6 Commits

Author	SHA1	Message	Date
Matt	0c9cd89667	Implement Official Keycloak JS Adapter with Proxy-Aware Configuration ... MAJOR ENHANCEMENT: Complete Keycloak integration with proper HTTPS/proxy handling ## Core Improvements: ### 1. Enhanced Configuration (nuxt.config.ts) - Added proxy trust configuration for nginx environments - Configured baseUrl for production HTTPS enforcement - Added debug mode configuration for development ### 2. Proxy-Aware Keycloak Composable (composables/useKeycloak.ts) - Intelligent base URL detection (production vs development) - Force HTTPS redirect URIs in production environments - Enhanced debugging and logging capabilities - Proper PKCE implementation for security - Automatic token refresh mechanism ### 3. Dual Authentication System - Updated middleware to support both Directus and Keycloak - Enhanced useUnifiedAuth for seamless auth source switching - Maintains backward compatibility with existing Directus users ### 4. OAuth Flow Implementation - Created proper callback handler (pages/auth/callback.vue) - Comprehensive error handling and user feedback - Automatic redirect to dashboard on success ### 5. Enhanced Login Experience (pages/login.vue) - Restored SSO login button with proper error handling - Maintained existing Directus login form - Clear separation between auth methods with visual divider ### 6. Comprehensive Testing Suite (pages/dashboard/keycloak-test.vue) - Real-time configuration display - Authentication status monitoring - Interactive testing tools - Detailed debug logging system ## Technical Solutions: **Proxy Detection**: Automatically detects nginx proxy and uses correct HTTPS URLs **HTTPS Enforcement**: Forces secure redirect URIs in production **Error Handling**: Comprehensive error catching with user-friendly messages **Debug Capabilities**: Enhanced logging for troubleshooting **Security**: Implements PKCE and secure token handling ## Infrastructure Compatibility: - Works with nginx reverse proxy setups - Compatible with Docker container networking - Handles SSL termination at proxy level - Supports both development and production environments This implementation specifically addresses the HTTP/HTTPS redirect URI mismatch that was causing 'unauthorized_client' errors in the proxy environment.	2025-06-14 15:26:26 +02:00
Matt	fa35fcd235	CRITICAL: Temporarily disable Keycloak to restore application functionality ... - Disable Keycloak integration in authentication middleware - Update useUnifiedAuth to only use Directus authentication - Rebuild login page with only Directus auth form - Remove all Keycloak references that were causing JavaScript errors - This restores the application to working state with Directus auth only Application should now load and function normally. Keycloak can be re-enabled later once issues are resolved.	2025-06-14 15:07:41 +02:00
Matt	8c7bf4cc00	Fix SSR and defensive coding for Keycloak integration ... - Add proper SSR guards and error handling - Make authentication middleware more defensive - Add null checks in useUnifiedAuth composable - Prevent JavaScript errors from breaking page load - Prioritize Directus auth over Keycloak for stability	2025-06-14 15:01:45 +02:00
Matt	a797c13867	MAJOR: Replace nuxt-openid-connect with official Keycloak JS adapter ... - Remove problematic nuxt-openid-connect module that was causing OAuth issues - Install and implement official keycloak-js adapter for better reliability - Create new useKeycloak composable with proper token management - Update useUnifiedAuth to work with new Keycloak implementation - Fix authentication middleware to support both auth methods - Update login page to use new Keycloak login function - Clean up configuration and remove deprecated OIDC settings - This should resolve all the HTTP/HTTPS redirect and token exchange issues	2025-06-14 14:50:29 +02:00
Matt	5f8720bb63	Implement Keycloak authentication integration and unify user management	2025-06-14 14:09:56 +02:00
Ron	fbba5a6814	feat: add files	2025-02-16 14:10:19 +02:00