Fix: Add quarkus.oidc.authentication.redirect-path=/auth/callback for OAuth callback handling

Quarkus OIDC needs explicit redirect-path configuration to handle the OAuth callback from Keycloak at /auth/callback. Without this, the endpoint returns 404 Not Found causing 502 Bad Gateway during authentication flow. This fixes the OAuth callback 502 error after successful Keycloak authentication.
2025-12-14 00:52:37 +00:00
parent 9164f00aaa
commit d42c10d029
12 changed files with 28 additions and 244 deletions
--- a/target/classes/META-INF/resources/freya-layout/js/layout.js
+++ b/target/classes/META-INF/resources/freya-layout/js/layout.js
@@ -541,7 +541,7 @@ PrimeFaces.FreyaConfigurator = {
    },

    replaceLink: function(linkElement, href) {
-        PrimeFaces.ajax.RESOURCE = 'javax.faces.Resource';
+        PrimeFaces.ajax.RESOURCE = 'jakarta.faces.Resource';
        
        var isIE = this.isIE();

--- a/target/classes/META-INF/resources/js/layout.js
+++ b/target/classes/META-INF/resources/js/layout.js
@@ -541,7 +541,7 @@ PrimeFaces.FreyaConfigurator = {
    },

    replaceLink: function(linkElement, href) {
-        PrimeFaces.ajax.RESOURCE = 'javax.faces.Resource';
+        PrimeFaces.ajax.RESOURCE = 'jakarta.faces.Resource';
        
        var isIE = this.isIE();

--- a/target/classes/META-INF/resources/resources/freya-layout/js/layout.js
+++ b/target/classes/META-INF/resources/resources/freya-layout/js/layout.js
@@ -541,7 +541,7 @@ PrimeFaces.FreyaConfigurator = {
    },

    replaceLink: function(linkElement, href) {
-        PrimeFaces.ajax.RESOURCE = 'javax.faces.Resource';
+        PrimeFaces.ajax.RESOURCE = 'jakarta.faces.Resource';
        
        var isIE = this.isIE();

--- a/target/classes/META-INF/unionflow.taglib.xml
+++ b/target/classes/META-INF/unionflow.taglib.xml
@@ -1,9 +1,9 @@
 <?xml version="1.0" encoding="UTF-8"?>
-<facelet-taglib xmlns="https://xmlns.jcp.org/xml/ns/javaee"
+<facelet-taglib xmlns="https://jakarta.ee/xml/ns/jakartaee"
                xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
-                xsi:schemaLocation="https://xmlns.jcp.org/xml/ns/javaee 
-                https://xmlns.jcp.org/xml/ns/javaee/web-facelettaglibrary_2_3.xsd"
-                version="2.3">
+                xsi:schemaLocation="https://jakarta.ee/xml/ns/jakartaee
+                https://jakarta.ee/xml/ns/jakartaee/web-facelettaglibrary_4_0.xsd"
+                version="4.0">
    <namespace>http://unionflow.lions.dev/jsf</namespace>
    <composite-library-name>unionflow</composite-library-name>
 </facelet-taglib>
--- a/target/classes/application-prod.properties
+++ b/target/classes/application-prod.properties
@@ -2,7 +2,7 @@
 # Ce fichier est utilisé avec le profil Quarkus "prod"

 # Configuration HTTP
-quarkus.http.port=8086
+quarkus.http.port=8080
 quarkus.http.host=0.0.0.0
 quarkus.http.root-path=/
 quarkus.http.so-reuse-port=true
@@ -69,11 +69,12 @@ quarkus.oidc.client-id=unionflow-client
 quarkus.oidc.credentials.secret=${KEYCLOAK_CLIENT_SECRET}
 quarkus.oidc.application-type=web-app
 quarkus.oidc.authentication.redirect-path=/auth/callback
+quarkus.oidc.authentication.force-redirect-https-scheme=true
 quarkus.oidc.authentication.restore-path-after-redirect=true
 quarkus.oidc.authentication.scopes=openid,profile,email,roles
 quarkus.oidc.token.issuer=https://security.lions.dev/realms/unionflow
 quarkus.oidc.tls.verification=required
-quarkus.oidc.authentication.cookie-same-site=strict
+quarkus.oidc.authentication.cookie-same-site=lax
 quarkus.oidc.authentication.java-script-auto-redirect=false
 quarkus.oidc.discovery-enabled=true
 quarkus.oidc.verify-access-token=true
--- a/target/classes/application.properties
+++ b/target/classes/application.properties
@@ -115,3 +115,19 @@ unionflow.security.password.min-length=${PASSWORD_MIN_LENGTH:8}
 unionflow.security.password.require-special-chars=${PASSWORD_REQUIRE_SPECIAL:true}
 unionflow.security.max-login-attempts=${MAX_LOGIN_ATTEMPTS:5}
 unionflow.security.lockout-duration=${LOCKOUT_DURATION:300}
+
+# ===================================================================================================
+# Configuration Quarkus Arc CDI - Intégration avec JSF/MyFaces
+# ===================================================================================================
+# Active le mode découverte de beans pour permettre à Arc de gérer tous les beans CDI et JSF
+quarkus.arc.unremovable-types=jakarta.faces.application.Application,jakarta.faces.context.FacesContext,jakarta.enterprise.context.Conversation
+
+# Permet à Arc de détecter et gérer les beans avec annotations JSF custom scopes (@ViewScoped, etc.)
+quarkus.arc.detect-unused-false-positives=true
+
+# Force Arc à gérer les beans même s'ils ne sont pas référencés directement
+quarkus.arc.remove-unused-beans=false
+
+# Active le support complet CDI pour JSF Expression Language (EL)
+# Cela permet à MyFaces d'utiliser Arc BeanManager pour résoudre #{bean.property}
+quarkus.arc.auto-inject-fields=true
--- a/target/classes/dev/lions/unionflow/client/view/MembreListeBean$Entite.class
+++ b/target/classes/dev/lions/unionflow/client/view/MembreListeBean$Entite.class
--- a/target/classes/dev/lions/unionflow/client/view/MembreListeBean.class
+++ b/target/classes/dev/lions/unionflow/client/view/MembreListeBean.class