0

I have integrated keycloak with the backend application written in express - nodejs. now either for testing purposes or as a roll-out feature I want to disable keycloak from my API endpoints.

keycloak is initialised as below:

const session = require('express-session');
const Keycloak = require('keycloak-connect');
const memoryStore = new session.MemoryStore();

  const kcConfig = {
    clientId: config.KEYCLOAK_CLIENT_ID,
    bearerOnly: true,
    serverUrl: config.KEYCLOAK_SERVER_URL,
    realm: config.KEYCLOAK_REALM,
    realmPublicKey: config.KEYCLOAK_REALM_PUBLICKEY,
    enabled: false
    
  };
  app.use(session({
    secret: config.KEYCLOAK_SESSION_SECRET,
    resave: false,
    saveUninitialized: true,
    store: memoryStore
  }));
  keycloak = new Keycloak({ store: memoryStore }, kcConfig);
  app.use(keycloak.middleware());


app.get("/api/test",keycloak.protect('realm:app-user'), async (req, res) => {}

I was going through keycloak documentation and I can see the property for Java can be set as keycloak.enabled=false; So I have added enabled:false under kcConfig but no luck. Therefore - I am looking for a property which can be used to toggle on and off keycloak from the application.

Paul Phoenix
  • 1,403
  • 6
  • 19
  • 33
  • You can create one more middleware there you will check enable/disable. It will be like closure/nested middleware at the end which will return keycloak middleware. Now with newly middleware you can pass two param true/false and keycloak param. In newly middleware you check first param according to that you can call next(). – Indraraj26 Mar 28 '23 at 18:39
  • I see we have `enabled` false feature to disable it but it is not working. Also as package is deprecated now, I don't think so we will get any support from author – Indraraj26 Mar 28 '23 at 18:49
  • I can initialize the keycloak or middleware based on a flag variable and can control that but that requires me to modify the API line to add or remove the protect function. `app.get("/api/test",keycloak.protect('realm:app-user'), async (req, res) => {}` – Paul Phoenix Mar 28 '23 at 18:58
  • This is the one solution that we have that we can apply if we can't find working solution with `enabled`. As keyclock node js package is deprecated, I don't think so we will get any better response from author. may be you can console log see what are the properties we have it on keycloak config – Indraraj26 Mar 28 '23 at 19:04

1 Answers1

0

For the time being, I have created a simple function which will take care of this:

const applyKeycloakIfEnabled = ()=>{
  if(config.KEYCLOAK_IS_ENABLED=='true'){
    console.log("should fire keycloak");
    return keycloak.protect('realm:app-user');
  }else{
    console.log("should NOT fire keycloak");
    return [];
  }
}

And updated the API end-point to consume this function as the call to keycloak was going from the options parameter I set it to an empty array when keycloak is disabled

app.get("/api/cvapp/profiles/:isAdminUser", applyKeycloakIfEnabled(), async (req, res) => {}
Paul Phoenix
  • 1,403
  • 6
  • 19
  • 33