2024-10-31 20:18:37 +01:00
<!DOCTYPE html> < html lang = "fr" >
< head > < meta charset = "utf-8" >
< meta http-equiv = "X-UA-Compatible" content = "IE=edge" >
< meta name = "viewport" content = "width=device-width, initial-scale=1, user-scalable=no" > < title > Nextcloud authentification Keycloak - YannStatic< / title >
< meta name = "description" content = "Keycloak est un logiciel à code source ouvert permettant d’ instaurer une méthode d’ authentification unique à travers la gestion par identité et par accès." >
< link rel = "canonical" href = "https://static.rnmkcy.eu/2022/05/20/Nextcloud_authentification_Keycloak.html" > < link rel = "alternate" type = "application/rss+xml" title = "YannStatic" href = "/feed.xml" >
<!-- - include head/favicon.html - -->
< link rel = "shortcut icon" type = "image/png" href = "/assets/favicon/favicon.png" > < link rel = "stylesheet" href = "/assets/css/main.css" > < link rel = "stylesheet" href = "https://use.fontawesome.com/releases/v5.0.13/css/all.css" > <!-- start custom head snippets --> < link rel = "stylesheet" href = "/assets/css/expand.css" >
<!-- end custom head snippets --> < script > ( f u n c t i o n ( ) {
window.isArray = function(val) {
return Object.prototype.toString.call(val) === '[object Array]';
};
window.isString = function(val) {
return typeof val === 'string';
};
window.hasEvent = function(event) {
return 'on'.concat(event) in window.document;
};
window.isOverallScroller = function(node) {
return node === document.documentElement || node === document.body || node === window;
};
window.isFormElement = function(node) {
var tagName = node.tagName;
return tagName === 'INPUT' || tagName === 'SELECT' || tagName === 'TEXTAREA';
};
window.pageLoad = (function () {
var loaded = false, cbs = [];
window.addEventListener('load', function () {
var i;
loaded = true;
if (cbs.length > 0) {
for (i = 0; i < cbs.length ; i + + ) {
cbs[i]();
}
}
});
return {
then: function(cb) {
cb & & (loaded ? cb() : (cbs.push(cb)));
}
};
})();
})();
(function() {
window.throttle = function(func, wait) {
var args, result, thisArg, timeoutId, lastCalled = 0;
function trailingCall() {
lastCalled = new Date;
timeoutId = null;
result = func.apply(thisArg, args);
}
return function() {
var now = new Date,
remaining = wait - (now - lastCalled);
args = arguments;
thisArg = this;
if (remaining < = 0) {
clearTimeout(timeoutId);
timeoutId = null;
lastCalled = now;
result = func.apply(thisArg, args);
} else if (!timeoutId) {
timeoutId = setTimeout(trailingCall, remaining);
}
return result;
};
};
})();
(function() {
var Set = (function() {
var add = function(item) {
var i, data = this._data;
for (i = 0; i < data.length ; i + + ) {
if (data[i] === item) {
return;
}
}
this.size ++;
data.push(item);
return data;
};
var Set = function(data) {
this.size = 0;
this._data = [];
var i;
if (data.length > 0) {
for (i = 0; i < data.length ; i + + ) {
add.call(this, data[i]);
}
}
};
Set.prototype.add = add;
Set.prototype.get = function(index) { return this._data[index]; };
Set.prototype.has = function(item) {
var i, data = this._data;
