diff --git a/.env.example b/.env.example index dc718a4..1fb634d 100644 --- a/.env.example +++ b/.env.example @@ -1,4 +1,4 @@ -KC_REALM_URL= +AUTH_REALM_URL= ELASTICSEARCH_PROTOCOL= ELASTICSEARCH_HOST= @@ -29,9 +29,9 @@ MAIN_MINIO_ACCESS_KEY= MAIN_MINIO_SECRET_KEY= MAIN_MINIO_BUCKET= -BACKUP_MINIO_USE_SSL= -BACKUP_MINIO_HOST= -BACKUP_MINIO_PORT= -BACKUP_MINIO_ACCESS_KEY= -BACKUP_MINIO_SECRET_KEY= +MAIN_MINIO_USE_SSL= +MAIN_MINIO_HOST= +MAIN_MINIO_PORT= +MAIN_MINIO_ACCESS_KEY= +MAIN_MINIO_SECRET_KEY= BACKUP_MINIO_BUCKET= diff --git a/src/controllers/backup-controller.ts b/src/controllers/backup-controller.ts index 3b47bf1..a685a05 100644 --- a/src/controllers/backup-controller.ts +++ b/src/controllers/backup-controller.ts @@ -27,11 +27,11 @@ const MAIN_MINIO_PORT = process.env.MAIN_MINIO_PORT; const MAIN_MINIO_ACCESS_KEY = getEnvVar("MAIN_MINIO_ACCESS_KEY"); const MAIN_MINIO_SECRET_KEY = getEnvVar("MAIN_MINIO_SECRET_KEY"); const MAIN_MINIO_BUCKET = getEnvVar("MAIN_MINIO_BUCKET"); -const BACKUP_MINIO_USE_SSL = getEnvVar("BACKUP_MINIO_USE_SSL"); -const BACKUP_MINIO_HOST = getEnvVar("BACKUP_MINIO_HOST"); -const BACKUP_MINIO_PORT = process.env.BACKUP_MINIO_PORT; -const BACKUP_MINIO_ACCESS_KEY = getEnvVar("BACKUP_MINIO_ACCESS_KEY"); -const BACKUP_MINIO_SECRET_KEY = getEnvVar("BACKUP_MINIO_SECRET_KEY"); +const MAIN_MINIO_USE_SSL = getEnvVar("MAIN_MINIO_USE_SSL"); +const MAIN_MINIO_HOST = getEnvVar("MAIN_MINIO_HOST"); +const MAIN_MINIO_PORT = process.env.MAIN_MINIO_PORT; +const MAIN_MINIO_ACCESS_KEY = getEnvVar("MAIN_MINIO_ACCESS_KEY"); +const MAIN_MINIO_SECRET_KEY = getEnvVar("MAIN_MINIO_SECRET_KEY"); const BACKUP_MINIO_BUCKET = getEnvVar("BACKUP_MINIO_BUCKET"); function jsonParseOrPlainText(str: string) { @@ -56,9 +56,9 @@ export class BackupController extends Controller { "Content-Type": "application/json", }, body: JSON.stringify({ - s3_backup_endpoint: `${BACKUP_MINIO_USE_SSL === "true" ? "https://" : "http://"}${BACKUP_MINIO_HOST}${(BACKUP_MINIO_PORT && ":" + BACKUP_MINIO_PORT) || ""}`, - s3_backup_access: BACKUP_MINIO_ACCESS_KEY, - s3_backup_secret: BACKUP_MINIO_SECRET_KEY, + s3_backup_endpoint: `${MAIN_MINIO_USE_SSL === "true" ? "https://" : "http://"}${MAIN_MINIO_HOST}${(MAIN_MINIO_PORT && ":" + MAIN_MINIO_PORT) || ""}`, + s3_backup_access: MAIN_MINIO_ACCESS_KEY, + s3_backup_secret: MAIN_MINIO_SECRET_KEY, s3_backup_bucket: BACKUP_MINIO_BUCKET, }), }, @@ -142,14 +142,14 @@ export class BackupController extends Controller { s3_source_access: MAIN_MINIO_ACCESS_KEY, s3_source_secret: MAIN_MINIO_SECRET_KEY, s3_source_bucket: MAIN_MINIO_BUCKET, - s3_dest_endpoint: `${BACKUP_MINIO_USE_SSL === "true" ? "https://" : "http://"}${BACKUP_MINIO_HOST}${(BACKUP_MINIO_PORT && ":" + BACKUP_MINIO_PORT) || ""}`, - s3_dest_access: BACKUP_MINIO_ACCESS_KEY, - s3_dest_secret: BACKUP_MINIO_SECRET_KEY, + s3_dest_endpoint: `${MAIN_MINIO_USE_SSL === "true" ? "https://" : "http://"}${MAIN_MINIO_HOST}${(MAIN_MINIO_PORT && ":" + MAIN_MINIO_PORT) || ""}`, + s3_dest_access: MAIN_MINIO_ACCESS_KEY, + s3_dest_secret: MAIN_MINIO_SECRET_KEY, }, database: { - s3_endpoint: `${BACKUP_MINIO_USE_SSL === "true" ? "https://" : "http://"}${BACKUP_MINIO_HOST}${(BACKUP_MINIO_PORT && ":" + BACKUP_MINIO_PORT) || ""}`, - s3_access: