2016-03-14 11:08:36 +00:00
|
|
|
<!--
|
|
|
|
~ Copyright 2016 Red Hat, Inc. and/or its affiliates
|
|
|
|
~ and other contributors as indicated by the @author tags.
|
|
|
|
~
|
|
|
|
~ Licensed under the Apache License, Version 2.0 (the "License");
|
|
|
|
~ you may not use this file except in compliance with the License.
|
|
|
|
~ You may obtain a copy of the License at
|
|
|
|
~
|
|
|
|
~ http://www.apache.org/licenses/LICENSE-2.0
|
|
|
|
~
|
|
|
|
~ Unless required by applicable law or agreed to in writing, software
|
|
|
|
~ distributed under the License is distributed on an "AS IS" BASIS,
|
|
|
|
~ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
|
|
|
~ See the License for the specific language governing permissions and
|
|
|
|
~ limitations under the License.
|
|
|
|
-->
|
|
|
|
|
|
|
|
<html>
|
|
|
|
<head>
|
|
|
|
<script src="http://localhost:8180/auth/js/keycloak.js"></script>
|
2016-04-13 07:45:28 +00:00
|
|
|
<script src="https://localhost:8543/auth/js/keycloak.js"></script>
|
2016-03-14 11:08:36 +00:00
|
|
|
</head>
|
|
|
|
<body>
|
|
|
|
|
|
|
|
<div>
|
|
|
|
<button onclick="keycloakInit()">Init</button>
|
|
|
|
<button onclick="keycloak.login()">Login</button>
|
|
|
|
<button onclick="keycloak.logout()">Logout</button>
|
|
|
|
<button onclick="keycloak.register()">Register</button>
|
|
|
|
<button onclick="refreshToken(9999)">Refresh Token</button>
|
|
|
|
<button onclick="refreshToken(30)">Refresh Token (if <30s validity)</button>
|
2016-09-23 13:53:25 +00:00
|
|
|
<button onclick="refreshToken(5)">Refresh Token (if <5s validity)</button>
|
2016-08-04 12:43:49 +00:00
|
|
|
<button onclick="showError()">Show Error Response</button>
|
2016-03-14 11:08:36 +00:00
|
|
|
<button onclick="loadProfile()">Get Profile</button>
|
|
|
|
<button onclick="loadUserInfo()">Get User Info</button>
|
|
|
|
<button onclick="output(keycloak.tokenParsed)">Show Token</button>
|
|
|
|
<button onclick="output(keycloak.refreshTokenParsed)">Show Refresh Token</button>
|
|
|
|
<button onclick="output(keycloak.idTokenParsed)">Show ID Token</button>
|
|
|
|
<button onclick="showExpires()">Show Expires</button>
|
|
|
|
<button onclick="output(keycloak)">Show Details</button>
|
|
|
|
<button onclick="output(keycloak.createLoginUrl())">Show Login URL</button>
|
|
|
|
<button onclick="output(keycloak.createLogoutUrl())">Show Logout URL</button>
|
|
|
|
<button onclick="output(keycloak.createRegisterUrl())">Show Register URL</button>
|
2016-06-14 08:17:03 +00:00
|
|
|
<button onclick="createBearerRequest()">Create Bearer Request</button>
|
2016-09-23 13:53:25 +00:00
|
|
|
<button onclick="output(showTime())">Show current time</button>
|
2016-11-16 14:12:57 +00:00
|
|
|
<button onclick="cert()">Cert request</button>
|
2016-09-23 13:53:25 +00:00
|
|
|
<input id="timeSkewInput"/>
|
|
|
|
<button onclick="addToTimeSkew()">timeSkew offset</button>
