Fix KeyCloak

labs/3-Add-Identity/end/eShop.AppHost/Program.cs

@@ -31,8 +31,12 @@
         .WithReference(idp);        
 
 // Inject the project URLs for Keycloak realm configuration
-idp.WithEnvironment("WEBAPP_HTTP", webApp.GetEndpoint("http"));
-idp.WithEnvironment("WEBAPP_HTTPS", webApp.GetEndpoint("https"));
+var webAppHttp = webApp.GetEndpoint("http");
+var webAppHttps = webApp.GetEndpoint("https");
+idp.WithEnvironment("WEBAPP_HTTP_CONTAINERHOST", webAppHttp);
+idp.WithEnvironment("WEBAPP_HTTPS_CONTAINERHOST", webAppHttps);
+idp.WithEnvironment("WEBAPP_HTTP", () => $"{webAppHttp.Scheme}://{webAppHttp.Host}:{webAppHttp.Port}");
+idp.WithEnvironment("WEBAPP_HTTPS", () => $"{webAppHttps.Scheme}://{webAppHttps.Host}:{webAppHttps.Port}");
 
 // Inject assigned URLs for Catalog API
 catalogApi.WithEnvironment("CatalogOptions__PicBaseAddress", catalogApi.GetEndpoint("http"));

labs/3-Add-Identity/src/Keycloak/data/import/eshop-realm.json

@@ -255,6 +255,7 @@
         "attributes" : { }
       } ],
       "security-admin-console" : [ ],
+      "orderingswaggerui" : [ ],
       "admin-cli" : [ ],
       "account-console" : [ ],
       "broker" : [ {
@@ -560,6 +561,42 @@
     "nodeReRegistrationTimeout" : 0,
     "defaultClientScopes" : [ "web-origins", "acr", "profile", "roles", "email" ],
     "optionalClientScopes" : [ "address", "phone", "offline_access", "microprofile-jwt" ]
+  }, {
+    "id" : "6bbe9167-4ac5-49e3-a0ea-06fa6b9fe56c",
+    "clientId" : "orderingswaggerui",
+    "name" : "Ordering Swagger UI",
+    "description" : "",
+    "rootUrl" : "${ORDERINGAPI_HTTP}",
+    "adminUrl" : "${ORDERINGAPI_HTTP}",
+    "baseUrl" : "${ORDERINGAPI_HTTP}",
+    "surrogateAuthRequired" : false,
+    "enabled" : true,
+    "alwaysDisplayInConsole" : false,
+    "clientAuthenticatorType" : "client-secret",
+    "redirectUris" : [ "${ORDERINGAPI_HTTP}/*" ],
+    "webOrigins" : [ "${ORDERINGAPI_HTTP}" ],
+    "notBefore" : 0,
+    "bearerOnly" : false,
+    "consentRequired" : false,
+    "standardFlowEnabled" : true,
+    "implicitFlowEnabled" : true,
+    "directAccessGrantsEnabled" : true,
+    "serviceAccountsEnabled" : false,
+    "publicClient" : true,
+    "frontchannelLogout" : true,
+    "protocol" : "openid-connect",
+    "attributes" : {
+      "oidc.ciba.grant.enabled" : "false",
+      "post.logout.redirect.uris" : "+",
+      "oauth2.device.authorization.grant.enabled" : "false",
+      "backchannel.logout.session.required" : "true",
+      "backchannel.logout.revoke.offline.tokens" : "false"
+    },
+    "authenticationFlowBindingOverrides" : { },
+    "fullScopeAllowed" : true,
+    "nodeReRegistrationTimeout" : -1,
+    "defaultClientScopes" : [ "web-origins", "acr", "profile", "roles", "email" ],
+    "optionalClientScopes" : [ "address", "phone", "offline_access", "microprofile-jwt" ]
   }, {
     "id" : "348d0c1d-6d87-4975-b5b1-d3f7ca245cd0",
     "clientId" : "realm-management",
@@ -640,9 +677,9 @@
     "clientId" : "webapp",
     "name" : "eShop Web Frontend",
     "description" : "The frontend web site of the eShop system.",
-    "rootUrl": "${WEBAPP_HTTP}",
-    "adminUrl": "${WEBAPP_HTTP}",
-    "baseUrl": "${WEBAPP_HTTP}",
+    "rootUrl": "${WEBAPP_HTTPS}",
+    "adminUrl": "${WEBAPP_HTTPS_CONTAINERHOST}",
+    "baseUrl": "${WEBAPP_HTTPS}",
     "surrogateAuthRequired" : false,
     "enabled" : true,
     "alwaysDisplayInConsole" : false,