BACKUP_MINIO_ACCESS_KEY, - s3_secret: BACKUP_MINIO_SECRET_KEY, + s3_endpoint: `${MAIN_MINIO_USE_SSL === "true" ? "https://" : "http://"}${MAIN_MINIO_HOST}${(MAIN_MINIO_PORT && ":" + MAIN_MINIO_PORT) || ""}`, + s3_access: MAIN_MINIO_ACCESS_KEY, + s3_secret: MAIN_MINIO_SECRET_KEY, s3_bucket: BACKUP_MINIO_BUCKET, db_host: DB_HOST, db_port: DB_PORT, @@ -185,14 +185,14 @@ export class BackupController extends Controller { s3_restore_access: MAIN_MINIO_ACCESS_KEY, s3_restore_secret: MAIN_MINIO_SECRET_KEY, s3_restore_bucket: MAIN_MINIO_BUCKET, - s3_backup_endpoint: `${BACKUP_MINIO_USE_SSL === "true" ? "https://" : "http://"}${BACKUP_MINIO_HOST}${(BACKUP_MINIO_PORT && ":" + BACKUP_MINIO_PORT) || ""}`, - s3_backup_access: BACKUP_MINIO_ACCESS_KEY, - s3_backup_secret: BACKUP_MINIO_SECRET_KEY, + s3_backup_endpoint: `${MAIN_MINIO_USE_SSL === "true" ? "https://" : "http://"}${MAIN_MINIO_HOST}${(MAIN_MINIO_PORT && ":" + MAIN_MINIO_PORT) || ""}`, + s3_backup_access: MAIN_MINIO_ACCESS_KEY, + s3_backup_secret: MAIN_MINIO_SECRET_KEY, }, database: { - s3_endpoint: `${BACKUP_MINIO_USE_SSL === "true" ? "https://" : "http://"}${BACKUP_MINIO_HOST}${(BACKUP_MINIO_PORT && ":" + BACKUP_MINIO_PORT) || ""}`, - s3_access: BACKUP_MINIO_ACCESS_KEY, - s3_secret: BACKUP_MINIO_SECRET_KEY, + s3_endpoint: `${MAIN_MINIO_USE_SSL === "true" ? "https://" : "http://"}${MAIN_MINIO_HOST}${(MAIN_MINIO_PORT && ":" + MAIN_MINIO_PORT) || ""}`, + s3_access: MAIN_MINIO_ACCESS_KEY, + s3_secret: MAIN_MINIO_SECRET_KEY, s3_bucket: BACKUP_MINIO_BUCKET, db_host: DB_HOST, db_port: DB_PORT, @@ -216,9 +216,9 @@ export class BackupController extends Controller { }, body: JSON.stringify({ backup_name: body.name, - s3_backup_endpoint: `${BACKUP_MINIO_USE_SSL === "true" ? "https://" : "http://"}${BACKUP_MINIO_HOST}${(BACKUP_MINIO_PORT && ":" + BACKUP_MINIO_PORT) || ""}`, - s3_backup_access: BACKUP_MINIO_ACCESS_KEY, - s3_backup_secret: BACKUP_MINIO_SECRET_KEY, + s3_backup_endpoint: `${MAIN_MINIO_USE_SSL === "true" ? "https://" : "http://"}${MAIN_MINIO_HOST}${(MAIN_MINIO_PORT && ":" + MAIN_MINIO_PORT) || ""}`, + s3_backup_access: MAIN_MINIO_ACCESS_KEY, + s3_backup_secret: MAIN_MINIO_SECRET_KEY, s3_backup_bucket: BACKUP_MINIO_BUCKET, }), }, @@ -285,14 +285,14 @@ export class BackupController extends Controller { s3_source_access: MAIN_MINIO_ACCESS_KEY, s3_source_secret: MAIN_MINIO_SECRET_KEY, s3_source_bucket: MAIN_MINIO_BUCKET, - s3_dest_endpoint: `${BACKUP_MINIO_USE_SSL === "true" ? "https://" : "http://"}${BACKUP_MINIO_HOST}${(BACKUP_MINIO_PORT && ":" + BACKUP_MINIO_PORT) || ""}`, - s3_dest_access: BACKUP_MINIO_ACCESS_KEY, - s3_dest_secret: BACKUP_MINIO_SECRET_KEY, + s3_dest_endpoint: `${MAIN_MINIO_USE_SSL === "true" ? "https://" : "http://"}${MAIN_MINIO_HOST}${(MAIN_MINIO_PORT && ":" + MAIN_MINIO_PORT) || ""}`, + s3_dest_access: MAIN_MINIO_ACCESS_KEY, + s3_dest_secret: MAIN_MINIO_SECRET_KEY, }, database: { - s3_endpoint: `${BACKUP_MINIO_USE_SSL === "true" ? "https://" : "http://"}${BACKUP_MINIO_HOST}${(BACKUP_MINIO_PORT && ":" + BACKUP_MINIO_PORT) || ""}`, - s3_access: BACKUP_MINIO_ACCESS_KEY, - s3_secret: BACKUP_MINIO_SECRET_KEY, + s3_endpoint: `${MAIN_MINIO_USE_SSL === "true" ? "https://" : "http://"}${MAIN_MINIO_HOST}${(MAIN_MINIO_PORT && ":" + MAIN_MINIO_PORT) || ""}`, + s3_access: MAIN_MINIO_ACCESS_KEY, + s3_secret: MAIN_MINIO_SECRET_KEY, s3_bucket: BACKUP_MINIO_BUCKET, db_host: DB_HOST, db_port: DB_PORT, @@ -336,14 +336,14 @@ export class BackupController extends Controller { s3_source_access: MAIN_MINIO_ACCESS_KEY, s3_source_secret: MAIN_MINIO_SECRET_KEY, s3_source_bucket: MAIN_MINIO_BUCKET, - s3_dest_endpoint: `${BACKUP_MINIO_USE_SSL === "true" ? "https://" : "http://"}${BACKUP_MINIO_HOST}${(BACKUP_MINIO_PORT && ":" + BACKUP_MINIO_PORT) || ""}`, - s3_dest_access: BACKUP_MINIO_ACCESS_KEY, - s3_dest_secret: BACKUP_MINIO_SECRET_KEY, + s3_dest_endpoint: `${MAIN_MINIO_USE_SSL === "true" ? "https://" : "http://"}${MAIN_MINIO_HOST}${(MAIN_MINIO_PORT && ":" + MAIN_MINIO_PORT) || ""}`, + s3_dest_access: MAIN_MINIO_ACCESS_KEY, + s3_dest_secret: MAIN_MINIO_SECRET_KEY, }, database: { - s3_endpoint: `${BACKUP_MINIO_USE_SSL === "true" ? "https://" : "http://"}${BACKUP_MINIO_HOST}${(BACKUP_MINIO_PORT && ":" + BACKUP_MINIO_PORT) || ""}`, - s3_access: BACKUP_MINIO_ACCESS_KEY, - s3_secret: BACKUP_MINIO_SECRET_KEY, + s3_endpoint: `${MAIN_MINIO_USE_SSL === "true" ? "https://" : "http://"}${MAIN_MINIO_HOST}${(MAIN_MINIO_PORT && ":" + MAIN_MINIO_PORT) || ""}`, + s3_access: MAIN_MINIO_ACCESS_KEY, + s3_secret: MAIN_MINIO_SECRET_KEY, s3_bucket: BACKUP_MINIO_BUCKET, db_host: DB_HOST, db_port: DB_PORT, diff --git a/src/middlewares/auth-provider/keycloak.ts b/src/middlewares/auth-provider/keycloak.ts index cd4ddef..6bf7597 100644 --- a/src/middlewares/auth-provider/keycloak.ts +++ b/src/middlewares/auth-provider/keycloak.ts @@ -4,12 +4,12 @@ import { createDecoder, createVerifier } from "fast-jwt"; import HttpError from "../../interfaces/http-error"; import HttpStatus from "../../interfaces/http-status"; -if (!process.env.KC_PUBLIC_KEY && !process.env.KC_REALM_URL) { - throw new Error("Require keycloak KC_PUBLIC_KEY or KC_REALM_URL."); +if (!process.env.KC_PUBLIC_KEY && !process.env.AUTH_REALM_URL) { + throw new Error("Require keycloak KC_PUBLIC_KEY or AUTH_REALM_URL."); } -if (process.env.KC_PUBLIC_KEY && process.env.KC_REALM_URL && !process.env.KC_PREFERRED_MODE) { +if (process.env.KC_PUBLIC_KEY && process.env.AUTH_REALM_URL && !process.env.KC_PREFERRED_MODE) { throw new Error( - "AUTH_PREFERRED must be specified if KC_PUBLIC_KEY and KC_REALM_URL is provided.", + "AUTH_PREFERRED must be specified if KC_PUBLIC_KEY and AUTH_REALM_URL is provided.", ); } @@ -44,7 +44,7 @@ export async function keycloakAuth(request: Express.Request) { payload = await verifyOffline(token); break; default: - if (process.env.KC_REALM_URL) payload = await verifyOnline(token); + if (process.env.AUTH_REALM_URL) payload = await verifyOnline(token); if (process.env.KC_PUBLIC_KEY) payload = await verifyOffline(token); break; } @@ -61,7 +61,7 @@ async function verifyOffline(token: string) { } async function verifyOnline(token: string) { - const res = await fetch(`${process.env.KC_REALM_URL}/protocol/openid-connect/userinfo`, { + const res = await fetch(`${process.env.AUTH_REALM_URL}/protocol/openid-connect/userinfo`, { headers: { authorization: `Bearer ${token}` }, }).catch((e) => console.error(e));