refactor(nextauth): change provider from Google to Keycloak
- using self-hosted keycloak as SSO `https://sso.mareshq.com`
This commit is contained in:
parent
083fe4565d
commit
2a7b833b2e
GPG key ID:
C6827B976F17240D
7 changed files with 40 additions and 25 deletions
10
src/env.mjs
10
src/env.mjs
|
|
@ -21,8 +21,9 @@ export const env = createEnv({
|
|||
process.env.VERCEL ? z.string().min(1) : z.string().url(),
|
||||
),
|
||||
// Add `.min(1) on ID and SECRET if you want to make sure they're not empty
|
||||
GOOGLE_CLIENT_ID: z.string(),
|
||||
GOOGLE_CLIENT_SECRET: z.string(),
|
||||
KEYCLOAK_CLIENT_ID: z.string(),
|
||||
KEYCLOAK_CLIENT_SECRET: z.string(),
|
||||
KEYCLOAK_ISSUER: z.string(),
|
||||
},
|
||||
|
||||
/**
|
||||
|
|
@ -43,8 +44,9 @@ export const env = createEnv({
|
|||
NODE_ENV: process.env.NODE_ENV,
|
||||
NEXTAUTH_SECRET: process.env.NEXTAUTH_SECRET,
|
||||
NEXTAUTH_URL: process.env.NEXTAUTH_URL,
|
||||
GOOGLE_CLIENT_ID: process.env.GOOGLE_CLIENT_ID,
|
||||
GOOGLE_CLIENT_SECRET: process.env.GOOGLE_CLIENT_SECRET,
|
||||
KEYCLOAK_CLIENT_ID: process.env.KEYCLOAK_CLIENT_ID,
|
||||
KEYCLOAK_CLIENT_SECRET: process.env.KEYCLOAK_CLIENT_SECRET,
|
||||
KEYCLOAK_ISSUER: process.env.KEYCLOAK_ISSUER,
|
||||
},
|
||||
/**
|
||||
* Run `build` or `dev` with `SKIP_ENV_VALIDATION` to skip env validation.
|
||||
|
|
|
|||
|
|
@ -5,7 +5,7 @@ import {
|
|||
type NextAuthOptions,
|
||||
type DefaultSession,
|
||||
} from "next-auth";
|
||||
import GoogleProvider from "next-auth/providers/google";
|
||||
import KeycloakProvider from "next-auth/providers/keycloak";
|
||||
import { env } from "~/env.mjs";
|
||||
import { prisma } from "~/server/db";
|
||||
|
||||
|
|
@ -49,9 +49,14 @@ export const authOptions: NextAuthOptions = {
|
|||
},
|
||||
adapter: PrismaAdapter(prisma),
|
||||
providers: [
|
||||
GoogleProvider({
|
||||
clientId: env.GOOGLE_CLIENT_ID,
|
||||
clientSecret: env.GOOGLE_CLIENT_SECRET,
|
||||
KeycloakProvider({
|
||||
clientId: env.KEYCLOAK_CLIENT_ID,
|
||||
clientSecret: env.KEYCLOAK_CLIENT_SECRET,
|
||||
issuer: env.KEYCLOAK_ISSUER,
|
||||
// authorizationUrl: env.KEYCLOAK_ISSUER + "/protocol/openid-connect/auth",
|
||||
// accessTokenUrl: env.KEYCLOAK_ISSUER + "/protocol/openid-connect/token",
|
||||
// profileUrl: env.KEYCLOAK_ISSUER + "/protocol/openid-connect/userinfo",
|
||||
// wellKnown: env.KEYCLOAK_ISSUER + "/.well-known/openid-configuration",
|
||||
}),
|
||||
/**
|
||||
* ...add more providers here.
|
||||
|
|
|
|||
Reference in a new issue