labs/4-Add-Shopping-Basket/end/Keycloak/data/import/eshop-realm.json

@@ -255,6 +255,7 @@
         "attributes" : { }
       } ],
       "security-admin-console" : [ ],
+      "orderingswaggerui" : [ ],
       "admin-cli" : [ ],
       "account-console" : [ ],
       "broker" : [ {
@@ -560,6 +561,42 @@
     "nodeReRegistrationTimeout" : 0,
     "defaultClientScopes" : [ "web-origins", "acr", "profile", "roles", "email" ],
     "optionalClientScopes" : [ "address", "phone", "offline_access", "microprofile-jwt" ]
+  }, {
+    "id" : "6bbe9167-4ac5-49e3-a0ea-06fa6b9fe56c",
+    "clientId" : "orderingswaggerui",
+    "name" : "Ordering Swagger UI",
+    "description" : "",
+    "rootUrl" : "${ORDERINGAPI_HTTP}",
+    "adminUrl" : "${ORDERINGAPI_HTTP}",
+    "baseUrl" : "${ORDERINGAPI_HTTP}",
+    "surrogateAuthRequired" : false,
+    "enabled" : true,
+    "alwaysDisplayInConsole" : false,
+    "clientAuthenticatorType" : "client-secret",
+    "redirectUris" : [ "${ORDERINGAPI_HTTP}/*" ],
+    "webOrigins" : [ "${ORDERINGAPI_HTTP}" ],
+    "notBefore" : 0,
+    "bearerOnly" : false,
+    "consentRequired" : false,
+    "standardFlowEnabled" : true,
+    "implicitFlowEnabled" : true,
+    "directAccessGrantsEnabled" : true,
+    "serviceAccountsEnabled" : false,
+    "publicClient" : true,
+    "frontchannelLogout" : true,
+    "protocol" : "openid-connect",
+    "attributes" : {
+      "oidc.ciba.grant.enabled" : "false",
+      "post.logout.redirect.uris" : "+",
+      "oauth2.device.authorization.grant.enabled" : "false",
+      "backchannel.logout.session.required" : "true",
+      "backchannel.logout.revoke.offline.tokens" : "false"
+    },
+    "authenticationFlowBindingOverrides" : { },
+    "fullScopeAllowed" : true,
+    "nodeReRegistrationTimeout" : -1,
+    "defaultClientScopes" : [ "web-origins", "acr", "profile", "roles", "email" ],
+    "optionalClientScopes" : [ "address", "phone", "offline_access", "microprofile-jwt" ]
   }, {
     "id" : "348d0c1d-6d87-4975-b5b1-d3f7ca245cd0",
     "clientId" : "realm-management",
@@ -640,9 +677,9 @@
     "clientId" : "webapp",
     "name" : "eShop Web Frontend",
     "description" : "The frontend web site of the eShop system.",
-    "rootUrl": "${WEBAPP_HTTP}",
-    "adminUrl": "${WEBAPP_HTTP}",
-    "baseUrl": "${WEBAPP_HTTP}",
+    "rootUrl": "${WEBAPP_HTTPS}",
+    "adminUrl": "${WEBAPP_HTTPS_CONTAINERHOST}",
+    "baseUrl": "${WEBAPP_HTTPS}",
     "surrogateAuthRequired" : false,
     "enabled" : true,
     "alwaysDisplayInConsole" : false,

labs/4-Add-Shopping-Basket/end/eShop.AppHost/Program.cs

@@ -34,8 +34,12 @@
     .WithReference(idp);    
 
 // Inject the project URLs for Keycloak realm configuration
-idp.WithEnvironment("WEBAPP_HTTP", webApp.GetEndpoint("http"));
-idp.WithEnvironment("WEBAPP_HTTPS", webApp.GetEndpoint("https"));
+var webAppHttp = webApp.GetEndpoint("http");
+var webAppHttps = webApp.GetEndpoint("https");
+idp.WithEnvironment("WEBAPP_HTTP_CONTAINERHOST", webAppHttp);
+idp.WithEnvironment("WEBAPP_HTTPS_CONTAINERHOST", webAppHttps);
+idp.WithEnvironment("WEBAPP_HTTP", () => $"{webAppHttp.Scheme}://{webAppHttp.Host}:{webAppHttp.Port}");
+idp.WithEnvironment("WEBAPP_HTTPS", () => $"{webAppHttps.Scheme}://{webAppHttps.Host}:{webAppHttps.Port}");
 
