mashingan · August 14, 2024 12:02
diff --git a/login-keycloak-post.go b/login-keycloak-post.go
 func loginPost(in *AuthParam, reqInfo RequestInfo) (*SignInResponse, error) {
 	keycloakURL := os.Getenv("KEYCLOAK_URL") + "auth/realms/" + os.Getenv("KEYCLOAK_REALM_NAME") + "/protocol/openid-connect/token"
 	clientToken := base64.StdEncoding.EncodeToString([]byte(os.Getenv("KEYCLOAK_ADMIN_CLIENT_SECRET")))
 	form := url.Values{
 		"grant_type": {"password"},
 		"username":   {in.Username},
 		"password":   {in.Password},
 		"scope":      {"openid"},
 	}

 	client := &http.Client{Timeout: 10 * time.Second}
 	req, err := http.NewRequest("POST", keycloakURL, bytes.NewBufferString(form.Encode()))
 	if err != nil {
 		return nil, status.Error(KeycloakUnreachableCode, KeycloakUnreachable)
 	}
 	req.Header.Add("Content-Type", "application/x-www-form-urlencoded")
 	req.Header.Add("Authorization", "Basic "+clientToken)
 	resp, err := client.Do(req)
 	if err != nil {
 		return nil, status.Error(KeycloakUnreachableCode, KeycloakUnreachable)
 	}
 	defer resp.Body.Close()
 	if resp.StatusCode >= 400 {
 		if resp.StatusCode == http.StatusUnauthorized {
 			return nil, errors.New(AuthFailed)
 		}
 		return nil, status.Error(KeycloakUnreachableCode, KeycloakUnreachable)
 	}
 	respByte, err := ioutil.ReadAll(resp.Body)
 	if err != nil {
 		return nil, status.Error(KeycloakUnreachableCode, KeycloakUnreachable)
 	}
 	signIn := SignInResponse{}
 	if err := json.Unmarshal(respByte, &signIn); err != nil {
 		return nil, status.Error(KeycloakUnreachableCode, KeycloakUnreachable)
 	}
 	return &signIn, nil
 }

 type SignInResponse struct {
 	AccessToken      string `json:"access_token"`
 	ExpiresIn        int64  `json:"expires_in"`
 	RefreshExpiresIn int64  `json:"refresh_expires_in"`
 	RefreshToken     string `json:"refresh_token"`
 	TokenType        string `json:"token_type"`
 	IdToken          string `json:"id_token"`
 	NotBeforePolicy  int64  `json:"not-before-policy"`
 	SessionState     string `json:"session_state"`
 	Scope            string `json:"scope"`
 }
	func loginPost(in AuthParam, reqInfo RequestInfo) (SignInResponse, error) {
	keycloakURL := os.Getenv("KEYCLOAK_URL") + "auth/realms/" + os.Getenv("KEYCLOAK_REALM_NAME") + "/protocol/openid-connect/token"
	clientToken := base64.StdEncoding.EncodeToString([]byte(os.Getenv("KEYCLOAK_ADMIN_CLIENT_SECRET")))
	form := url.Values{
	"grant_type": {"password"},
	"username": {in.Username},
	"password": {in.Password},
	"scope": {"openid"},
	}

	client := &http.Client{Timeout: 10 * time.Second}
	req, err := http.NewRequest("POST", keycloakURL, bytes.NewBufferString(form.Encode()))
	if err != nil {
	return nil, status.Error(KeycloakUnreachableCode, KeycloakUnreachable)
	}
	req.Header.Add("Content-Type", "application/x-www-form-urlencoded")
	req.Header.Add("Authorization", "Basic "+clientToken)
	resp, err := client.Do(req)
	if err != nil {
	return nil, status.Error(KeycloakUnreachableCode, KeycloakUnreachable)
	}
	defer resp.Body.Close()
	if resp.StatusCode >= 400 {
	if resp.StatusCode == http.StatusUnauthorized {
	return nil, errors.New(AuthFailed)
	}
	return nil, status.Error(KeycloakUnreachableCode, KeycloakUnreachable)
	}
	respByte, err := ioutil.ReadAll(resp.Body)
	if err != nil {
	return nil, status.Error(KeycloakUnreachableCode, KeycloakUnreachable)
	}
	signIn := SignInResponse{}
	if err := json.Unmarshal(respByte, &signIn); err != nil {
	return nil, status.Error(KeycloakUnreachableCode, KeycloakUnreachable)
	}
	return &signIn, nil
	}

	type SignInResponse struct {
	AccessToken string `json:"access_token"`
	ExpiresIn int64 `json:"expires_in"`
	RefreshExpiresIn int64 `json:"refresh_expires_in"`
	RefreshToken string `json:"refresh_token"`
	TokenType string `json:"token_type"`
	IdToken string `json:"id_token"`
	NotBeforePolicy int64 `json:"not-before-policy"`
	SessionState string `json:"session_state"`
	Scope string `json:"scope"`
	}