hrms-bangkok/hrms-api-backend
7
0
Fork 0
Code Issues Pull requests Projects Releases Packages 7 Wiki Activity Actions

Add Keycloak and GlobalException

Browse source
This commit is contained in:
Suphonchai Phoonsawat 2023-06-25 18:48:28 +07:00
parent 1ba2f2eec1
commit e49c6a4aca
7 changed files with 2053 additions and 3 deletions
Download patch file Download diff file Expand all files Collapse all files

10
BMA.EHR.Application/Common/Interfaces/IApplicationDBContext.cs
View file

@ -5,19 +5,27 @@ using Microsoft.EntityFrameworkCore;
namespace BMA.EHR.Application.Common.Interfaces
{
public interface IApplicationDBContext
{
{
#region " Prefix "
DbSet<PrefixEntity> MD_Prefixes { get; set; }
DbSet<PrefixDraftEntity> MD_Prefix_Drafts { get; set; }
DbSet<PrefixPublishHistoryEntity> MD_Prefix_Histories { get; set; }
#endregion
#region " BloodGroup "
DbSet<BloodGroupEntity> MD_BloodGroups { get; set; }
DbSet<BloodGroupDraftEntity> MD_BloodGroup_Drafts { get; set; }
DbSet<BloodGroupPublishHistoryEntity> MD_BloodGroup_Histories { get; set; }
#endregion
Task<int> SaveChangesAsync();
}
}

3
BMA.EHR.MetaData.Service/Controllers/PrefixController.cs
View file

@ -1,11 +1,12 @@
using BMA.EHR.Application.Repositories.Prefix;
using Microsoft.AspNetCore.Http;
using Microsoft.AspNetCore.Authorization;
using Microsoft.AspNetCore.Mvc;
namespace BMA.EHR.MetaData.Service.Controllers
{
[Route("api/prefix")]
[ApiController]
[Authorize]
public class PrefixController : ControllerBase
{
private readonly PrefixRepository _prefixRepository;

83
BMA.EHR.MetaData.Service/ErrorHandlerMiddleware.cs Normal file
View file

@ -0,0 +1,83 @@
using BMA.EHR.Domain.Common;
using System.Net;
namespace BMA.EHR.MetaData.Service
{
public class ErrorHandlerMiddleware
{
#region " Fields "
private readonly RequestDelegate _next;
#endregion
#region " Constructor and Destructor "
public ErrorHandlerMiddleware(RequestDelegate next)
{
_next = next;
}
#endregion
#region " Methods "
public async Task Invoke(HttpContext context)
{
try
{
await _next(context);
var response = context.Response;
response.ContentType = "application/json";
var responseModel = new ResponseObject();
responseModel.Status = response.StatusCode;
if (responseModel.Status == (int)HttpStatusCode.Unauthorized)
{
responseModel.Message = "กรุณาเข้าสู่ระบบก่อนใช้งาน!";
await response.WriteAsJsonAsync(responseModel);
}
if (responseModel.Status == (int)HttpStatusCode.Forbidden)
{
responseModel.Message = "คุณไม่ได้รับอนุญาติให้เข้าใช้งาน!";
await response.WriteAsJsonAsync(responseModel);
}
}
catch (Exception error)
{
var response = context.Response;
response.ContentType = "application/json";
var responseModel = new ResponseObject();
responseModel.Status = response.StatusCode;
var msg = error.Message;
var inner = error.InnerException;
while (inner != null)
{
msg += $" {inner.Message}\r\n";
inner = inner.InnerException;
}
responseModel.Result = msg;
switch (response.StatusCode)
{
case (int)HttpStatusCode.Unauthorized:
responseModel.Message = "กรุณาเข้าสู่ระบบก่อนใช้งาน!";
break;
case (int)HttpStatusCode.Forbidden:
responseModel.Message = "คุณไม่ได้รับอนุญาติให้เข้าใช้งาน!";
break;
default:
responseModel.Status = (int)HttpStatusCode.InternalServerError;
responseModel.Message = "เกิดข้อผิดพลาดขึ้นในระบบ กรุณาติดต่อผู้ดูแลระบบ!";
break;
}
await response.WriteAsJsonAsync(responseModel);
}
}
#endregion
}
}

3
BMA.EHR.MetaData.Service/Program.cs
View file

@ -112,7 +112,8 @@ var app = builder.Build();
app.MapHealthChecks("/health");
app.UseHttpsRedirection();
app.UseMiddleware<ErrorHandlerMiddleware>();
app.UseHttpsRedirection();
app.UseCors();
app.UseAuthentication();
app.UseAuthorization();

