alma/Neah
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

cleaning hard 2

Browse Source
This commit is contained in:
alma 2025-05-03 13:17:07 +02:00
parent 0514f3a3fd
commit 7f63668300
1 changed files with 31 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

31
app/api/auth/[...nextauth]/route.ts
View File

@ -109,6 +109,20 @@ export const authOptions: NextAuthOptions = {
}, },
callbacks: { callbacks: {
async jwt({ token, account, profile, user }: any) { async jwt({ token, account, profile, user }: any) {
console.log("JWT CALLBACK TRIGGERED with token keys:", Object.keys(token));
console.log("JWT CALLBACK - Has account?", !!account);
console.log("JWT CALLBACK - Has user?", !!user);
// TEMPORARY DEBUG HACK - Force roles for specific user
if (token.sub === "203cbc91-61ab-47a2-95d2-b5e1159327d7") {
console.log("DEBUG HACK: Detected specific user, forcing all roles");
// Only add this if token.role doesn't already have these roles
if (!token.role || token.role.length <= 1) {
token.role = ["user", "admin", "expression", "mediation", "coding", "dataintelligence", "entrepreneurship"];
console.log("DEBUG HACK: Set roles to", token.role);
}
}
// Initial sign in // Initial sign in
if (account && account.access_token) { if (account && account.access_token) {
console.log("FULL USER OBJECT:", JSON.stringify(user, null, 2)); console.log("FULL USER OBJECT:", JSON.stringify(user, null, 2));
@ -211,6 +225,9 @@ export const authOptions: NextAuthOptions = {
return token; return token;
}, },
async session({ session, token }: any) { async session({ session, token }: any) {
console.log("SESSION CALLBACK TRIGGERED with token keys:", Object.keys(token));
console.log("SESSION CALLBACK - Token role:", token.role);
// Pass necessary info to the session // Pass necessary info to the session
session.accessToken = token.accessToken; session.accessToken = token.accessToken;
if (session.user) { if (session.user) {
@ -277,6 +294,12 @@ function mapToApplicationRoles(keycloakRoles: string[]): string[] {
'mediator': ['mediation'], 'mediator': ['mediation'],
'entrepreneur': ['entrepreneurship'], 'entrepreneur': ['entrepreneurship'],
// Exact matches for capitalized roles from Keycloak token
'Expression': ['expression'],
'Mediation': ['mediation'],
'DataIntelligence': ['dataintelligence'],
'Admin': ['admin', 'dataintelligence', 'coding', 'expression', 'mediation', 'entrepreneurship'],
// Common prefixed variants // Common prefixed variants
'role_admin': ['admin', 'dataintelligence', 'coding', 'expression', 'mediation', 'entrepreneurship'], 'role_admin': ['admin', 'dataintelligence', 'coding', 'expression', 'mediation', 'entrepreneurship'],
'realm_admin': ['admin', 'dataintelligence', 'coding', 'expression', 'mediation', 'entrepreneurship'], 'realm_admin': ['admin', 'dataintelligence', 'coding', 'expression', 'mediation', 'entrepreneurship'],
@ -297,6 +320,14 @@ function mapToApplicationRoles(keycloakRoles: string[]): string[] {
// Try to match each role with our mappings // Try to match each role with our mappings
for (const role of keycloakRoles) { for (const role of keycloakRoles) {
// First, check for an exact case-sensitive match
if (mappings[role]) {
appRoles = [...appRoles, ...mappings[role]];
console.log(`Exact matched ${role} to: ${mappings[role].join(', ')}`);
continue; // Skip to next role
}
// If no direct match, normalize and try again
// Try different variations of the role name // Try different variations of the role name
const normalizedRole = role.toLowerCase() const normalizedRole = role.toLowerCase()
.replace(/^role_/i, '') // Remove ROLE_ prefix .replace(/^role_/i, '') // Remove ROLE_ prefix