 // Inject assigned URLs for Catalog API
 catalogApi.WithEnvironment("CatalogOptions__PicBaseAddress", catalogApi.GetEndpoint("http"));

labs/4-Add-Shopping-Basket/src/Keycloak/data/import/eshop-realm.json

@@ -255,6 +255,7 @@
         "attributes" : { }
       } ],
       "security-admin-console" : [ ],
+      "orderingswaggerui" : [ ],
       "admin-cli" : [ ],
       "account-console" : [ ],
       "broker" : [ {
@@ -560,6 +561,42 @@
     "nodeReRegistrationTimeout" : 0,
     "defaultClientScopes" : [ "web-origins", "acr", "profile", "roles", "email" ],
     "optionalClientScopes" : [ "address", "phone", "offline_access", "microprofile-jwt" ]
+  }, {
+    "id" : "6bbe9167-4ac5-49e3-a0ea-06fa6b9fe56c",
+    "clientId" : "orderingswaggerui",
+    "name" : "Ordering Swagger UI",
+    "description" : "",
+    "rootUrl" : "${ORDERINGAPI_HTTP}",
+    "adminUrl" : "${ORDERINGAPI_HTTP}",
+    "baseUrl" : "${ORDERINGAPI_HTTP}",
+    "surrogateAuthRequired" : false,
+    "enabled" : true,
+    "alwaysDisplayInConsole" : false,
+    "clientAuthenticatorType" : "client-secret",
+    "redirectUris" : [ "${ORDERINGAPI_HTTP}/*" ],
+    "webOrigins" : [ "${ORDERINGAPI_HTTP}" ],
+    "notBefore" : 0,
+    "bearerOnly" : false,
+    "consentRequired" : false,
+    "standardFlowEnabled" : true,
+    "implicitFlowEnabled" : true,
+    "directAccessGrantsEnabled" : true,
+    "serviceAccountsEnabled" : false,
+    "publicClient" : true,
+    "frontchannelLogout" : true,
+    "protocol" : "openid-connect",
+    "attributes" : {
+      "oidc.ciba.grant.enabled" : "false",
+      "post.logout.redirect.uris" : "+",
+      "oauth2.device.authorization.grant.enabled" : "false",
+      "backchannel.logout.session.required" : "true",
+      "backchannel.logout.revoke.offline.tokens" : "false"
+    },
+    "authenticationFlowBindingOverrides" : { },
+    "fullScopeAllowed" : true,
+    "nodeReRegistrationTimeout" : -1,
+    "defaultClientScopes" : [ "web-origins", "acr", "profile", "roles", "email" ],
+    "optionalClientScopes" : [ "address", "phone", "offline_access", "microprofile-jwt" ]
   }, {
     "id" : "348d0c1d-6d87-4975-b5b1-d3f7ca245cd0",
     "clientId" : "realm-management",
@@ -640,9 +677,9 @@
     "clientId" : "webapp",
     "name" : "eShop Web Frontend",
     "description" : "The frontend web site of the eShop system.",
-    "rootUrl": "${WEBAPP_HTTP}",
-    "adminUrl": "${WEBAPP_HTTP}",
-    "baseUrl": "${WEBAPP_HTTP}",
+    "rootUrl": "${WEBAPP_HTTPS}",
+    "adminUrl": "${WEBAPP_HTTPS_CONTAINERHOST}",
+    "baseUrl": "${WEBAPP_HTTPS}",
     "surrogateAuthRequired" : false,
     "enabled" : true,
     "alwaysDisplayInConsole" : false,

labs/4-Add-Shopping-Basket/src/eShop.AppHost/Program.cs

@@ -30,8 +30,12 @@
     .WithReference(idp);    
 