for (i = 0; i < data.length ; i + + ) {
if (this.get(i) === item) {
return true;
}
}
return false;
};
Set.prototype.is = function(map) {
if (map._data.length !== this._data.length) { return false; }
var i, j, flag, tData = this._data, mData = map._data;
for (i = 0; i < tData.length ; i + + ) {
for (flag = false, j = 0; j < mData.length ; j + + ) {
if (tData[i] === mData[j]) {
flag = true;
break;
}
}
if (!flag) { return false; }
}
return true;
};
Set.prototype.values = function() {
return this._data;
};
return Set;
})();
window.Lazyload = (function(doc) {
var queue = {js: [], css: []}, sources = {js: {}, css: {}}, context = this;
var createNode = function(name, attrs) {
var node = doc.createElement(name), attr;
for (attr in attrs) {
if (attrs.hasOwnProperty(attr)) {
node.setAttribute(attr, attrs[attr]);
}
}
return node;
};
var end = function(type, url) {
var s, q, qi, cbs, i, j, cur, val, flag;
if (type === 'js' || type ==='css') {
s = sources[type], q = queue[type];
s[url] = true;
for (i = 0; i < q.length ; i + + ) {
cur = q[i];
if (cur.urls.has(url)) {
qi = cur, val = qi.urls.values();
qi & & (cbs = qi.callbacks);
for (flag = true, j = 0; j < val.length ; j + + ) {
cur = val[j];
if (!s[cur]) {
flag = false;
}
}
if (flag & & cbs & & cbs.length > 0) {
for (j = 0; j < cbs.length ; j + + ) {
cbs[j].call(context);
}
qi.load = true;
}
}
}
}
};
var load = function(type, urls, callback) {
var s, q, qi, node, i, cur,
_urls = typeof urls === 'string' ? new Set([urls]) : new Set(urls), val, url;
if (type === 'js' || type ==='css') {
s = sources[type], q = queue[type];
for (i = 0; i < q.length ; i + + ) {
cur = q[i];
if (_urls.is(cur.urls)) {
qi = cur;
break;
}
}
val = _urls.values();
if (qi) {
callback & & (qi.load || qi.callbacks.push(callback));
callback & & (qi.load & & callback());
} else {
q.push({
urls: _urls,
callbacks: callback ? [callback] : [],
load: false
});
for (i = 0; i < val.length ; i + + ) {
node = null, url = val[i];
if (s[url] === undefined) {
(type === 'js' ) & & (node = createNode('script', { src: url }));
(type === 'css') & & (node = createNode('link', { rel: 'stylesheet', href: url }));
if (node) {
node.onload = (function(type, url) {
return function() {
end(type, url);
};
})(type, url);
(doc.head || doc.body).appendChild(node);
s[url] = false;
}
}
}
}
}
};
return {
js: function(url, callback) {
load('js', url, callback);
},
css: function(url, callback) {
load('css', url, callback);
}
};
})(this.document);
})();
< / script > < script >
(function() {
var TEXT_VARIABLES = {
version: '2.2.6',
sources: {
font_awesome: 'https://use.fontawesome.com/releases/v5.0.13/css/all.css',
jquery: '/assets/js/jquery.min.js',
leancloud_js_sdk: '//cdn.jsdelivr.net/npm/leancloud-storage@3.13.2/dist/av-min.js',
chart: 'https://cdn.bootcss.com/Chart.js/2.7.2/Chart.bundle.min.js',
gitalk: {
js: 'https://cdn.bootcss.com/gitalk/1.2.2/gitalk.min.js',
css: 'https://cdn.bootcss.com/gitalk/1.2.2/gitalk.min.css'
},
valine: 'https://unpkg.com/valine/dist/Valine.min.js'
},
site: {
toc: {
selectors: 'h1,h2,h3'
}
},
paths: {
search_js: '/assets/search.js'
}
};
window.TEXT_VARIABLES = TEXT_VARIABLES;
