improved Keycloak error handling

app/app/components/customize/auth-settings.js

@@ -12,12 +12,13 @@
 import Ember from 'ember';
 import constants from '../../utils/constants';
 import encoding from '../../utils/encoding';
+import NotifierMixin from "../../mixins/notifier";
 
 const {
 	computed
 } = Ember;
 
-export default Ember.Component.extend({
+export default Ember.Component.extend(NotifierMixin, {
 	appMeta: Ember.inject.service(),
 	isDocumizeProvider: computed.equal('authProvider', constants.AuthProvider.Documize),
 	isKeycloakProvider: computed.equal('authProvider', constants.AuthProvider.Keycloak),
@@ -33,7 +34,8 @@ export default Ember.Component.extend({
 		clientId: '',
 		publicKey: '',
 		adminUser: '',
-		adminPassword: ''
+		adminPassword: '',
+		group: ''
 	},
 
 	didReceiveAttrs() {
@@ -104,16 +106,50 @@ export default Ember.Component.extend({
 					}
 
 					config = Ember.copy(this.get('keycloakConfig'));
+					config.url = config.url.trim();
+					config.realm = config.realm.trim();
+					config.clientId = config.clientId.trim();
+					config.publicKey = config.publicKey.trim();
+					config.group = is.undefined(config.group) ? '' : config.group.trim();
+					config.adminUser = config.adminUser.trim();
+					config.adminPassword = config.adminPassword.trim();
+
+					if (is.endWith(config.url, '/')) {
+						config.url = config.url.substring(0, config.url.length-1);
+					}
+
 					Ember.set(config, 'publicKey', encoding.Base64.encode(this.get('keycloakConfig.publicKey')));
 					break;
 			}
+			
+			let data = { authProvider: provider, authConfig: JSON.stringify(config) };
 
-			this.get('onSave')(provider, config).then(() => {
+			this.get('onSave')(data).then(() => {
+				if (data.authProvider === constants.AuthProvider.Keycloak) {
+					this.get('onSync')().then((response) => {
+						if (response.isError) {
+							this.showNotification(response.message);
+							data.authProvider = constants.AuthProvider.Documize;
+							this.get('onSave')(data).then(() => {
+								this.showNotification('Reverted back to Documize');
+							});
+						} else {
+							if (data.authProvider === this.get('appMeta.authProvider')) {
+								this.showNotification(response.message);
+							} else {
+								this.get('onChange')(data);
+							}
+						}
+					});
+				} else {
+					this.showNotification('Saved');
+				}
 			});
-		},
-
-		onSync() {
-			this.get('onSync')();
 		}
 	}
 });
+/*
+
+MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl4M0UGhKFHe6LKyx2qNu5zTzYifMcsyvH+lV2Z3vgwQtuCf5zFrW/fHglBq9C1DQko/r2eUlVQOM+9C5nfmI60cLVGXviXRU1nWZ3MKQDogaVmSqnESOyVqBfOFEHbjuEeh5xqsLTIGElHFkEVgOfbsqs4GSmCYDgkYc6GMM9YIsk86VbBmprfaXUHmO44cR+Kh6y7rvoTAfKSohRav4+6Pl2+kZRj6SebG629OQb+q6IWVe93kC6NJWk9Y4v5teaAKui/VsoY83Ox/AblNt1wUl4QPrS9t/Be1h0M9XHfmQkmWAZnMkeo6vkcwvU9ioXkX4Zy/148M8u+WXSpgagQIDAQAB
+
+*/

app/app/pods/auth/keycloak/route.js

@@ -32,23 +32,23 @@ export default Ember.Route.extend({
 				resolve();
 			}
 
-				this.get('kcAuth').fetchProfile().then((profile) => {
-					let data = this.get('kcAuth').mapProfile(profile);
-
-					this.get("session").authenticate('authenticator:keycloak', data).then(() => {
-						this.get('audit').record("logged-in-keycloak");
-						this.transitionTo('folders');
-					}, (reject) => {
-						this.set('message', reject.Error);
-						this.set('mode', 'reject');
-						resolve();
-					});
+			this.get('kcAuth').fetchProfile().then((profile) => {
+				let data = this.get('kcAuth').mapProfile(profile);
 
+				this.get("session").authenticate('authenticator:keycloak', data).then(() => {
+					this.get('audit').record("logged-in-keycloak");
+					this.transitionTo('folders');
 				}, (reject) => {
+					this.set('message', reject.Error);
 					this.set('mode', 'reject');
-					this.set('message', reject);
 					resolve();
 				});
+
+			}, (reject) => {
+				this.set('mode', 'reject');
+				this.set('message', reject);
+				resolve();
+			});
 		});
 	},
 

app/app/pods/customize/auth/controller.js

@@ -11,48 +11,39 @@
 
 import Ember from 'ember';
 import NotifierMixin from "../../../mixins/notifier";
-import constants from '../../../utils/constants';
+// import constants from '../../../utils/constants';
 
 export default Ember.Controller.extend(NotifierMixin, {
 	global: Ember.inject.service(),
     appMeta: Ember.inject.service(),
 	session: Ember.inject.service(),
 
