diff --git a/Dockerfile b/Dockerfile
index 0d426df16fc1859511ccaf84dd3d2521ca69a320..86bf4b3ac357e5e1475c3d655a9c20890c855071 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -23,19 +23,26 @@ COPY --from=deps /app/refine/node_modules ./node_modules
COPY . .
-ENV PORT 3000
+ENV PORT 8000
ARG NEXT_PUBLIC_API_URL
ARG KEY_CLOAK_CLIENT_SECRET
+ARG KEY_CLOAK_CLIENT_ID
+ARG KEY_CLOAK_ISSUER
ARG NEXT_PUBLIC_HANDLE_SYSTEM_BASE_URI
ARG NEXT_PUBLIC_HANDLE_SYSTEM_DOWNLOAD_PROXY
+ARG NEXTAUTH_URL
+ARG NEXTAUTH_URL_INTERNAL
+
+ENV KEY_CLOAK_ISSUER=${KEY_CLOAK_ISSUER}
+ENV KEY_CLOAK_CLIENT_SECRET=${KEY_CLOAK_CLIENT_SECRET}
+ENV KEY_CLOAK_CLIENT_ID=${KEY_CLOAK_CLIENT_ID}
ENV NEXT_PUBLIC_HANDLE_SYSTEM_DOWNLOAD_PROXY=${NEXT_PUBLIC_HANDLE_SYSTEM_DOWNLOAD_PROXY}
ENV NEXT_PUBLIC_HANDLE_SYSTEM_BASE_URI=${NEXT_PUBLIC_HANDLE_SYSTEM_BASE_URI}
ENV NEXT_PUBLIC_API_URL=${NEXT_PUBLIC_API_URL:-"https://manager.testbed.pid.gwdg.de/api/v1"}
-ENV KEY_CLOAK_CLIENT_SECRET=${KEY_CLOAK_CLIENT_SECRET}
+ENV NEXTAUTH_URL=${NEXTAUTH_URL}
+ENV NEXTAUTH_URL_INTERNAL=${NEXTAUTH_URL_INTERNAL}
-#EXPOSE 3000
-#CMD ["npm", "run", "dev"]
RUN npm run build
FROM base AS runner
@@ -52,7 +59,11 @@ COPY --from=builder --chown=refine:nodejs /app/refine/.next/static ./.next/stati
USER refine
-ENV PORT 3000
-ENV NEXT_PUBLIC_API_URL=http://localhost:8000/api/v1
-ENV KEY_CLOAK_CLIENT_SECRET ""
+ENV PORT 8000
+ENV KEY_CLOAK_ISSUER=${KEY_CLOAK_ISSUER}
+ENV KEY_CLOAK_CLIENT_SECRET=${KEY_CLOAK_CLIENT_SECRET}
+ENV KEY_CLOAK_CLIENT_ID=${KEY_CLOAK_CLIENT_ID}
+ENV NEXTAUTH_URL=${NEXTAUTH_URL}
+ENV NEXTAUTH_URL_INTERNAL=${NEXTAUTH_URL_INTERNAL}
+
CMD ["node", "server.js"]
diff --git a/next.config.js b/next.config.js
index 9a289c5774e4658d8946ac1f7a0430b881ea1711..9450e3b7a8c59e8cc5655e5be200fea714d347fc 100644
--- a/next.config.js
+++ b/next.config.js
@@ -4,6 +4,14 @@ module.exports = {
i18n,
transpilePackages: ["@refinedev/nextjs-router"],
output: "standalone",
+ env: {
+ KEY_CLOAK_ISSUER: process.env.KEY_CLOAK_ISSUER,
+ KEY_CLOAK_CLIENT_SECRET: process.env.KEY_CLOAK_CLIENT_SECRET,
+ KEY_CLOAK_CLIENT_ID: process.env.KEY_CLOAK_CLIENT_ID,
+ PORT: process.env.PORT,
+ NEXTAUTH_URL: process.env.NEXTAUTH_URL,
+ NEXTAUTH_URL_INTERNAL: process.env.NEXTAUTH_URL_INTERNAL,
+ },
eslint: {
ignoreDuringBuilds: true,
},
diff --git a/pages/_app.tsx b/pages/_app.tsx
index 29745ff3bf6bb502fbfa141da2081b5a4d030ff2..edfa562956014208d84cec29893253651d5283d1 100644
--- a/pages/_app.tsx
+++ b/pages/_app.tsx
@@ -14,7 +14,7 @@ import {
import type { NextPage } from 'next'
import { SessionProvider, signIn, signOut, useSession } from 'next-auth/react'
import { AppProps } from 'next/app'
-import { useRouter } from 'next/router'
+import { usePathname } from 'next/navigation'
import React from 'react'
import { Header } from '@components/header'
@@ -43,8 +43,7 @@ const App = (props: React.PropsWithChildren) => {
const { t, i18n } = useTranslation()
const { data, status } = useSession()
- const router = useRouter()
- const { to } = router.query
+ const to = usePathname()
const i18nProvider = {
translate: (key: string, params: object) => t(key, params),
@@ -60,7 +59,7 @@ const App = (props: React.PropsWithChildren) => {
login: async () => {
// console.log('login')
signIn('keycloak', {
