diff --git a/src/utils/ConfigSchema.json b/src/utils/ConfigSchema.json index bce7ddfe..a0994ae2 100644 --- a/src/utils/ConfigSchema.json +++ b/src/utils/ConfigSchema.json @@ -481,6 +481,11 @@ "type": "string", "description": "The Client ID of the client you created for use with Dashy" }, + "idpHint": { + "title" : "IdP hint", + "type": "string", + "description": "Set to the 'Alias' of an existing Identity Provider in the specified realm to skip the Keycloak login page and redirect straight to the external IdP for authentication" + }, "legacySupport": { "title": "Legacy Support", "type": "boolean", diff --git a/src/utils/KeycloakAuth.js b/src/utils/KeycloakAuth.js index 3903c780..05b6f7a6 100644 --- a/src/utils/KeycloakAuth.js +++ b/src/utils/KeycloakAuth.js @@ -13,25 +13,25 @@ class KeycloakAuth { constructor() { const { auth } = getAppConfig(); const { - serverUrl, realm, clientId, legacySupport, + serverUrl, realm, clientId, idpHint, legacySupport, } = auth.keycloak; const url = legacySupport ? `${serverUrl}/auth` : serverUrl; - const initOptions = { - url, realm, clientId, onLoad: 'login-required', - }; + const initOptions = { url, realm, clientId }; + const loginOptions = idpHint ? { idpHint } : {}; + this.loginOptions = loginOptions; this.keycloakClient = Keycloak(initOptions); } login() { return new Promise((resolve, reject) => { - this.keycloakClient.init({ onLoad: 'login-required' }) + this.keycloakClient.init({ onLoad: 'check-sso' }) .then((auth) => { if (auth) { this.storeKeycloakInfo(); return resolve(); } else { - return reject(new Error('Not authenticated')); + return this.keycloakClient.login(this.loginOptions); } }) .catch((reason) => reject(reason));