})();
< / script >
< / head >
< body >
< div class = "root" data-is-touch = "false" >
< div class = "layout--page js-page-root" > <!-- --> < div class = "page__main js-page-main page__viewport hide-footer has-aside has-aside cell cell--auto" >
< div class = "page__main-inner" > < div class = "page__header d-print-none" > < header class = "header" > < div class = "main" >
< div class = "header__title" >
< div class = "header__brand" > < svg id = "svg" version = "1.1" xmlns = "http://www.w3.org/2000/svg" xmlns:xlink = "http://www.w3.org/1999/xlink" width = "400" height = "478.9473684210526" viewBox = "0, 0, 400,478.9473684210526" > < g id = "svgg" > < path id = "path0" d = "M308.400 56 . 805 C 306 . 970 56 . 966 , 303 . 280 57 . 385 , 300 . 200 57 . 738 C 290 . 906 58 . 803 , 278 . 299 59 . 676 , 269 . 200 59 . 887 L 260 . 600 60 . 085 259 . 400 61 . 171 C 258 . 010 62 . 428 , 256 . 198 63 . 600 , 255 . 645 63 . 600 C 255 . 070 63 . 600 , 252 . 887 65 . 897 , 252 . 598 66 . 806 C 252 . 460 67 . 243 , 252 . 206 67 . 600 , 252 . 034 67 . 600 C 251 . 397 67 . 600 , 247 . 206 71 . 509 , 247 . 202 72 . 107 C 247 . 201 72 . 275 , 246 . 390 73 . 190 , 245 . 400 74 . 138 C 243 . 961 75 . 517 , 243 . 598 76 . 137 , 243 . 592 77 . 231 C 243 . 579 79 . 293 , 241 . 785 83 . 966 , 240 . 470 85 . 364 C 239 . 176 86 . 740 , 238 . 522 88 . 365 , 237 . 991 91 . 521 C 237 . 631 93 . 665 , 236 . 114 97 . 200 , 235 . 554 97 . 200 C 234 . 938 97 . 200 , 232 . 737 102 . 354 , 232 . 450 104 . 472 C 232 . 158 106 . 625 , 230 . 879 109 . 226 , 229 . 535 110 . 400 C 228 . 933 110 . 926 , 228 . 171 113 . 162 , 226 . 434 119 . 500 C 226 . 178 120 . 435 , 225 . 795 121 . 200 , 225 . 584 121 . 200 C 225 . 373 121 . 200 , 225 . 200 121 . 476 , 225 . 200 121 . 813 C 225 . 200 122 . 149 , 224 . 885 122 . 541 , 224 . 500 122 . 683 C 223 . 606 123 . 013 , 223 . 214 123 . 593 , 223 . 204 124 . 600 C 223 . 183 126 . 555 , 220 . 763 132 . 911 , 219 . 410 134 . 562 C 218 . 443 135 . 742 , 217 . 876 136 . 956 , 217 . 599 138 . 440 C 217 . 041 141 . 424 , 215 . 177 146 . 434 , 214 . 532 146 . 681 C 214 . 240 146 . 794 , 214 . 000 147 . 055 , 214 . 000 147 . 261 C 214 . 000 147 . 467 , 213 . 550 148 . 086 , 213 . 000 148 . 636 C 212 . 450 149 . 186 , 212 . 000 149 . 893 , 212 . 000 150 . 208 C 212 . 000 151 . 386 , 208 . 441 154 . 450 , 207 . 597 153 . 998 C 206 . 319 153 . 315 , 204 . 913 150 . 379 , 204 . 633 147 . 811 C 204 . 365 145 . 357 , 202 . 848 142 . 147 , 201 . 759 141 . 729 C 200 . 967 141 . 425 , 199 . 200 137 . 451 , 199 . 200 135 . 974 C 199 . 200 134 . 629 , 198 . 435 133 . 224 , 196 . 660 131 . 311 C 195 . 363 129 . 913 , 194 . 572 128 . 123 , 193 . 870 125 . 000 C 193 . 623 123 . 900 , 193 . 236 122 . 793 , 193 . 010 122 . 540 C 190 . 863 120 . 133 , 190 . 147 118 . 880 , 188 . 978 115 . 481 C 188 . 100 112 . 928 , 187 . 151 111 . 003 , 186 . 254 109 . 955 C 185 . 358 108 . 908 , 184 . 518 107 . 204 , 183 . 847 105 . 073 C 183 . 280 103 . 273 , 182 . 497 101 . 329 , 182 . 108 100 . 753 C 181 . 719 100 . 177 , 180 . 904 98 . 997 , 180 . 298 98 . 131 C 179 . 693 97 . 