fusionauth tenant creation script

msi-se · Jan 17, 2024 · 87f4801 · 87f4801
1 parent f556262
commit 87f4801
Show file tree

Hide file tree

Showing 6 changed files with 162 additions and 29 deletions.
diff --git a/docker-compose.yml b/docker-compose.yml
@@ -19,9 +19,8 @@ services:
     depends_on:
       - mongo
     environment:
-      - clientId=e9fdb985-9173-4e01-9d73-ac2d60d1dc8e
       - default_clientSecret=super-secret-secret-that-should-be-regenerated-for-production
-      - adac_clientSecret=vF7fFFL7OXDbJADWc9_vz0xLcqdlBFrvNuN4V9vfdXs
+      - adac_clientSecret=77871c4bf3e249b3ad9cdcd880ff37c1
       - fusionAuthURL=http://localhost:9011
       - internalFusionAuthURL=http://host.docker.internal:9011
     extra_hosts:
@@ -42,7 +41,7 @@ services:
       - "5174:3000"
     environment:
       - VITE_TENANT=adac
-      - VITE_TENANT_CLIENT_ID=74b35a42-b914-4b7e-abb5-c5184a3ca334
+      - VITE_TENANT_CLIENT_ID=b2cd30ad-bcb9-472b-91d6-effae14db013
       - VITE_BACKEND_URL=http://localhost/api
   pin-service:
     build: ./services/pin-service

diff --git a/fusionauth/fa-tenant-creation.js b/fusionauth/fa-tenant-creation.js
@@ -0,0 +1,62 @@
+const uuid = require('uuid');
+const { FusionAuthClient } = require('@fusionauth/node-client');
+
+const appUrl = 'http://localhost';
+const client = new FusionAuthClient('33052c8a-c283-4e96-9d2a-eb1215c69f8f-not-for-prod', 'http://localhost:9011');
+
+async function create(tenantName) {
+    try {
+        let tenantId = uuid.v4();
+        await client.createTenant(tenantId, {
+            "tenant": {
+                "name": tenantName,
+            }
+        });
+        client.tenantId = tenantId;
+
+        let applicationId = uuid.v4();
+        let clientSecret = uuid.v4().replace(/-/g, '');
+        await client.createApplication(applicationId, {
+            "application": {
+                "name": `${tenantName}-app`,
+                "tenantId": tenantId,
+                "oauthConfiguration": {
+                    "authorizedRedirectURLs": [
+                        appUrl + "/auth/oauth-redirect"
+                    ],
+                    "logoutURL": appUrl + "/auth/oauth2/logout?tenant=" + tenantName,
+                    "clientSecret": clientSecret,
+                    "enabledGrants": [
+                        "authorization_code",
+                        "refresh_token"
+                    ],
+                    "generateRefreshTokens": true,
+                    "requireRegistration": true
+                },
+                "jwtConfiguration": {
+                    "enabled": true
+                },
+                "registrationConfiguration": {
+                    "enabled": true,
+                    "type": "basic",
+                    "confirmPassword": true,
+                    "loginIdType": "username"
+                },
+            }
+        });
+        return {tenantId, applicationId, clientSecret};
+    } catch (e) {
+        console.log(e);
+    }
+}
+
+async function main() {
+    const tenantName = "adac";
+    const {tenantId, applicationId, clientSecret} = await create(tenantName);
+    console.log(`Created tenant ${tenantName}`);
+    console.log(`- Tenant ID: ${tenantId}`);
+    console.log(`- Application ID: ${applicationId}`);
+    console.log(`- Client Secret: ${clientSecret}`);
+}
+
+main();
diff --git a/fusionauth/kickstart/kickstart.json b/fusionauth/kickstart/kickstart.json
@@ -19,25 +19,13 @@
     }
   ],
   "requests": [
-    {
-      "method": "POST",
-      "url": "/api/key/generate/#{asymmetricKeyId}",
-      "tenantId": "#{defaultTenantId}",
-      "body": {
-        "key": {
-          "algorithm": "RS256",
-          "name": "For RTW",
-          "length": 2048
-        }
-      }
-    },
     {
       "method": "POST",
       "url": "/api/application/#{applicationId}",
       "tenantId": "#{defaultTenantId}",
       "body": {
         "application": {
-          "name": "RTW - Default",
+          "name": "default-app",
           "oauthConfiguration": {
             "authorizedRedirectURLs": [
               "http://localhost/auth/oauth-redirect"
@@ -52,9 +40,7 @@
             "requireRegistration": true
           },
           "jwtConfiguration": {
-            "enabled": true,
-            "accessTokenKeyId": "#{asymmetricKeyId}",
-            "idTokenKeyId": "#{asymmetricKeyId}"
+            "enabled": true
           },
           "registrationConfiguration": {
             "enabled": true,

diff --git a/fusionauth/package-lock.json b/fusionauth/package-lock.json
diff --git a/fusionauth/package.json b/fusionauth/package.json
@@ -0,0 +1,15 @@
+{
+  "name": "fusionauth",
+  "version": "1.0.0",
+  "description": "",
+  "main": "fa-tenant-creation.js",
+  "scripts": {
+    "start": "node fa-tenant-creation.js"
+  },
+  "author": "",
+  "license": "ISC",
+  "dependencies": {
+    "@fusionauth/node-client": "^1.48.0",
+    "uuid": "^9.0.1"
+  }
+}
diff --git a/services/auth-service/index.js b/services/auth-service/index.js
@@ -13,14 +13,6 @@ dotenv.config();
 const app = express();
 const port = 8080; // default port to listen
 
-// if (!process.env.clientId) {
-//   console.error('Missing clientId from .env');
-//   process.exit();
-// }
-// if (!process.env.clientSecret) {
-//   console.error('Missing clientSecret from .env');
-//   process.exit();
-// }
 if (!process.env.fusionAuthURL) {
   console.error('Missing fusionAuthURL from .env');
   process.exit();
@@ -29,8 +21,6 @@ if (!process.env.internalFusionAuthURL) {
   console.error('Missing internalFusionAuthURL from .env');
   process.exit();
 }
-// const clientId = process.env.clientId;
-// const clientSecret = process.env.clientSecret;
 const fusionAuthURL = process.env.fusionAuthURL;
 const internalFusionAuthURL = process.env.internalFusionAuthURL;