Adding Keycloak SSO example

KeycloakSSO/KeycloakSSO/Deployments/sso.cdd

@@ -0,0 +1,136 @@
+<?xml version="1.0" encoding="UTF-8" standalone="no"?>
+<cluster xmlns="http://tibco.com/businessevents/configuration/6.3">
+    <revision>
+        <version>3</version>
+        <author>yogita</author>
+        <date>2024/04/18 15:35:18</date>
+        <comment/>
+    </revision>
+    <name>sso</name>
+    <message-encoding>UTF-8</message-encoding>
+    <provider/>
+    <object-management>
+        <memory-manager/>
+        <db-concepts>
+            <db-uris/>
+            <check-interval>60</check-interval>
+            <inactivity-timeout>0</inactivity-timeout>
+            <initial-size>5</initial-size>
+            <max-size>5</max-size>
+            <min-size>5</min-size>
+            <property-check-interval>900</property-check-interval>
+            <retry-count>-1</retry-count>
+            <wait-timeout>1</wait-timeout>
+        </db-concepts>
+    </object-management>
+    <telemetry-config>
+        <service-name>default</service-name>
+        <sampler>always_on</sampler>
+        <traceidratio>1.0</traceidratio>
+        <propagators>tracecontext</propagators>
+        <no-trace-uris/>
+        <trace-uris>
+            <uri>/</uri>
+        </trace-uris>
+        <span-exporter>
+            <type>none</type>
+        </span-exporter>
+    </telemetry-config>
+    <rulesets>
+        <rules id="all-rules">
+            <uri>/</uri>
+        </rules>
+    </rulesets>
+    <function-groups>
+        <functions id="all-functions">
+            <uri>/</uri>
+        </functions>
+    </function-groups>
+    <destination-groups/>
+    <process-groups/>
+    <log-configs>
+        <log-config id="logConfig">
+            <enabled>true</enabled>
+            <roles>*:info</roles>
+            <files>
+                <enabled>true</enabled>
+                <dir>logs</dir>
+                <name/>
+                <max-number>10</max-number>
+                <max-size>5000000</max-size>
+                <append>true</append>
+            </files>
+            <terminal>
+                <enabled/>
+                <sys-out-redirect>false</sys-out-redirect>
+                <sys-err-redirect>false</sys-err-redirect>
+                <encoding/>
+            </terminal>
+            <line-layout>
+                <enabled>false</enabled>
+                <class/>
+                <arg/>
+            </line-layout>
+        </log-config>
+    </log-configs>
+    <agent-classes>
+        <inference-agent-class id="inference-class">
+            <rules>
+                <uri>/Rules/Token</uri>
+            </rules>
+            <destinations/>
+            <startup/>
+            <shutdown/>
+            <local-cache>
+                <eviction>
+                    <max-size>1024</max-size>
+                    <max-time>900</max-time>
+                </eviction>
+            </local-cache>
+            <shared-queue>
+                <size>1024</size>
+                <workers>10</workers>
+            </shared-queue>
+            <load>
+                <max-active/>
+            </load>
+            <concurrent-rtc>false</concurrent-rtc>
+            <check-for-duplicates>false</check-for-duplicates>
+            <businessworks>
+                <uri/>
+            </businessworks>
+            <property-group/>
+        </inference-agent-class>
+    </agent-classes>
+    <processing-units>
+        <processing-unit id="default">
+            <agents>
+                <agent>
+                    <ref>inference-class</ref>
+                    <key/>
+                    <priority/>
+                </agent>
+            </agents>
+            <logs>logConfig</logs>
+            <hot-deploy>false</hot-deploy>
+            <cache-storage-enabled>false</cache-storage-enabled>
+            <db-concepts>false</db-concepts>
+            <property-group/>
+        </processing-unit>
+    </processing-units>
+    <load-balancer-configs>
+        <pair-configs/>
+        <adhoc-configs/>
+    </load-balancer-configs>
+    <property-group>
+        <property-group comment="" name="cluster-level properties">
+            <property-group comment="" name="auth">
+                <property name="be.mm.auth.type" value="file"/>
+                <property name="be.mm.auth.file.location" value="/home/yogita/testing/be/6.3/mm/config/users.pwd"/>
+                <property name="java.security.auth.login.config" value="/home/yogita/testing/be/6.3/mm/config/jaas-config.config"/>
+                <property name="be.auth.type" value="file"/>
+                <property name="be.auth.file.location" value="/home/yogita/testing/be/6.3/mm/config/users.pwd"/>
+            </property-group>
+        </property-group>
+    </property-group>
+</cluster>