 // Inject the project URLs for Keycloak realm configuration
-idp.WithEnvironment("WEBAPP_HTTP", webApp.GetEndpoint("http"));
-idp.WithEnvironment("WEBAPP_HTTPS", webApp.GetEndpoint("https"));
+var webAppHttp = webApp.GetEndpoint("http");
+var webAppHttps = webApp.GetEndpoint("https");
+idp.WithEnvironment("WEBAPP_HTTP_CONTAINERHOST", webAppHttp);
+idp.WithEnvironment("WEBAPP_HTTPS_CONTAINERHOST", webAppHttps);
+idp.WithEnvironment("WEBAPP_HTTP", () => $"{webAppHttp.Scheme}://{webAppHttp.Host}:{webAppHttp.Port}");
+idp.WithEnvironment("WEBAPP_HTTPS", () => $"{webAppHttps.Scheme}://{webAppHttps.Host}:{webAppHttps.Port}");
 
 // Inject assigned URLs for Catalog API
 catalogApi.WithEnvironment("CatalogOptions__PicBaseAddress", catalogApi.GetEndpoint("http"));

labs/5-Add-Checkout/end/Keycloak/data/import/eshop-realm.json

@@ -677,9 +677,9 @@
     "clientId" : "webapp",
     "name" : "eShop Web Frontend",
     "description" : "The frontend web site of the eShop system.",
-    "rootUrl": "${WEBAPP_HTTP}",
-    "adminUrl": "${WEBAPP_HTTP}",
-    "baseUrl": "${WEBAPP_HTTP}",
+    "rootUrl": "${WEBAPP_HTTPS}",
+    "adminUrl": "${WEBAPP_HTTPS_CONTAINERHOST}",
+    "baseUrl": "${WEBAPP_HTTPS}",
     "surrogateAuthRequired" : false,
     "enabled" : true,
     "alwaysDisplayInConsole" : false,

labs/5-Add-Checkout/end/eShop.AppHost/Program.cs

@@ -44,8 +44,12 @@
     .WithReference(idp);
 
 // Inject the project URLs for Keycloak realm configuration
-idp.WithEnvironment("WEBAPP_HTTP", webApp.GetEndpoint("http"));
-idp.WithEnvironment("WEBAPP_HTTPS", webApp.GetEndpoint("https"));
+var webAppHttp = webApp.GetEndpoint("http");
+var webAppHttps = webApp.GetEndpoint("https");
+idp.WithEnvironment("WEBAPP_HTTP_CONTAINERHOST", webAppHttp);
+idp.WithEnvironment("WEBAPP_HTTPS_CONTAINERHOST", webAppHttps);
+idp.WithEnvironment("WEBAPP_HTTP", () => $"{webAppHttp.Scheme}://{webAppHttp.Host}:{webAppHttp.Port}");
+idp.WithEnvironment("WEBAPP_HTTPS", () => $"{webAppHttps.Scheme}://{webAppHttps.Host}:{webAppHttps.Port}");
 idp.WithEnvironment("ORDERINGAPI_HTTP", orderingApi.GetEndpoint("http"));
 
 // Inject assigned URLs for Catalog API

labs/5-Add-Checkout/src/Keycloak/data/import/eshop-realm.json

@@ -677,9 +677,9 @@
     "clientId" : "webapp",
     "name" : "eShop Web Frontend",
     "description" : "The frontend web site of the eShop system.",
-    "rootUrl": "${WEBAPP_HTTP}",
-    "adminUrl": "${WEBAPP_HTTP}",
-    "baseUrl": "${WEBAPP_HTTP}",
+    "rootUrl": "${WEBAPP_HTTPS}",
+    "adminUrl": "${WEBAPP_HTTPS_CONTAINERHOST}",
+    "baseUrl": "${WEBAPP_HTTPS}",
     "surrogateAuthRequired" : false,
     "enabled" : true,
     "alwaysDisplayInConsole" : false,

labs/5-Add-Checkout/src/eShop.AppHost/Program.cs

@@ -40,8 +40,12 @@
     .WithReference(idp);
 
 // Inject the project URLs for Keycloak realm configuration
-idp.WithEnvironment("WEBAPP_HTTP", webApp.GetEndpoint("http"));
-idp.WithEnvironment("WEBAPP_HTTPS", webApp.GetEndpoint("https"));
+var webAppHttp = webApp.GetEndpoint("http");
+var webAppHttps = webApp.GetEndpoint("https");
+idp.WithEnvironment("WEBAPP_HTTP_CONTAINERHOST", webAppHttp);
+idp.WithEnvironment("WEBAPP_HTTPS_CONTAINERHOST", webAppHttps);
+idp.WithEnvironment("WEBAPP_HTTP", () => $"{webAppHttp.Scheme}://{webAppHttp.Host}:{webAppHttp.Port}");
+idp.WithEnvironment("WEBAPP_HTTPS", () => $"{webAppHttps.Scheme}://{webAppHttps.Host}:{webAppHttps.Port}");
 idp.WithEnvironment("ORDERINGAPI_HTTP", () => "http://placeholder-for-ordering-api");
 