265 , 178 . 939 95 . 576 , 178 . 624 94 . 378 C 178 . 041 92 . 159 , 177 . 125 90 . 326 , 175 . 023 87 . 168 C 174 . 375 86 . 196 , 173 . 619 84 . 539 , 173 . 342 83 . 486 C 172 . 800 81 . 429 , 171 . 529 79 . 567 , 170 . 131 78 . 785 C 169 . 654 78 . 517 , 168 . 697 77 . 511 , 168 . 006 76 . 549 C 167 . 316 75 . 587 , 166 . 594 74 . 800 , 166 . 402 74 . 800 C 166 . 210 74 . 800 , 164 . 869 73 . 633 , 163 . 421 72 . 206 C 160 . 103 68 . 936 , 161 . 107 69 . 109 , 146 . 550 69 . 301 C 133 . 437 69 . 474 , 128 . 581 70 . 162 , 126 . 618 72 . 124 C 126 . 248 72 . 495 , 125 . 462 72 . 904 , 124 . 872 73 . 033 C 124 . 282 73 . 163 , 123 . 088 73 . 536 , 122 . 219 73 . 863 C 121 . 349 74 . 191 , 119 . 028 74 . 638 , 117 . 061 74 . 858 C 113 . 514 75 . 254 , 109 . 970 76 . 350 , 108 . 782 77 . 419 C 107 . 652 78 . 436 , 100 . 146 80 . 400 , 97 . 388 80 . 400 C 95 . 775 80 . 400 , 93 . 167 81 . 360 , 91 . 200 82 . 679 C 90 . 430 83 . 195 , 89 . 113 83 . 804 , 88 . 274 84 . 031 C 85 . 875 84 . 681 , 78 . 799 90 . 910 , 74 . 400 96 . 243 L 73 . 400 97 . 456 73 . 455 106 . 028 C 73 . 526 117 . 055 , 74 . 527 121 . 238 , 77 . 820 124 . 263 C 78 . 919 125 . 273 , 80 . 400 127 . 902 , 80 . 400 128 . 842 C 80 . 400 129 . 202 , 81 . 075 130 . 256 , 81 . 900 131 . 186 C 83 . 563 133 . 059 , 85 . 497 136 . 346 , 86 . 039 138 . 216 C 86 . 233 138 . 886 , 87 . 203 140 . 207 , 88 . 196 141 . 153 C 89 . 188 142 . 098 , 90 . 000 143 . 104 , 90 . 000 143 . 388 C 90 . 000 144 . 337 , 92 . 129 148 . 594 , 92 . 869 149 . 123 C 93 . 271 149 . 410 , 93 . 600 149 . 831 , 93 . 600 150 . 059 C 93 . 600 150 . 286 , 93 . 932 150 . 771 , 94 . 337 151 . 136 C 94 . 743 151 . 501 , 95 . 598 153 . 004 , 96 . 237 154 . 475 C 96 . 877 155 . 947 , 97 . 760 157 . 351 , 98 . 200 157 . 596 C 98 . 640 157 . 841 , 99 . 900 159 . 943 , 101 . 000 162 . 267 C 102 . 207 164 . 817 , 103 . 327 166 . 644 , 103 . 825 166 . 876 C 104 . 278 167 . 087 , 105 . 065 168 . 101 , 105 . 573 169 . 130 C 107 . 658 173 . 348 , 108 . 097 174 . 093 , 110 . 006 176 . 647 C 111 . 103 178 . 114 , 112 . 000 179 . 725 , 112 . 000 180 . 227 C 112 . 000 181 . 048 , 113 . 425 183 . 163 , 114 . 678 184 . 200 C 115 . 295 184 . 711 , 117 . 396 188 . 733 , 117 . 720 190 . 022 C 117 . 855 190 . 562 , 118 . 603 191 . 633 , 119 . 381 192 . 402 C 120 . 160 193 . 171 , 121 . 496 195 . 258 , 122 . 351 197 . 039 C 123 . 206 198 . 820 , 124 . 167 200 . 378 , 124 . 487 200 . 501 C 124 . 807 200 . 624 , 125 . 953 202 . 496 , 127 . 034 204 . 662 C 128 . 114 206 . 828 , 129 . 676 209 . 299 , 130 . 505 210 . 153 C 131 . 333 211 . 007 , 132 . 124 212 . 177 , 132 . 262 212 . 753 C 132 . 618 214 . 239 , 134 . 291 217 . 048 , 136 . 288 219 . 5
" href="/">YannStatic< / a > < / div > <!-- <button class="button button - - secondary button - - circle search - button js - search - toggle"><i class="fas fa - search"></i></button> --> <!-- <li><button class="button button - - secondary button - - circle search - button js - search - toggle"><i class="fas fa - search"></i></button></li> -->
<!-- Champ de recherche -->