|
|
|
|
<button onclick="refreshTimeSkew()">refresh timeSkew</button>
|
|
|
|
<button onclick="sendBearerToKeycloak()">Bearer to keycloak</button>
|
|
|
|
|
|
|
|
|
2016-03-14 11:08:36 +00:00
|
|
|
<select id="flowSelect">
|
|
|
|
<option value="standard">standard</option>
|
|
|
|
<option value="implicit">implicit</option>
|
|
|
|
</select>
|
|
|
|
|
|
|
|
<select id="responseModeSelect">
|
|
|
|
<option value="fragment">fragment</option>
|
|
|
|
<option value="query">query</option>
|
|
|
|
</select>
|
2016-06-14 08:17:03 +00:00
|
|
|
<select id="onLoad">
|
|
|
|
<option value="check-sso">check-sso</option>
|
|
|
|
<option value="login-required">login-required</option>
|
|
|
|
</select>
|
2016-03-14 11:08:36 +00:00
|
|
|
</div>
|
|
|
|
|
|
|
|
<h2>Result</h2>
|
|
|
|
<pre style="background-color: #ddd; border: 1px solid #ccc; padding: 10px;" id="output"></pre>
|
|
|
|
|
|
|
|
<h2>Events</h2>
|
|
|
|
<pre style="background-color: #ddd; border: 1px solid #ccc; padding: 10px;" id="events"></pre>
|
|
|
|
|
2016-09-23 13:53:25 +00:00
|
|
|
<h2>Info</h2>
|
|
|
|
TimeSkew: <div id="timeSkew"></div>
|
|
|
|
|
2016-03-14 11:08:36 +00:00
|
|
|
|
|
|
|
<script>
|
|
|
|
function loadProfile() {
|
|
|
|
keycloak.loadUserProfile().success(function(profile) {
|
|
|
|
output(profile);
|
|
|
|
}).error(function() {
|
|
|
|
output('Failed to load profile');
|
|
|
|
});
|
|
|
|
}
|
|
|
|
|
|
|
|
function loadUserInfo() {
|
|
|
|
keycloak.loadUserInfo().success(function(userInfo) {
|
|
|
|
output(userInfo);
|
|
|
|
}).error(function() {
|
|
|
|
output('Failed to load user info');
|
|
|
|
});
|
|
|
|
}
|
|
|
|
|
|
|
|
function refreshToken(minValidity) {
|
|
|
|
keycloak.updateToken(minValidity).success(function(refreshed) {
|
|
|
|
if (refreshed) {
|
|
|
|
output(keycloak.tokenParsed);
|
|
|
|
} else {
|
|
|
|
output('Token not refreshed, valid for ' + Math.round(keycloak.tokenParsed.exp + keycloak.timeSkew - new Date().getTime() / 1000) + ' seconds');
|
|
|
|
}
|
|
|
|
}).error(function() {
|
|
|
|
output('Failed to refresh token');
|
|
|
|
});
|
|
|
|
}
|
|
|
|
|
|
|
|
function showExpires() {
|
|
|
|
if (!keycloak.tokenParsed) {
|
|
|
|
output("Not authenticated");
|
|
|
|
return;
|
|
|
|
}
|
|
|
|
|
|
|
|
var o = 'Token Expires:\t\t' + new Date((keycloak.tokenParsed.exp + keycloak.timeSkew) * 1000).toLocaleString() + '\n';
|
|
|
|
o += 'Token Expires in:\t' + Math.round(keycloak.tokenParsed.exp + keycloak.timeSkew - new Date().getTime() / 1000) + ' seconds\n';
|
|
|
|
|
|
|
|
if (keycloak.refreshTokenParsed) {
|
|
|
|
o += 'Refresh Token Expires:\t' + new Date((keycloak.refreshTokenParsed.exp + keycloak.timeSkew) * 1000).toLocaleString() + '\n';
|
|
|
|
o += 'Refresh Expires in:\t' + Math.round(keycloak.refreshTokenParsed.exp + keycloak.timeSkew - new Date().getTime() / 1000) + ' seconds';
|
|
|
|
}
|
|
|
|
|
|