184
BMA.EHR.MetaData.Service/wwwroot/index.html Normal file
View file

@ -0,0 +1,184 @@
<!--
~ Copyright 2016 Red Hat, Inc. and/or its affiliates
~ and other contributors as indicated by the @author tags.
~
~ Licensed under the Apache License, Version 2.0 (the "License");
~ you may not use this file except in compliance with the License.
~ You may obtain a copy of the License at
~
~ http://www.apache.org/licenses/LICENSE-2.0
~
~ Unless required by applicable law or agreed to in writing, software
~ distributed under the License is distributed on an "AS IS" BASIS,
~ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
~ See the License for the specific language governing permissions and
~ limitations under the License.
-->
<html>
<head>
<script src="./keycloak.js"></script>
</head>
<body>
<div>
<button onclick="keycloak.login()">Login</button>
<button onclick="keycloak.login({ action: 'UPDATE_PASSWORD' })">Update Password</button>
<button onclick="keycloak.logout()">Logout</button>
<button onclick="keycloak.register()">Register</button>
<button onclick="keycloak.accountManagement()">Account</button>
<button onclick="refreshToken(9999)">Refresh Token</button>
<button onclick="refreshToken(30)">Refresh Token (if <30s validity)</button>
<button onclick="loadProfile()">Get Profile</button>
<button onclick="updateProfile()">Update profile</button>
<button onclick="loadUserInfo()">Get User Info</button>
<button onclick="output(keycloak.tokenParsed)">Show Token</button>
<button onclick="output(keycloak.refreshTokenParsed)">Show Refresh Token</button>
<button onclick="output(keycloak.idTokenParsed)">Show ID Token</button>
<button onclick="showExpires()">Show Expires</button>
<button onclick="output(keycloak)">Show Details</button>
<button onclick="output(keycloak.createLoginUrl())">Show Login URL</button>
<button onclick="output(keycloak.createLogoutUrl())">Show Logout URL</button>
<button onclick="output(keycloak.createRegisterUrl())">Show Register URL</button>
<button onclick="output(keycloak.createAccountUrl())">Show Account URL</button>
</div>
<h2>Result</h2>
<pre style="background-color: #ddd; border: 1px solid #ccc; padding: 10px; word-wrap: break-word; white-space: pre-wrap;" id="output"></pre>
<h2>Events</h2>
<pre style="background-color: #ddd; border: 1px solid #ccc; padding: 10px; word-wrap: break-word; white-space: pre-wrap;" id="events"></pre>
<script>
function loadProfile() {
keycloak.loadUserProfile().success(function(profile) {
output(profile);
}).error(function() {
output('Failed to load profile');
});
}
function updateProfile() {
var url = keycloak.createAccountUrl().split('?')[0];
var req = new XMLHttpRequest();
req.open('POST', url, true);
req.setRequestHeader('Accept', 'application/json');
req.setRequestHeader('Content-Type', 'application/json');
req.setRequestHeader('Authorization', 'bearer ' + keycloak.token);
req.onreadystatechange = function () {
if (req.readyState == 4) {
if (req.status == 200) {
output('Success');
} else {
output('Failed');
}
}
}
req.send('{"email":"myemail@foo.bar","firstName":"test","lastName":"bar"}');
}
function loadUserInfo() {
keycloak.loadUserInfo().success(function(userInfo) {
output(userInfo);
}).error(function() {
output('Failed to load user info');
});
}
function refreshToken(minValidity) {
keycloak.updateToken(minValidity).then(function(refreshed) {
if (refreshed) {
output(keycloak.tokenParsed);
} else {
output('Token not refreshed, valid for ' + Math.round(keycloak.tokenParsed.exp + keycloak.timeSkew - new Date().getTime() / 1000) + ' seconds');
}
}).catch(function() {
output('Failed to refresh token');
});
}
function showExpires() {
if (!keycloak.tokenParsed) {
output("Not authenticated");
return;
}
var o = 'Token Expires:\t\t' + new Date((keycloak.tokenParsed.exp + keycloak.timeSkew) * 1000).toLocaleString() + '\n';
o += 'Token Expires in:\t' + Math.round(keycloak.tokenParsed.exp + keycloak.timeSkew - new Date().getTime() / 1000) + ' seconds\n';
if (keycloak.refreshTokenParsed) {
o += 'Refresh Token Expires:\t' + new Date((keycloak.refreshTokenParsed.exp + keycloak.timeSkew) * 1000).toLocaleString() + '\n';
o += 'Refresh Expires in:\t' + Math.round(keycloak.refreshTokenParsed.exp + keycloak.timeSkew - new Date().getTime() / 1000) + ' seconds';
}
output(o);
}
function output(data) {
if (typeof data === 'object') {
data = JSON.stringify(data, null, ' ');
}
document.getElementById('output').innerHTML = data;
}
function event(event) {
var e = document.getElementById('events').innerHTML;
document.getElementById('events').innerHTML = new Date().toLocaleString() + "\t" + event + "\n" + e;
}
var keycloak = Keycloak();
keycloak.onAuthSuccess = function () {
event('Auth Success');
};
keycloak.onAuthError = function (errorData) {
event("Auth Error: " + JSON.stringify(errorData) );
};
keycloak.onAuthRefreshSuccess = function () {
event('Auth Refresh Success');
};
keycloak.onAuthRefreshError = function () {
event('Auth Refresh Error');
};
keycloak.onAuthLogout = function () {
event('Auth Logout');
};
keycloak.onTokenExpired = function () {
event('Access token expired.');
};
keycloak.onActionUpdate = function (status) {
switch (status) {
case 'success':
event('Action completed successfully'); break;
case 'cancelled':
event('Action cancelled by user'); break;
case 'error':
event('Action failed'); break;
}
};
// Flow can be changed to 'implicit' or 'hybrid', but then client must enable implicit flow in admin console too
var initOptions = {
responseMode: 'fragment',
flow: 'standard'
};
keycloak.init(initOptions).then(function(authenticated) {
output('Init Success (' + (authenticated ? 'Authenticated' : 'Not Authenticated') + ')');
}).catch(function() {
output('Init Error');
});
</script>
</body>
</html>

1766
BMA.EHR.MetaData.Service/wwwroot/keycloak.js Normal file
View file

File diff suppressed because one or more lines are too long

7
BMA.EHR.MetaData.Service/wwwroot/keycloak.json Normal file
View file

@ -0,0 +1,7 @@
{
"realm": "bma-ehr",
"auth-server-url": "https://identity.frappet.com",
"ssl-required": "external",
"resource": "bma-ehr",
"public-client": true
}