< div id = "searchbox" class = "search search--dark" style = "visibility: visible" >
< div class = "main" >
< div class = "search__header" > < / div >
< div class = "search-bar" >
< div class = "search-box js-search-box" >
< div class = "search-box__icon-search" > < i class = "fas fa-search" > < / i > < / div >
< input id = "search-input" type = "text" / >
<!-- <div class="search - box__icon - clear js - icon - clear">
< a > < i class = "fas fa-times" > < / i > < / a >
< / div > -->
< / div >
< / div >
< / div >
< / div >
<!-- Script pointing to search - script.js -->
< script > / * !
* Simple-Jekyll-Search
* Copyright 2015-2020, Christian Fei
* Licensed under the MIT License.
*/
(function(){
'use strict'
var _$Templater_7 = {
compile: compile,
setOptions: setOptions
}
const options = {}
options.pattern = /\{(.*?)\}/g
options.template = ''
options.middleware = function () {}
function setOptions (_options) {
options.pattern = _options.pattern || options.pattern
options.template = _options.template || options.template
if (typeof _options.middleware === 'function') {
options.middleware = _options.middleware
}
}
function compile (data) {
return options.template.replace(options.pattern, function (match, prop) {
const value = options.middleware(prop, data[prop], options.template)
if (typeof value !== 'undefined') {
return value
}
return data[prop] || match
})
}
'use strict';
function fuzzysearch (needle, haystack) {
var tlen = haystack.length;
var qlen = needle.length;
if (qlen > tlen) {
return false;
}
if (qlen === tlen) {
return needle === haystack;
}
outer: for (var i = 0, j = 0; i < qlen ; i + + ) {
var nch = needle.charCodeAt(i);
while (j < tlen ) {
if (haystack.charCodeAt(j++) === nch) {
continue outer;
}
}
return false;
}
return true;
}
var _$fuzzysearch_1 = fuzzysearch;
'use strict'
/* removed: const _$fuzzysearch_1 = require('fuzzysearch') */;
var _$FuzzySearchStrategy_5 = new FuzzySearchStrategy()
function FuzzySearchStrategy () {
this.matches = function (string, crit) {
return _$fuzzysearch_1(crit.toLowerCase(), string.toLowerCase())
}
}
'use strict'
var _$LiteralSearchStrategy_6 = new LiteralSearchStrategy()
function LiteralSearchStrategy () {
this.matches = function (str, crit) {
if (!str) return false
str = str.trim().toLowerCase()
crit = crit.trim().toLowerCase()
return crit.split(' ').filter(function (word) {
return str.indexOf(word) >= 0
}).length === crit.split(' ').length
}
}
'use strict'
var _$Repository_4 = {
put: put,
clear: clear,
search: search,
setOptions: __setOptions_4
}
/* removed: const _$FuzzySearchStrategy_5 = require('./SearchStrategies/FuzzySearchStrategy') */;
/* removed: const _$LiteralSearchStrategy_6 = require('./SearchStrategies/LiteralSearchStrategy') */;
function NoSort () {
return 0
}
const data = []
let opt = {}
opt.fuzzy = false
opt.limit = 10
opt.searchStrategy = opt.fuzzy ? _$FuzzySearchStrategy_5 : _$LiteralSearchStrategy_6
opt.sort = NoSort
opt.exclude = []
function put (data) {
if (isObject(data)) {
return addObject(data)
}
if (isArray(data)) {
return addArray(data)
}
return undefined
}
function clear () {
data.length = 0
return data
}
function isObject (obj) {
