#1 : Test de modi.

2026-04-21 14:25:29 +02:00
parent 097f7b8a20
commit fd574b0b1f
2 changed files with 44 additions and 1 deletions
--- a/Webzine.WebApplication/Program.cs
+++ b/Webzine.WebApplication/Program.cs
@@ -99,6 +99,48 @@ static void AddKeycloakRolesFromAccessToken(ClaimsIdentity identity, string? acc
    AddKeycloakRolesFromJson(identity, payload, clientId);
 }

+static async Task LogKeycloakMetadataAsync(IConfiguration configuration, Logger logger)
+{
+    var metadataAddress = configuration["Keycloak:MetadataAddress"];
+    if (string.IsNullOrWhiteSpace(metadataAddress))
+    {
+        var authority = configuration["Keycloak:Authority"]?.TrimEnd('/');
+        metadataAddress = string.IsNullOrWhiteSpace(authority)
+            ? null
+            : authority + "/.well-known/openid-configuration";
+    }
+
+    if (string.IsNullOrWhiteSpace(metadataAddress))
+    {
+        logger.Warn("Diagnostic Keycloak ignore : aucune adresse de metadata configuree.");
+        return;
+    }
+
+    try
+    {
+        using var handler = new HttpClientHandler
+        {
+            ServerCertificateCustomValidationCallback =
+                HttpClientHandler.DangerousAcceptAnyServerCertificateValidator,
+        };
+        using var httpClient = new HttpClient(handler);
+        using var response = await httpClient.GetAsync(metadataAddress);
+        var content = await response.Content.ReadAsStringAsync();
+        var preview = content.Length > 500 ? content[..500] : content;
+
+        logger.Info(
+            "Diagnostic Keycloak metadata | Url: {MetadataAddress} | Status: {StatusCode} | ContentType: {ContentType} | Body: {BodyPreview}",
+            metadataAddress,
+            (int)response.StatusCode,
+            response.Content.Headers.ContentType?.ToString(),
+            preview.Replace(Environment.NewLine, " "));
+    }
+    catch (Exception exception)
+    {
+        logger.Error(exception, "Diagnostic Keycloak metadata impossible | Url: {MetadataAddress} | Message: {Message}", metadataAddress, exception.Message);
+    }
+}
+
 try
 {
    var builder = WebApplication.CreateBuilder(args);
@@ -324,6 +366,7 @@ try
    builder.Services.AddResponseCompression();

    var app = builder.Build();
+    await LogKeycloakMetadataAsync(builder.Configuration, logger);

    // Très important avant tout middleware qui lit le scheme/host de la requête.
    app.UseForwardedHeaders();
--- a/Webzine.WebApplication/appsettings.Production.json
+++ b/Webzine.WebApplication/appsettings.Production.json
@@ -7,7 +7,7 @@
  },
  "Keycloak": {
    "Authority": "https://10.4.0.131/keycloak/realms/webzine-realm",
-    "MetadataAddress": "http://10.4.0.131/keycloak/realms/webzine-realm/.well-known/openid-configuration",
+    "MetadataAddress": "https://10.4.0.131/keycloak/realms/webzine-realm/.well-known/openid-configuration",
    "PublicOrigin": "http://192.168.10.80:8080"
  }
 }