feat(mobile): Implement Keycloak WebView authentication with HTTP callback
- Replace flutter_appauth with custom WebView implementation to resolve deep link issues - Add KeycloakWebViewAuthService with integrated WebView for seamless authentication - Configure Android manifest for HTTP cleartext traffic support - Add network security config for development environment (192.168.1.11) - Update Keycloak client to use HTTP callback endpoint (http://192.168.1.11:8080/auth/callback) - Remove obsolete keycloak_auth_service.dart and temporary scripts - Clean up dependencies and regenerate injection configuration - Tested successfully on multiple Android devices (Xiaomi 2201116TG, SM A725F) BREAKING CHANGE: Authentication flow now uses WebView instead of external browser - Users will see Keycloak login page within the app instead of browser redirect - Resolves ERR_CLEARTEXT_NOT_PERMITTED and deep link state management issues - Maintains full OIDC compliance with PKCE flow and secure token storage Technical improvements: - WebView with custom navigation delegate for callback handling - Automatic token extraction and user info parsing from JWT - Proper error handling and user feedback - Consistent authentication state management across app lifecycle
This commit is contained in:
DahoudG
@@ -1,24 +1,120 @@
|
||||
# Configuration de base pour UnionFlow Server
|
||||
# Configuration UnionFlow Server
|
||||
quarkus.application.name=unionflow-server
|
||||
quarkus.application.version=1.0.0
|
||||
|
||||
# Configuration HTTP
|
||||
quarkus.http.port=8080
|
||||
quarkus.http.host=0.0.0.0
|
||||
|
||||
# Configuration de développement
|
||||
%dev.quarkus.log.level=INFO
|
||||
%dev.quarkus.log.console.enable=true
|
||||
# Configuration CORS
|
||||
quarkus.http.cors=true
|
||||
quarkus.http.cors.origins=*
|
||||
quarkus.http.cors.methods=GET,POST,PUT,DELETE,OPTIONS
|
||||
quarkus.http.cors.headers=Content-Type,Authorization
|
||||
|
||||
# Configuration de base de données (PostgreSQL)
|
||||
# Configuration Base de données PostgreSQL
|
||||
quarkus.datasource.db-kind=postgresql
|
||||
quarkus.datasource.username=unionflow
|
||||
quarkus.datasource.password=unionflow
|
||||
quarkus.datasource.jdbc.url=jdbc:postgresql://localhost:5432/unionflow_dev
|
||||
quarkus.hibernate-orm.database.generation=drop-and-create
|
||||
quarkus.hibernate-orm.log.sql=false
|
||||
quarkus.datasource.username=${DB_USERNAME:unionflow}
|
||||
quarkus.datasource.password=${DB_PASSWORD:unionflow123}
|
||||
quarkus.datasource.jdbc.url=${DB_URL:jdbc:postgresql://localhost:5432/unionflow}
|
||||
quarkus.datasource.jdbc.min-size=2
|
||||
quarkus.datasource.jdbc.max-size=10
|
||||
|
||||
# Configuration pour le développement sans base de données externe
|
||||
%dev.quarkus.datasource.db-kind=h2
|
||||
%dev.quarkus.datasource.jdbc.url=jdbc:h2:mem:unionflow;DB_CLOSE_DELAY=-1
|
||||
%dev.quarkus.hibernate-orm.database.generation=drop-and-create
|
||||
# Configuration Hibernate
|
||||
quarkus.hibernate-orm.database.generation=update
|
||||
quarkus.hibernate-orm.log.sql=false
|
||||
quarkus.hibernate-orm.jdbc.timezone=UTC
|
||||
quarkus.hibernate-orm.packages=dev.lions.unionflow.server.entity
|
||||
|
||||
# Configuration Flyway pour migrations
|
||||
quarkus.flyway.migrate-at-start=true
|
||||
quarkus.flyway.baseline-on-migrate=true
|
||||
quarkus.flyway.baseline-version=1.0.0
|
||||
|
||||
# Configuration Keycloak OIDC
|
||||
quarkus.oidc.auth-server-url=http://192.168.1.11:8180/realms/unionflow
|
||||
quarkus.oidc.client-id=unionflow-server
|
||||
quarkus.oidc.credentials.secret=unionflow-secret-2025
|
||||
quarkus.oidc.tls.verification=none
|
||||
quarkus.oidc.application-type=service
|
||||
|
||||
# Configuration Keycloak Policy Enforcer (temporairement désactivé)
|
||||
quarkus.keycloak.policy-enforcer.enable=false
