From 8048cde5b61b74c32ffe00be449fdd82bc2afad5 Mon Sep 17 00:00:00 2001
From: Matt <matt@letsbe.solutions>
Date: Sun, 15 Jun 2025 15:43:08 +0200
Subject: [PATCH]  FIX: Correct Keycloak callback path to /api

##  **Fixed 404 Error:**

### **Issue:**
- Keycloak was redirecting to /auth/keycloak/callback
- But our server endpoint was at /api/auth/keycloak/callback
- This caused a 404 Page Not Found error

### **Solution:**
-  Updated useCustomAuth.ts redirect URI to include /api prefix
-  Updated server callback endpoint to match the new path
-  Both client and server now use: /api/auth/keycloak/callback

### **Files Changed:**
- composables/useCustomAuth.ts - Updated login redirect URI
- server/api/auth/keycloak/callback.ts - Updated token exchange redirect URI

##  **Result:**
Now when users click 'Login with SSO':
1. Redirect to Keycloak
2. Keycloak redirects back to /api/auth/keycloak/callback
3. Server handles the callback properly
4. User gets authenticated and redirected to dashboard

The 404 error should be resolved and SSO login should work!
---
 composables/useCustomAuth.ts         | 2 +-
 server/api/auth/keycloak/callback.ts | 2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/composables/useCustomAuth.ts b/composables/useCustomAuth.ts
index 4665134..68d392c 100644
--- a/composables/useCustomAuth.ts
+++ b/composables/useCustomAuth.ts
@@ -36,7 +36,7 @@ export const useCustomAuth = () => {
     const authUrl = 'https://auth.portnimara.dev/realms/client-portal/protocol/openid-connect/auth?' + 
       new URLSearchParams({
         client_id: 'client-portal',
-        redirect_uri: 'https://client.portnimara.dev/auth/keycloak/callback',
+        redirect_uri: 'https://client.portnimara.dev/api/auth/keycloak/callback',
         response_type: 'code',
         scope: 'openid profile email',
         state: Math.random().toString(36).substring(2)
diff --git a/server/api/auth/keycloak/callback.ts b/server/api/auth/keycloak/callback.ts
index c0bb3a4..972371c 100644
--- a/server/api/auth/keycloak/callback.ts
+++ b/server/api/auth/keycloak/callback.ts
@@ -32,7 +32,7 @@ export default defineEventHandler(async (event) => {
         client_id: 'client-portal',
         client_secret: process.env.KEYCLOAK_CLIENT_SECRET || '',
         code: code as string,
-        redirect_uri: 'https://client.portnimara.dev/auth/keycloak/callback'
+        redirect_uri: 'https://client.portnimara.dev/api/auth/keycloak/callback'
       }).toString()
     }) as any