-	handleProviderChange(data) {
-		this.get('session').logout();
-		this.set('appMeta.authProvider', data.authProvider);
-		this.set('appMeta.authConfig', data.authConfig);
-		window.location.href= '/';
-	},
-
 	actions: {
-		onSave(provider, config) {
-			if(this.get('session.isGlobalAdmin')) {
-				let data = { authProvider: provider, authConfig: JSON.stringify(config) };
-
-				return this.get('global').saveAuthConfig(data).then(() => {
-					this.showNotification('Saved');
-
-					if (provider !== this.get('appMeta.authProvider')) {
-						if (provider === constants.AuthProvider.Keycloak) {
-							this.get('global').syncExternalUsers().then(() => {
-								this.handleProviderChange(data);
-							});
-						} else {
-							this.handleProviderChange(data);
-						}
-					} else {
-						this.set('appMeta.authProvider', provider);
-						this.set('appMeta.authConfig', config);
-					}
-				});
-			}
+		onSave(data) {
+			return new Ember.RSVP.Promise((resolve) => {
+				if(!this.get('session.isGlobalAdmin')) {
+					resolve();
+				} else {
+					this.get('global').saveAuthConfig(data).then(() => {
+						resolve();
+					});
+				}
+			});
 		},
 
 		onSync() {
-			return this.get('global').syncExternalUsers().then((response) => {
-				this.showNotification(response.message);
-			});
+			return new Ember.RSVP.Promise((resolve) => {
+				this.get('global').syncExternalUsers().then((response) => {
+					resolve(response);
+				});
+			});			
+		},
+
+		onChange(data) {
+			this.get('session').logout();
+			this.set('appMeta.authProvider', data.authProvider);
+			this.set('appMeta.authConfig', data.authConfig);
+			window.location.href= '/';			
 		}
 	}
 });

app/app/pods/customize/auth/template.hbs

@@ -1 +1,2 @@
-{{customize/auth-settings authProvider=model.authProvider authConfig=model.authConfig onSave=(action 'onSave') onSync=(action 'onSync')}}
+{{customize/auth-settings authProvider=model.authProvider authConfig=model.authConfig 
+    onSave=(action 'onSave') onSync=(action 'onSync') onChange=(action 'onChange')}}

app/app/services/global.js

@@ -81,6 +81,8 @@ export default Ember.Service.extend({
 				method: 'GET'
 			}).then((response) => {
 				return response;
+			}).catch((error) => {
+				return error;
 			});
 		}
 	},

app/app/services/kc-auth.js

@@ -34,13 +34,13 @@ export default Ember.Service.extend({
             let keycloak = new Keycloak(JSON.parse(this.get('appMeta.authConfig')));
             this.set('keycloak', keycloak);
 
-            keycloak.onTokenExpired = function () {
-                keycloak.clearToken();
-            };
+            // keycloak.onTokenExpired = function () {
+            //     keycloak.clearToken();
+            // };
 
-            keycloak.onAuthRefreshError = function () {
-                keycloak.clearToken();
-            };
+            // keycloak.onAuthRefreshError = function () {
+            //     keycloak.clearToken();
+            // };
 
             this.get('keycloak').init().success(() => {
 				this.get('audit').record("initialized-keycloak");

app/app/styles/view/layout-left-sidebar.scss

@@ -13,6 +13,7 @@ $sidebar-width: 400px;
 #sidebar-wrapper {
 	z-index: 888;
     position: fixed;
+    overflow-x: hidden;
     left: $sidebar-width;
     width: 0;
     height: 100%;

app/app/templates/components/customize/auth-settings.hbs

@@ -1,4 +1,4 @@
-<form class="">
+<form class=>
     <div class="form-header">
         <div class="title">Authentication</div>
         <div class="tip">Determine the method for user authentication</div>
@@ -25,19 +25,24 @@
             <div class="tip">e.g. main</div>
             {{input id="keycloak-realm" type="text" value=keycloakConfig.realm class=(if keycloakRealmError 'error')}}
         </div>
+        <div class="input-control">
+            <label>Keycloak Realm Public Key</label>
+            <div class="tip">Copy the RSA Public Key from Realm Settings &rarr; Keys</div>
+            {{textarea id="keycloak-publicKey" type="text" value=keycloakConfig.publicKey rows=7 class=(if KeycloakPublicKeyError 'error')}}
+        </div>
         <div class="input-control">
             <label>Keycloak OIDC Client ID</label>
             <div class="tip">e.g. account</div>
             {{input id="keycloak-clientId" type="text" value=keycloakConfig.clientId class=(if KeycloakClientIdError 'error')}}
         </div>
         <div class="input-control">
-            <label>Keycloak Realm Public Key</label>
-            <div class="tip">Copy the RSA public key from Realm Settings &rarr; Keys</div>
-            {{textarea id="keycloak-publicKey" type="text" value=keycloakConfig.publicKey rows=7 class=(if KeycloakPublicKeyError 'error')}}
+            <label>Keycloak Group ID (Optional)</label>
+            <div class="tip">If you want to sync users in a particular Group (e.g. 'Documize Users'), provide the Group ID (e.g. 511d8b61-1ec8-45f6-bc8d-5de64d54c9d2)</div>
+            {{input id="keycloak-group" type="text" value=keycloakConfig.group}}
         </div>
         <div class="input-control">
             <label>Keycloak Username</label>
-            <div class="tip">Used to connect with Keycloak and sync users with Documize</div>
+            <div class="tip">Used to connect with Keycloak and sync users with Documize (create user under Master Realm and assign 'view-users' role against Realm specified above)</div>
             {{input id="keycloak-admin-user" type="text" value=keycloakConfig.adminUser class=(if KeycloakAdminUserError 'error')}}
         </div>
         <div class="input-control">
@@ -48,6 +53,4 @@
     {{/if}}
 
     <div class="regular-button button-blue" {{action 'onSave'}}>save</div>
-    <div class="button-gap" />
-    <div class="regular-button button-green" {{action 'onSync'}}>sync users</div>
 </form>