Page Properties | ||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ||||||||||||||||||
Resources & Remarks Modification History
|
Excerpt |
---|
Configure the client application such that it can be operated outside the yuuvis® Momentum Kubernetes cluster. |
...
Section | ||||||
---|---|---|---|---|---|---|
| ||||||
|
Introduction
By default, client applications built with @yuuvis/core
library are supposed to be deployed inside the yuuvis® Momentum cluster. As a main advantage, there is no responsibility for the library to handle the authentication process. Users authenticate directly via the AUTHENTICATION service.
As of yuuvis® Momentum version 2021 Autumn, the @yuuvis/core
library allows for the built of clients that can be deployed outside the yuuvis® Momentum cluster. Such clients authenticate via OpenID Connect to the AUTHENTICATION service and can thus be hosted fully independently. They can even be configured to support switching between different yuuvis® Momentum clusters. Users select the cluster to which they want to connect.
...
The following configuration steps are required to allow for the client deployment outside a yuuvis® Momentum cluster.
...
Setting up Keycloak
Configure a Client a client inside your Keycloak Realm that will be used to trigger login.
Code Block | ||
---|---|---|
| ||
Client ID: 'spa-client' // choose your own name Client Protocol: 'openid-connect' Access Type: 'public' Valid Redirect URIs: // match your environment Web Origins: '+' // means: everything that's also invalid redirect uris Advanced Settings Proof Key for Code Exchange Code Challenge Method: 'S256' |
...
Setting up Projects
Choose one of the following ways to setup your project.
Setup via Module Configuration
During the import of YuvCoreModule or YuvFrameworkModule
or YuvFrameworkModule
, specify the following configuration.:
Code Block | ||
---|---|---|
| ||
// app.module.ts imports: [ YuvCoreModule.forRoot({ // ... other config values oidc: { host: "https://kolibri.enaioci.net", tenant: "kolibri", issuer: "https://kc001.auth.enaioci.net/auth/realms/kolibri", clientId: "spa-client", } }) ], |
Setup via Dynamic Initialization
In case you do not know about the OIDC properties when your application starts (the OIDC profile needs to be loaded or users select one of several profiles), you will can just import YuvCoreModule
without OIDC config. The @yuuvis/core
library will try the default initialization as if the client were deployed within a yuuvis® Momentum cluster. This will cause some console errors which can be ignored.
...