| import NextAuth from 'next-auth' |
| import KeycloakProvider from 'next-auth/providers/keycloak'; |
| import { decryptSops } from 'sops-wrapper'; |
| import os from 'os' |
| const encryptedKeycloakSecrets = 'config/keycloak-auth.json'; |
| |
| const secrets = (decryptSops(encryptedKeycloakSecrets)) as { |
| clientid: string; |
| clientsecret: string; |
| }; |
| |
| if (["a1d1", "a1d2"].includes(os.hostname())) { |
| const encryptedNextAuthSecrets = 'config/nextauth.json'; |
| for (const [key, value] of Object.entries(decryptSops(encryptedNextAuthSecrets) as {NEXTAUTH_URL: string; NEXTAUTH_SECRET: string;})) { |
| process.env[key] = value; |
| } |
| } else { |
| process.env["NEXTAUTH_URL"] = "http://samueldesktop:3000"; //however you wanna work this one out |
| process.env["NEXTAUTH_SECRET"] = "non-real-secret"; |
| } |
| |
| export default NextAuth({ |
| providers: [ |
| KeycloakProvider({ |
| clientId: secrets.clientid, |
| clientSecret: secrets.clientsecret, |
| issuer: "https://login.clicks.codes/realms/master", |
| }) |
| ] |
| }) |