KeycloakSSO/KeycloakSSO/Events/Timer.time

@@ -0,0 +1,2 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<event:TimeEvent xmi:version="2.0" xmlns:xmi="http://www.omg.org/XMI" xmlns:event="http:///com/tibco/cep/designtime/core/model/event" folder="/Events/" name="Timer" description="" GUID="961ADDB6-FE3F-53EA-1E93-412644AF6361" ownerProjectName="KeyclockSSO" type="TimeEvent" superEventPath="" scheduleType="repeat" timeEventCount="1" interval="30" intervalUnit="Seconds"/>

KeycloakSSO/KeycloakSSO/Rules/Token.rule

@@ -0,0 +1,24 @@
+/**
+ * @description 
+ * @author yogita-ThinkPad-T14-Gen-2i
+ */
+rule Rules.Token {
+	attribute {
+		priority = 5;
+		forwardChain = true;
+	}
+	declare {
+		Events.Timer request;
+	}
+	when {
+
+	}
+	then {
+		String output = Authentication.ssoAuthenticate("https://www.keycloak.org/app/#url=http://localhost:8080&realm=myrealm&client=myclient","myuser","YWRtaW4=");
+		if(output == null)
+			System.debugOut("Authentication Failed");
+		else
+			System.debugOut("Authentication succeeded");
+		    System.debugOut("Keycloak Token:"+output);	
+	}
+}

KeycloakSSO/KeycloakSSO/pom.xml

@@ -0,0 +1,43 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<project xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 https://maven.apache.org/xsd/maven-4.0.0.xsd" xmlns="http://maven.apache.org/POM/4.0.0"
+    xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
+  <modelVersion>4.0.0</modelVersion>
+  <parent>
+    <groupId>com.tibco.cep</groupId>
+    <artifactId>runtime</artifactId>
+    <version>6.3.1</version>
+  </parent>
+  <groupId>com.tibco.be</groupId>
+  <artifactId>KeyclockSSO</artifactId>
+  <packaging>ear</packaging>
+  <description></description>
+  <developers>
+    <developer>
+      <name>yogita</name>
+    </developer>
+  </developers>
+  <properties>
+    <beHome>/home/yogita/testing/be/6.3</beHome>
+    <jdkHome></jdkHome>
+    <projectVersion>6.3.1</projectVersion>
+  </properties>
+  <build>
+    <plugins>
+      <plugin>
+        <groupId>com.tibco.be.maven.plugin</groupId>
+        <artifactId>be-maven-plugin</artifactId>
+        <version>${project.parent.version}</version>
+        <extensions>true</extensions>
+        <configuration>
+          <beProjectDetails>
+            <useLegacyId>false</useLegacyId>
+            <projectVersion>${projectVersion}</projectVersion>
+            <earLocation>/home/yogita/631work/KeyclockSSO/Deployments/KeyclockSSO.ear</earLocation>
+            <includeSource>false</includeSource>
+            <includeServiceLevelGVs>true</includeServiceLevelGVs>
+          </beProjectDetails>
+        </configuration>
+      </plugin>
+    </plugins>
+  </build>
+</project>