 // Inject assigned URLs for Catalog API

labs/6-Add-Resiliency/src/Keycloak/data/import/eshop-realm.json

@@ -677,9 +677,9 @@
     "clientId" : "webapp",
     "name" : "eShop Web Frontend",
     "description" : "The frontend web site of the eShop system.",
-    "rootUrl": "${WEBAPP_HTTP}",
-    "adminUrl": "${WEBAPP_HTTP}",
-    "baseUrl": "${WEBAPP_HTTP}",
+    "rootUrl": "${WEBAPP_HTTPS}",
+    "adminUrl": "${WEBAPP_HTTPS_CONTAINERHOST}",
+    "baseUrl": "${WEBAPP_HTTPS}",
     "surrogateAuthRequired" : false,
     "enabled" : true,
     "alwaysDisplayInConsole" : false,

labs/6-Add-Resiliency/src/eShop.AppHost/Program.cs

@@ -45,8 +45,12 @@
     .WithReference(idp);
 
 // Inject the project URLs for Keycloak realm configuration
-idp.WithEnvironment("WEBAPP_HTTP", webApp.GetEndpoint("http"));
-idp.WithEnvironment("WEBAPP_HTTPS", webApp.GetEndpoint("https"));
+var webAppHttp = webApp.GetEndpoint("http");
+var webAppHttps = webApp.GetEndpoint("https");
+idp.WithEnvironment("WEBAPP_HTTP_CONTAINERHOST", webAppHttp);
+idp.WithEnvironment("WEBAPP_HTTPS_CONTAINERHOST", webAppHttps);
+idp.WithEnvironment("WEBAPP_HTTP", () => $"{webAppHttp.Scheme}://{webAppHttp.Host}:{webAppHttp.Port}");
+idp.WithEnvironment("WEBAPP_HTTPS", () => $"{webAppHttps.Scheme}://{webAppHttps.Host}:{webAppHttps.Port}");
 idp.WithEnvironment("ORDERINGAPI_HTTP", orderingApi.GetEndpoint("http"));
 
 // Inject assigned URLs for Catalog API

src/Keycloak/data/import/eshop-realm.json

@@ -677,9 +677,9 @@
     "clientId" : "webapp",
     "name" : "eShop Web Frontend",
     "description" : "The frontend web site of the eShop system.",
-    "rootUrl": "${WEBAPP_HTTP}",
-    "adminUrl": "${WEBAPP_HTTP}",
-    "baseUrl": "${WEBAPP_HTTP}",
+    "rootUrl": "${WEBAPP_HTTPS}",
+    "adminUrl": "${WEBAPP_HTTPS_CONTAINERHOST}",
+    "baseUrl": "${WEBAPP_HTTPS}",
     "surrogateAuthRequired" : false,
     "enabled" : true,
     "alwaysDisplayInConsole" : false,

src/eShop.AppHost/Program.cs

@@ -45,8 +45,12 @@
     .WithReference(idp);
 
 // Inject the project URLs for Keycloak realm configuration
-idp.WithEnvironment("WEBAPP_HTTP", webApp.GetEndpoint("http"));
-idp.WithEnvironment("WEBAPP_HTTPS", webApp.GetEndpoint("https"));
+var webAppHttp = webApp.GetEndpoint("http");
+var webAppHttps = webApp.GetEndpoint("https");
+idp.WithEnvironment("WEBAPP_HTTP_CONTAINERHOST", webAppHttp);
+idp.WithEnvironment("WEBAPP_HTTPS_CONTAINERHOST", webAppHttps);
+idp.WithEnvironment("WEBAPP_HTTP", () => $"{webAppHttp.Scheme}://{webAppHttp.Host}:{webAppHttp.Port}");
+idp.WithEnvironment("WEBAPP_HTTPS", () => $"{webAppHttps.Scheme}://{webAppHttps.Host}:{webAppHttps.Port}");
 idp.WithEnvironment("ORDERINGAPI_HTTP", orderingApi.GetEndpoint("http"));
 
 // Inject assigned URLs for Catalog API