- callbackUrl: to ? to.toString() : '/about',
+ callbackUrl: to ? to.toString() : '/fdo',
redirect: true
})
@@ -72,7 +71,7 @@ const App = (props: React.PropsWithChildren) => {
// console.log('logout')
signOut({
redirect: true,
- callbackUrl: '/about'
+ callbackUrl: '/fdo'
})
return {
diff --git a/pages/api/auth/[...nextauth].ts b/pages/api/auth/[...nextauth].ts
index b8a6f9166acafc23e24405cd23724c8c03c4cbc9..02a71c91783538a40d8a17d09ac7a0dc26f4a609 100644
--- a/pages/api/auth/[...nextauth].ts
+++ b/pages/api/auth/[...nextauth].ts
@@ -2,9 +2,9 @@ import NextAuth from 'next-auth'
import KeycloakProvider from 'next-auth/providers/keycloak'
const secretSessionKey = process.env.SECRET_SESSION_KEY || 'UItTuD1HcGXIj8ZfHUswhYdNd40Lc325R8VlxQPUoR0='
-const clientId = 'gwdg-fdoman-test'
+const clientId = process.env.KEY_CLOAK_CLIENT_ID || 'gwdg-fdoman-test'
const clientSecret = process.env.KEY_CLOAK_CLIENT_SECRET || ''
-const issuer = 'https://keycloak.sso.gwdg.de/auth/realms/academiccloud'
+const issuer = process.env.KEY_CLOAK_ISSUER || 'https://keycloak.sso.gwdg.de/auth/realms/academiccloud'
async function refreshAccessToken (token: any) {
try {
@@ -29,7 +29,7 @@ async function refreshAccessToken (token: any) {
if (!response.ok) {
throw refreshedTokens
}
- // console.log('### refreshToken', new Date().toISOString(), refreshedTokens, '### ### ###')
+ console.log('### refreshToken', new Date().toISOString(), refreshedTokens, '### ### ###')
return {
...token,
@@ -38,7 +38,7 @@ async function refreshAccessToken (token: any) {
refreshToken: refreshedTokens.refresh_token ?? token.refreshToken // Fall back to old refresh token
}
} catch (error) {
- // console.log('### RefreshAccessTokenError', error, '### ### ###')
+ console.log('### RefreshAccessTokenError', error, '### ### ###')
return {
...token,
@@ -62,7 +62,7 @@ export const authOptions = {
issuer,
// authorization: { params: { scope: 'openid profile email' } },
profile (profile) {
- // console.log('### profile', profile, '### ### ###')
+ console.log('### profile', profile, '### ### ###')
return {
id: profile.sub,
name: profile.name ?? profile.preferred_username
@@ -72,11 +72,11 @@ export const authOptions = {
],
callbacks: {
async signIn ({ user, account, profile, email, credentials }: any) {
- // console.log('### signIn', user, account, profile, email, credentials, '### ### ###')
+ console.log('### signIn', user, account, profile, email, credentials, '### ### ###')
return true
},
async session ({ session, user, token }: any) {
- // console.log('### session', session, user, token, '### ### ###')
+ console.log('### session', session, user, token, '### ### ###')
session.user = token.user
session.accessToken = token.accessToken
@@ -85,11 +85,11 @@ export const authOptions = {
return session
},
async redirect ({ url, baseUrl }: any) {
- // console.log('### redirect', url, baseUrl, '### ### ###')
+ console.log('### redirect', url, baseUrl, '### ### ###')
return Promise.resolve(url)
},
async jwt ({ token, user, account, profile, isNewUser }: any) {
- // console.log('### jwt', token, user, account, profile, isNewUser, '### ### ###')
+ console.log('### jwt', token, user, account, profile, isNewUser, '### ### ###')
// Initial sign in
if (account && user) {