return Boolean(obj) & & Object.prototype.toString.call(obj) === '[object Object]'
}
function isArray (obj) {
return Boolean(obj) & & Object.prototype.toString.call(obj) === '[object Array]'
}
function addObject (_data) {
data.push(_data)
return data
}
function addArray (_data) {
const added = []
clear()
for (let i = 0, len = _data.length; i < len ; i + + ) {
if (isObject(_data[i])) {
added.push(addObject(_data[i]))
}
}
return added
}
function search (crit) {
if (!crit) {
return []
}
return findMatches(data, crit, opt.searchStrategy, opt).sort(opt.sort)
}
function __setOptions_4 (_opt) {
opt = _opt || {}
opt.fuzzy = _opt.fuzzy || false
opt.limit = _opt.limit || 10
opt.searchStrategy = _opt.fuzzy ? _$FuzzySearchStrategy_5 : _$LiteralSearchStrategy_6
opt.sort = _opt.sort || NoSort
opt.exclude = _opt.exclude || []
}
function findMatches (data, crit, strategy, opt) {
const matches = []
for (let i = 0; i < data.length & & matches . length < opt . limit ; i + + ) {
const match = findMatchesInObject(data[i], crit, strategy, opt)
if (match) {
matches.push(match)
}
}
return matches
}
function findMatchesInObject (obj, crit, strategy, opt) {
for (const key in obj) {
if (!isExcluded(obj[key], opt.exclude) & & strategy.matches(obj[key], crit)) {
return obj
}
}
}
function isExcluded (term, excludedTerms) {
for (let i = 0, len = excludedTerms.length; i < len ; i + + ) {
const excludedTerm = excludedTerms[i]
if (new RegExp(excludedTerm).test(term)) {
return true
}
}
return false
}
/* globals ActiveXObject:false */
'use strict'
var _$JSONLoader_2 = {
load: load
}
function load (location, callback) {
const xhr = getXHR()
xhr.open('GET', location, true)
xhr.onreadystatechange = createStateChangeListener(xhr, callback)
xhr.send()
}
function createStateChangeListener (xhr, callback) {
return function () {
if (xhr.readyState === 4 & & xhr.status === 200) {
try {
callback(null, JSON.parse(xhr.responseText))
} catch (err) {
callback(err, null)
}
}
}
}
function getXHR () {
return window.XMLHttpRequest ? new window.XMLHttpRequest() : new ActiveXObject('Microsoft.XMLHTTP')
}
'use strict'
var _$OptionsValidator_3 = function OptionsValidator (params) {
if (!validateParams(params)) {
throw new Error('-- OptionsValidator: required options missing')
}
if (!(this instanceof OptionsValidator)) {
return new OptionsValidator(params)
}
const requiredOptions = params.required
this.getRequiredOptions = function () {
return requiredOptions
}
this.validate = function (parameters) {
const errors = []
requiredOptions.forEach(function (requiredOptionName) {
if (typeof parameters[requiredOptionName] === 'undefined') {
errors.push(requiredOptionName)
}
})
return errors
}
function validateParams (params) {
if (!params) {
return false
}
return typeof params.required !== 'undefined' & & params.required instanceof Array
}
}
'use strict'
var _$utils_9 = {
merge: merge,
isJSON: isJSON
}
function merge (defaultParams, mergeParams) {
const mergedOptions = {}
for (const option in defaultParams) {
mergedOptions[option] = defaultParams[option]
if (typeof mergeParams[option] !== 'undefined') {
