second commit

user-service/.env

@@ -1,8 +1,14 @@
 #
 PORT=3002
 #
-KEYCLOAK_URL=http://localhost:8080
+# Base URL del server
+KEYCLOAK_BASE_URL=http://localhost:8080
+
+# URL Auth derivata (concatenazione)
+KEYCLOAK_URL_AUTH=${KEYCLOAK_BASE_URL}/auth
+
+# altre configurazioni
 KEYCLOAK_REALM=appweb
-KEYCLOAK_CLIENT_ID=gw-negozi
-KEYCLOAK_CLIENT_SECRET=Nf0WIneXN9bOleTpgrbj54ypI8AnIbd5
+KEYCLOAK_CLIENT_ID=user-service
+KEYCLOAK_CLIENT_SECRET=tCDsN56Y3Ii4h0SfqrT4o6SoV8fw2fe8
 #

user-service/src/app/user/keycloak.service.ts

@@ -0,0 +1,44 @@
+import KeycloakAdminClient from '@keycloak/keycloak-admin-client';
+import { Injectable, OnModuleInit, Logger } from '@nestjs/common';
+import { ConfigService } from '@nestjs/config';
+import { KeycloakConfigKeys } from '@appweb/shared';
+
+@Injectable()
+export class KeycloakService implements OnModuleInit {
+  private kcAdminClient: KeycloakAdminClient;
+  private readonly logger = new Logger(KeycloakService.name);
+
+  constructor(private readonly configService: ConfigService) {}
+
+  async onModuleInit() {
+    // Inizializzazione del client con i valori presi dal file .env
+    this.kcAdminClient = new KeycloakAdminClient({
+      baseUrl: this.configService.get<string>(KeycloakConfigKeys.BASE_URL),
+      realmName: this.configService.get<string>(KeycloakConfigKeys.REALM),
+    });
+
+    try {
+      // Autenticazione tramite Service Account
+      await this.kcAdminClient.auth({
+        grantType: 'client_credentials',
+        clientId: this.configService.get<string>(KeycloakConfigKeys.CLIENT_ID),
+        clientSecret: this.configService.get<string>(KeycloakConfigKeys.CLIENT_SECRET),
+      });
+      this.logger.log(
+        'Connessione a Keycloak Admin API stabilita con successo.',
+      );
+    } catch (error) {
+      this.logger.error("Errore durante l'autenticazione su Keycloak:", error);
+    }
+  }
+
+  // Esempio: Ottieni tutti i gruppi
+  async getGroups() {
+    return await this.kcAdminClient.groups.find();
+  }
+
+  // Esempio: Ottieni tutti gli utenti
+  async getUsers() {
+    return await this.kcAdminClient.users.find();
+  }
+}

user-service/src/app/user/user.controller.ts

@@ -0,0 +1,18 @@
+import { Controller, Get, Post, Body } from '@nestjs/common';
+import { AuthenticatedUser, Roles } from 'nest-keycloak-connect';
+
+@Controller('user')
+export class UserController {
+  @Post()
+  @Roles({ roles: ['shop'] }) // Solo chi ha il ruolo admin può creare
+  async createData(@Body() data: any, @AuthenticatedUser() user: any) {
+    // 'user' contiene i dati del JWT (sub, preferred_username, email)
+    const userId = user.sub;
+    const userName = user.preferred_username;
+
+    console.log(`L'utente ${userName} sta creando un record`);
+
+    // Qui chiamerai il tuo service passando userId per il database
+    return { message: 'Dati salvati', creatoDa: userId };
+  }
+}