site,
                       realm: Rails.application.config.keycloak_realm,

diff --git a/docs/operating_documentation.md b/docs/operating_documentation.md
@@ -56,10 +56,20 @@ Learn more about setting up Google oAuth at https://support.google.com/cloud/ans
 
 The built in options are `GOOGLE_CLIENT_ID`, `GOOGLE_CLIENT_SECRET`, `KEYCLOAK_REALM` and `KEYCLOAK_SITE`.
 
-The OmniAuth providers are defined in `config/devise.rb`. A list of available providers can be viewed on the [OmniAuth Wiki](https://github.com/intridea/omniauth/wiki/List-of-Strategies). To enable a provider you need to add the gem (eg. `omniauth-facebook`) to the `Gemfile` and configure in `config/devise.rb` and `user.rb`
+The OmniAuth providers are defined in `config/initializers/devise.rb`. A list of available providers can be viewed on the [OmniAuth Wiki](https://github.com/intridea/omniauth/wiki/List-of-Strategies). To enable a provider you need to add the gem (eg. `omniauth-facebook`) to the `Gemfile` and configure in `devise.rb` and `user.rb`
 
 The existence of `GOOGLE_CLIENT_ID` or `KEYCLOAK_REALM` enables the respective sign in option.
 
+## Keycloak Setup Details
+
+Quepid has a basic Keycloak config file in `/keycloak/realm-config/quepid-realm.json` that is used for development purposes.  
+
+We have a Realm called `Quepid`, and it includes a Client called `quepid`.  The client is where the specific configuration for how Quepid interacts with Keycloak via oAuth is set up.
+
+We *assume* that the client definition in Keycloak will be named `quepid`, you can't change that.  You can pick your Realm name however.
+
+
+
 # Legal Pages & GDPR
 
 If you would like to have legal pages linked in the footer of the app, similar to behavior on http://app.quepid.com,