|
|
output(o);
|
|
|
|
}
|
|
|
|
|
2016-08-04 12:43:49 +00:00
|
|
|
function showError() {
|
|
|
|
output("Error: " + getParameterByName("error") + "\n" + "Error description: " + getParameterByName("error_description"));
|
|
|
|
}
|
|
|
|
|
|
|
|
function getParameterByName(name, url) {
|
|
|
|
if (!url) url = window.location.href;
|
|
|
|
name = name.replace(/[\[\]]/g, "\\$&");
|
|
|
|
var regex = new RegExp("[?&#]" + name + "(=([^&#]*)|&|#|$)"),
|
|
|
|
results = regex.exec(url);
|
|
|
|
if (!results) return null;
|
|
|
|
if (!results[2]) return '';
|
|
|
|
return decodeURIComponent(results[2].replace(/\+/g, " "));
|
|
|
|
}
|
|
|
|
|
2016-03-14 11:08:36 +00:00
|
|
|
function output(data) {
|
|
|
|
if (typeof data === 'object') {
|
|
|
|
data = JSON.stringify(data, null, ' ');
|
|
|
|
}
|
|
|
|
document.getElementById('output').innerHTML = data;
|
|
|
|
}
|
|
|
|
|
|
|
|
function event(event) {
|
|
|
|
var e = document.getElementById('events').innerHTML;
|
|
|
|
document.getElementById('events').innerHTML = new Date().toLocaleString() + "\t" + event + "\n" + e;
|
|
|
|
}
|
|
|
|
|
2016-09-23 13:53:25 +00:00
|
|
|
function addToTimeSkew() {
|
|
|
|
var offset = document.getElementById("timeSkewInput").value;
|
|
|
|
keycloak.timeSkew += parseInt(offset);
|
|
|
|
document.getElementById("timeSkew").innerHTML = keycloak.timeSkew;
|
|
|
|
}
|
|
|
|
|
|
|
|
function refreshTimeSkew() {
|
|
|
|
document.getElementById("timeSkew").innerHTML = keycloak.timeSkew;
|
|
|
|
}
|
|
|
|
|
2016-06-14 08:17:03 +00:00
|
|
|
function createBearerRequest() {
|
|
|
|
|
|
|
|
var url = 'http://localhost:8280/js-database/customers';
|
|
|
|
if (window.location.href.indexOf("8643") > -1) {
|
|
|
|
url = url.replace("8280","8643");
|
|
|
|
url = url.replace("http","https");
|
|
|
|
}
|
|
|
|
|
2016-06-27 11:54:00 +00:00
|
|
|
if (window.location.href.indexOf("8180") > -1) {
|
|
|
|
url = url.replace("8280","8180");
|
|
|
|
}
|
|
|
|
|
2016-06-14 08:17:03 +00:00
|
|
|
var req = new XMLHttpRequest();
|
|
|
|
req.open('GET', url, true);
|
|
|
|
req.setRequestHeader('Accept', 'application/json');
|
|
|
|
req.setRequestHeader('Authorization', 'Bearer ' + keycloak.token);
|
|
|
|
|
|
|
|
req.onreadystatechange = function () {
|
|
|
|
if (req.readyState == 4) {
|
|
|
|
if (req.status == 200) {
|
|
|
|
output(req.responseText);
|
|
|
|
} else if (req.status == 403) {
|
|
|
|
output('Forbidden');
|
|
|
|
} else if (req.status == 401) {
|
|
|
|
output('Unauthorized');
|
|
|
|
}
|
|
|
|
}
|
|
|
|
};
|
|
|
|
|
|
|
|
req.send();
|
|
|
|
}
|
|
|
|
|
2016-09-23 13:53:25 +00:00
|
|
|
function sendBearerToKeycloak() {
|
|
|
|
var url = 'http://localhost:8180/auth/admin/realms/example/roles';
|
|
|
|
if (window.location.href.indexOf("8543") > -1) {
|
|
|
|
url = url.replace("8180","8543");
|
|
|
|
url = url.replace("http","https");
|
|
|
|
}
|
|
|
|
|
|
