45 lines
1.4 KiB
Markdown
45 lines
1.4 KiB
Markdown
# TFP Frontend PoC
|
|
|
|
## Installation
|
|
|
|
**Requirements**:
|
|
* [Node.js](https://nodejs.org/en) v20+
|
|
* [pnpm](https://pnpm.io/) v9+
|
|
|
|
Install the application dependencies by running:
|
|
|
|
```sh
|
|
pnpm i
|
|
```
|
|
|
|
## Development
|
|
|
|
Start the application in development mode by running:
|
|
|
|
```sh
|
|
pnpm dev
|
|
```
|
|
|
|
## Authentication
|
|
|
|
`src/authProvider.ts` -> get the token in authProvider.login method
|
|
|
|
The user/pass can be anything. The token will come from `http://localhost:8080/atsp-idp/token` and it will forwarded
|
|
to the UI that can handle from this point.
|
|
|
|
## DataProvider
|
|
|
|
`src/admin-core/data-provider-extension.ts` -> Here is the user's list entry point but it can be rewrote to anything.
|
|
This is not working from this because authentication and CORS error.
|
|
|
|
I think, the authentication access_token is not enought.* I do not know what is the purpose of the three token
|
|
* `id_token`
|
|
* `access_token`
|
|
* & the `refresh_token`
|
|
|
|
It seems, the backend always wanted to redirect to somewhere when authentication or authorization happens. This purpose is not normal for a REST API.
|
|
A **REST API** back-end have to communicate through JSON only. Any redirection have to be handled by the front-end. In my opinion the Keycloak/oauth communication
|
|
should be "masked" by the backend.
|
|
|
|
The cleanest solution is that; on the REST api should have an entry point for authentication that can be used by front-end. After that, the authorization happens w/ the token only.
|