KeycloakSSO/Readme.html

@@ -0,0 +1,89 @@
+<!DOCTYPE html
+    PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
+
+<html xmlns="http://www.w3.org/1999/xhtml">
+
+<head>
+    <title> Keycloak SSO
+
+        - TIBCO BusinessEvents&reg; Examples
+    </title>
+    <meta http-equiv="Content-type" content="text/html; charset=iso-8859-1" />
+    <meta http-equiv="Content-Language" content="en-us" />
+    <link rel="Shortcut Icon" href="../../_resources/icon.gif" type="image/gif" />
+    <style type="text/css" media="all">
+        @import "../../_resources/examples.css";
+    </style>
+</head>
+
+<body onLoad="buildForms()">
+
+
+    <h2>Purpose of This Example</h2>
+
+    <p>The KeycloakSSO example demonstrates how TIBCO BusinessEvents&reg; uses the ssoAuthenticate function to retrieve
+        Keycloak token. </p>
+
+    <h2>About the project</h2>
+
+    <p>The project has a single agent class - inference</p>
+
+    <p>The inference agent has Token rule which triggers when a Timer event is generated.The rule retrives the token using
+        ssoAuthenticate function and logs the Authentication</p>
+
+    <h3>Running the project</h3>
+
+    <ol>
+
+        <li>
+            <p>Make sure to run Keycloak with Docker following the URL
+                https://www.keycloak.org/getting-started/getting-started-docker.</p>
+        </li>
+
+        <li>
+            <p> Add the below configuration to BE_HOME\mm\config\jaas-config.config file.</p>
+            <code> SSOAuthenticator {
+                com.tibco.cep.security.authen.sso.SSOLoginModule required debug=true;
+            };</code>
+        </li>
+
+        <li>
+            <p>Update the BE_HOME\mm\config\users.pwd with the user and password(MD5 Hash) created in step 1 as an MM_Administrator.For Example- myuser:21232f297a57a5a743894a0e4a801fc3:MM_ADMINISTRATOR; Now add the
+                property name="be.auth.file.location" and value="BE_HOME\mm\config\users.pwd" in "auth" property-group in the cdd.</p>
+        </li>
+
+        <li>
+            <p>Open a command window. Start a inference agent instance.</p>
+            <pre class="commands">
+
+BE_HOME/bin/be-engine --propFile BE_HOME\bin\be-engine.tra -u default -c Deployments/sso.cdd Deployments/KeyclockSSO.ear
+</pre>
+        </li>
+
+    </ol>
+
+    <h3>Output</h3>
+
+    <p>Once the engine is up and running the agent starts retrieving tokens periodically.</p>
+
+    <h4>Sample output</h4>
+    <pre class="commands">
+...
+2024 Apr 18 16:37:00:759 GMT +05 yogita-ThinkPad-T14-Gen-2i INFO [inference-class.HiResTimer] - [user] [inference-class] Authentication succeeded
+2024 Apr 18 16:37:00:759 GMT +05 yogita-ThinkPad-T14-Gen-2i INFO [inference-class.HiResTimer] - [user] [inference-class] Keycloak Token:PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0iVVRGLTgiPz4KPFNTT1Rva2VuIElEPSI2ODg2
+ZjFmMS0yZmMzLTRmMzUtODMxOC00YzJlY2Y4NjkwYjYiPjxTdWJqZWN0Pm15dXNlcjwvU3ViamVj
+dD48SXNzdWVyPmh0dHBzOi8vd3d3LmtleWNsb2FrLm9yZy9hcHAvI3VybD1odHRwOi8vbG9jYWxo
+b3N0OjgwODAmYW1wO3JlYWxtPb3N0OjgwODAmYW1wO3JlYWxtPW15cmVhbG0mYW1wO2NsaWVudD1teWNsaWVudDwvSXNzdWVyPjxJ
+W15cmVhbG0mYW1wO2NsaWVudD1teWNsaWVudDwvSXNzdWVyPjxJ
+c3N1ZUluc3RhbnQ+VGh1IEFwciAxOCAxNjozNzowMCBJU1QgMjAyNDwvSXNzdWVJbnN0YW50Pjwv
+U1NPVG9rZW4+
+...
+</pre>
+
+    <div class="footer">
+        <p>TIBCO BusinessEvents&reg; 6.3<br />
+            Copyright&copy; 2004-2024. Cloud Software Group, Inc. All rights reserved.</p>
+    </div>
+</body>
+
+</html>