|
|
var req = new XMLHttpRequest();
|
|
|
|
req.open('GET', url, true);
|
|
|
|
req.setRequestHeader('Accept', 'application/json');
|
|
|
|
req.setRequestHeader('Authorization', 'Bearer ' + keycloak.token);
|
|
|
|
|
|
|
|
req.onreadystatechange = function () {
|
|
|
|
if (req.readyState == 4) {
|
|
|
|
if (req.status == 200) {
|
|
|
|
output('Success');
|
|
|
|
} else if (req.status == 403) {
|
|
|
|
output('Forbidden');
|
|
|
|
} else if (req.status == 401) {
|
|
|
|
output('Unauthorized');
|
|
|
|
}
|
|
|
|
}
|
|
|
|
};
|
|
|
|
|
|
|
|
req.send();
|
|
|
|
}
|
|
|
|
|
2016-11-16 14:12:57 +00:00
|
|
|
function cert() {
|
|
|
|
var url = 'http://localhost:8180/auth/realms/example/protocol/openid-connect/certs';
|
|
|
|
if (window.location.href.indexOf("8543") > -1) {
|
|
|
|
url = url.replace("8180","8543");
|
|
|
|
url = url.replace("http","https");
|
|
|
|
}
|
|
|
|
var req = new XMLHttpRequest();
|
|
|
|
req.open('GET', url, true);
|
|
|
|
req.setRequestHeader('Accept', 'application/json');
|
|
|
|
req.setRequestHeader('Authorization', 'Bearer ' + keycloak.token);
|
|
|
|
req.onreadystatechange = function () {
|
|
|
|
if (req.readyState == 4) {
|
|
|
|
if (req.status == 200) {
|
|
|
|
output('Success');
|
|
|
|
} else if (req.status == 403) {
|
|
|
|
output('Forbidden');
|
|
|
|
} else if (req.status == 401) {
|
|
|
|
output('Unauthorized');
|
|
|
|
}
|
|
|
|
}
|
|
|
|
};
|
|
|
|
req.send();
|
|
|
|
}
|
|
|
|
|
2016-03-14 11:08:36 +00:00
|
|
|
var keycloak;
|
|
|
|
|
|
|
|
function keycloakInit() {
|
|
|
|
keycloak = Keycloak();
|
|
|
|
|
|
|
|
keycloak.onAuthSuccess = function () {
|
|
|
|
event('Auth Success');
|
|
|
|
};
|
|
|
|
|
|
|
|
keycloak.onAuthError = function () {
|
|
|
|
event('Auth Error');
|
|
|
|
};
|
|
|
|
|
|
|
|
keycloak.onAuthRefreshSuccess = function () {
|
|
|
|
event('Auth Refresh Success');
|
2016-09-23 13:53:25 +00:00
|
|
|
document.getElementById("timeSkew").innerHTML = keycloak.timeSkew;
|
2016-03-14 11:08:36 +00:00
|
|
|
};
|
|
|
|
|
|
|
|
keycloak.onAuthRefreshError = function () {
|
|
|
|
event('Auth Refresh Error');
|
|
|
|
};
|
|
|
|
|
|
|
|
keycloak.onAuthLogout = function () {
|
|
|
|
event('Auth Logout');
|
|
|
|
};
|
|
|
|
|
|
|
|
keycloak.onTokenExpired = function () {
|
|
|
|
event('Access token expired.');
|
|
|
|
};
|
|
|
|
|
2016-06-14 08:17:03 +00:00
|
|
|
var initOptions = {onLoad: document.getElementById("onLoad").value, flow: document.getElementById("flowSelect").value, responseMode: document.getElementById("responseModeSelect").value};
|
2016-03-14 11:08:36 +00:00
|
|
|
keycloak.init(initOptions).success(function (authenticated) {
|
|
|
|
output('Init Success (' + (authenticated ? 'Authenticated' : 'Not Authenticated') + ')');
|
|
|
|
}).error(function () {
|
|
|
|
output('Init Error');
|
|
|
|
});
|
|
|
|
}
|
|
|
|
|
|
|
|
</script>
|
|
|
|
</body>
|
|
|
|
</html>
|