From 860675bef72a19ea0d1b77460e9e88aeaa0bba86 Mon Sep 17 00:00:00 2001
From: Timo <timo@devplant.ro>
Date: Thu, 8 Apr 2021 14:25:16 +0300
Subject: [PATCH] added IDP hint

---
 apps/red-ui/src/app/modules/app-config/app-config.service.ts | 1 +
 apps/red-ui/src/app/modules/auth/auth.guard.ts               | 3 +++
 apps/red-ui/src/app/modules/auth/auth.module.ts              | 4 ++--
 docker/red-ui/docker-entrypoint.sh                           | 2 ++
 4 files changed, 8 insertions(+), 2 deletions(-)

diff --git a/apps/red-ui/src/app/modules/app-config/app-config.service.ts b/apps/red-ui/src/app/modules/app-config/app-config.service.ts
index c02ae7b04..6291a9352 100644
--- a/apps/red-ui/src/app/modules/app-config/app-config.service.ts
+++ b/apps/red-ui/src/app/modules/app-config/app-config.service.ts
@@ -8,6 +8,7 @@ import { version } from '../../../../../../package.json';
 export enum AppConfigKey {
     OAUTH_URL = 'OAUTH_URL',
     OAUTH_CLIENT_ID = 'OAUTH_CLIENT_ID',
+    OAUTH_IDP_HINT = 'OAUTH_IDP_HINT',
     API_URL = 'API_URL',
     ADMIN_CONTACT_NAME = 'ADMIN_CONTACT_NAME',
     ADMIN_CONTACT_URL = 'ADMIN_CONTACT_URL',
diff --git a/apps/red-ui/src/app/modules/auth/auth.guard.ts b/apps/red-ui/src/app/modules/auth/auth.guard.ts
index d6b75d7fb..a0825890a 100644
--- a/apps/red-ui/src/app/modules/auth/auth.guard.ts
+++ b/apps/red-ui/src/app/modules/auth/auth.guard.ts
@@ -3,6 +3,7 @@ import { ActivatedRouteSnapshot, Router, RouterStateSnapshot } from '@angular/ro
 import { KeycloakAuthGuard, KeycloakService } from 'keycloak-angular';
 import { UserService } from '../../services/user.service';
 import { AppLoadStateService } from '../../services/app-load-state.service';
+import { AppConfigKey, AppConfigService } from '../app-config/app-config.service';
 
 @Injectable({
     providedIn: 'root'
@@ -11,6 +12,7 @@ export class AuthGuard extends KeycloakAuthGuard {
     constructor(
         protected readonly _router: Router,
         protected readonly _keycloak: KeycloakService,
+        private readonly _appConfigService: AppConfigService,
         private readonly _appLoadStateService: AppLoadStateService,
         private readonly _userService: UserService
     ) {
@@ -20,6 +22,7 @@ export class AuthGuard extends KeycloakAuthGuard {
     public async isAccessAllowed(route: ActivatedRouteSnapshot, state: RouterStateSnapshot) {
         if (!this.authenticated) {
             await this._keycloak.login({
+                idpHint: this._appConfigService.getConfig(AppConfigKey.OAUTH_IDP_HINT, null),
                 redirectUri: window.location.origin + state.url
             });
         }
diff --git a/apps/red-ui/src/app/modules/auth/auth.module.ts b/apps/red-ui/src/app/modules/auth/auth.module.ts
index 6eee501af..1d5136a4a 100644
--- a/apps/red-ui/src/app/modules/auth/auth.module.ts
+++ b/apps/red-ui/src/app/modules/auth/auth.module.ts
@@ -3,7 +3,7 @@ import { CommonModule } from '@angular/common';
 import { HttpClientModule } from '@angular/common/http';
 import { AppConfigModule } from '../app-config/app-config.module';
 
-import { KeycloakAngularModule, KeycloakService } from 'keycloak-angular';
+import { KeycloakAngularModule, KeycloakService, KeycloakOptions } from 'keycloak-angular';
 import { AppConfigKey, AppConfigService } from '../app-config/app-config.service';
 
 export function keycloakInitializer(keycloak: KeycloakService, appConfigService: AppConfigService) {
@@ -16,7 +16,7 @@ export function keycloakInitializer(keycloak: KeycloakService, appConfigService:
                 url = url.replace(/\/$/, ''); // remove trailing slash
                 const realm = url.substring(url.lastIndexOf('/') + 1, url.length);
                 url = url.substr(0, url.lastIndexOf('/realms'));
-                const options: any = {
+                const options: KeycloakOptions = {
                     config: {
                         url: url,
                         realm: realm,
diff --git a/docker/red-ui/docker-entrypoint.sh b/docker/red-ui/docker-entrypoint.sh
index 45af6a0c5..468e1f5bf 100755
--- a/docker/red-ui/docker-entrypoint.sh
+++ b/docker/red-ui/docker-entrypoint.sh
@@ -4,6 +4,7 @@ OAUTH_CLIENT_ID="${OAUTH_CLIENT_ID:-gin-client}"
 OAUTH_URL="${OAUTH_URL:-https://keycloak-dev.iqser.cloud/auth/realms/dev}"
 APP_NAME="${APP_NAME:-DDA-R}"
 API_URL="${API_URL:-}"
+OAUTH_IDP_HINT="${OAUTH_IDP_HINT:-}"
 ADMIN_CONTACT_NAME="${ADMIN_CONTACT_NAME:-}"
 ADMIN_CONTACT_URL="${ADMIN_CONTACT_URL:-}"
 AUTO_READ_TIME="${AUTO_READ_TIME:-1.5}"
@@ -21,6 +22,7 @@ LICENSE_EMAIL="${LICENSE_EMAIL:-license@iqser.com}"
 echo '{
           "OAUTH_CLIENT_ID":"'"$OAUTH_CLIENT_ID"'",
           "OAUTH_URL":"'"$OAUTH_URL"'",
+          "OAUTH_URL":"'"$OAUTH_IDP_HINT"'",
           "BACKEND_APP_VERSION":"'"$BACKEND_APP_VERSION"'",
           "ADMIN_CONTACT_NAME":"'"$ADMIN_CONTACT_NAME"'",
           "ADMIN_CONTACT_URL":"'"$ADMIN_CONTACT_URL"'",