|
||||
quarkus.keycloak.policy-enforcer.lazy-load-paths=true
|
||||
quarkus.keycloak.policy-enforcer.enforcement-mode=PERMISSIVE
|
||||
|
||||
# Chemins publics (non protégés)
|
||||
quarkus.http.auth.permission.public.paths=/health,/q/*,/favicon.ico,/auth/callback,/auth/*
|
||||
quarkus.http.auth.permission.public.policy=permit
|
||||
|
||||
# Configuration OpenAPI
|
||||
quarkus.smallrye-openapi.info-title=UnionFlow Server API
|
||||
quarkus.smallrye-openapi.info-version=1.0.0
|
||||
quarkus.smallrye-openapi.info-description=API REST pour la gestion d'union avec authentification Keycloak
|
||||
quarkus.smallrye-openapi.servers=http://localhost:8080
|
||||
|
||||
# Configuration Swagger UI
|
||||
quarkus.swagger-ui.always-include=true
|
||||
quarkus.swagger-ui.path=/swagger-ui
|
||||
|
||||
# Configuration santé
|
||||
quarkus.smallrye-health.root-path=/health
|
||||
|
||||
# Configuration logging
|
||||
quarkus.log.console.enable=true
|
||||
quarkus.log.console.level=INFO
|
||||
quarkus.log.console.format=%d{yyyy-MM-dd HH:mm:ss,SSS} %-5p [%c{2.}] (%t) %s%e%n
|
||||
quarkus.log.category."dev.lions.unionflow".level=INFO
|
||||
quarkus.log.category."org.hibernate".level=WARN
|
||||
quarkus.log.category."io.quarkus".level=INFO
|
||||
|
||||
# ========================================
|
||||
# PROFILS DE CONFIGURATION
|
||||
# ========================================
|
||||
|
||||
# Profil de développement
|
||||
%dev.quarkus.datasource.db-kind=h2
|
||||
%dev.quarkus.datasource.username=sa
|
||||
%dev.quarkus.datasource.password=
|
||||
%dev.quarkus.datasource.jdbc.url=jdbc:h2:mem:unionflow_dev;DB_CLOSE_DELAY=-1;MODE=PostgreSQL
|
||||
%dev.quarkus.hibernate-orm.database.generation=drop-and-create
|
||||
%dev.quarkus.hibernate-orm.log.sql=true
|
||||
%dev.quarkus.flyway.migrate-at-start=false
|
||||
%dev.quarkus.log.category."dev.lions.unionflow".level=DEBUG
|
||||
%dev.quarkus.log.category."org.hibernate.SQL".level=DEBUG
|
||||
|
||||
# Configuration Keycloak pour développement
|
||||
%dev.quarkus.oidc.tenant-enabled=true
|
||||
%dev.quarkus.oidc.auth-server-url=http://192.168.1.11:8180/realms/unionflow
|
||||
%dev.quarkus.oidc.client-id=unionflow-server
|
||||
%dev.quarkus.oidc.credentials.secret=unionflow-secret-2025
|
||||
%dev.quarkus.oidc.tls.verification=none
|
||||
%dev.quarkus.oidc.application-type=service
|
||||
%dev.quarkus.keycloak.policy-enforcer.enable=false
|
||||
%dev.quarkus.keycloak.policy-enforcer.lazy-load-paths=true
|
||||
%dev.quarkus.keycloak.policy-enforcer.enforcement-mode=PERMISSIVE
|
||||
|
||||
# Profil de test
|
||||
%test.quarkus.datasource.db-kind=h2
|
||||
%test.quarkus.datasource.username=sa
|
||||
%test.quarkus.datasource.password=
|
||||
%test.quarkus.datasource.jdbc.url=jdbc:h2:mem:test;DB_CLOSE_DELAY=-1
|
||||
%test.quarkus.hibernate-orm.database.generation=drop-and-create
|
||||
%test.quarkus.flyway.migrate-at-start=false
|
||||
|
||||
# Configuration Keycloak pour tests (désactivé)
|
||||
%test.quarkus.oidc.tenant-enabled=false
|
||||
%test.quarkus.keycloak.policy-enforcer.enable=false
|
||||
|
||||
# Profil de production
|
||||
%prod.quarkus.hibernate-orm.database.generation=validate
|
||||
%prod.quarkus.hibernate-orm.log.sql=false
|
||||
%prod.quarkus.log.console.level=WARN
|
||||
%prod.quarkus.log.category."dev.lions.unionflow".level=INFO
|
||||
%prod.quarkus.log.category.root.level=WARN
|
||||
|
||||
# Configuration Keycloak pour production
|
||||
%prod.quarkus.oidc.auth-server-url=${KEYCLOAK_SERVER_URL:http://192.168.1.11:8180/realms/unionflow}
|
||||
%prod.quarkus.oidc.client-id=${KEYCLOAK_CLIENT_ID:unionflow-server}
|
||||
%prod.quarkus.oidc.credentials.secret=${KEYCLOAK_CLIENT_SECRET}
|
||||
%prod.quarkus.oidc.tls.verification=required
|
||||
|
||||
Reference in New Issue
Block a user