mergedOptions[option] = mergeParams[option]
}
}
return mergedOptions
}
function isJSON (json) {
try {
if (json instanceof Object & & JSON.parse(JSON.stringify(json))) {
return true
}
return false
} catch (err) {
return false
}
}
var _$src_8 = {};
(function (window) {
'use strict'
let options = {
searchInput: null,
resultsContainer: null,
json: [],
success: Function.prototype,
searchResultTemplate: '< li > < a href = "{url}" title = "{desc}" > {title}< / a > < / li > ',
templateMiddleware: Function.prototype,
sortMiddleware: function () {
return 0
},
noResultsText: 'No results found',
limit: 10,
fuzzy: false,
debounceTime: null,
exclude: []
}
let debounceTimerHandle
const debounce = function (func, delayMillis) {
if (delayMillis) {
clearTimeout(debounceTimerHandle)
debounceTimerHandle = setTimeout(func, delayMillis)
} else {
func.call()
}
}
const requiredOptions = ['searchInput', 'resultsContainer', 'json']
/* removed: const _$Templater_7 = require('./Templater') */;
/* removed: const _$Repository_4 = require('./Repository') */;
/* removed: const _$JSONLoader_2 = require('./JSONLoader') */;
const optionsValidator = _$OptionsValidator_3({
required: requiredOptions
})
/* removed: const _$utils_9 = require('./utils') */;
window.SimpleJekyllSearch = function (_options) {
const errors = optionsValidator.validate(_options)
if (errors.length > 0) {
throwError('You must specify the following required options: ' + requiredOptions)
}
options = _$utils_9.merge(options, _options)
_$Templater_7.setOptions({
template: options.searchResultTemplate,
middleware: options.templateMiddleware
})
_$Repository_4.setOptions({
fuzzy: options.fuzzy,
limit: options.limit,
sort: options.sortMiddleware,
exclude: options.exclude
})
if (_$utils_9.isJSON(options.json)) {
initWithJSON(options.json)
} else {
initWithURL(options.json)
}
const rv = {
search: search
}
typeof options.success === 'function' & & options.success.call(rv)
return rv
}
function initWithJSON (json) {
_$Repository_4.put(json)
registerInput()
}
function initWithURL (url) {
_$JSONLoader_2.load(url, function (err, json) {
if (err) {
throwError('failed to get JSON (' + url + ')')
}
initWithJSON(json)
})
}
function emptyResultsContainer () {
options.resultsContainer.innerHTML = ''
}
function appendToResultsContainer (text) {
options.resultsContainer.innerHTML += text
}
function registerInput () {
options.searchInput.addEventListener('input', function (e) {
if (isWhitelistedKey(e.which)) {
emptyResultsContainer()
debounce(function () { search(e.target.value) }, options.debounceTime)
}
})
}
function search (query) {
if (isValidQuery(query)) {
emptyResultsContainer()
render(_$Repository_4.search(query), query)
}
}
function render (results, query) {
const len = results.length
if (len === 0) {
return appendToResultsContainer(options.noResultsText)
}
for (let i = 0; i < len ; i + + ) {
results[i].query = query
appendToResultsContainer(_$Templater_7.compile(results[i]))
}
}
function isValidQuery (query) {
return query & & query.length > 0
}
function isWhitelistedKey (key) {
return [13, 16, 20, 37, 38, 39, 40, 91].indexOf(key) === -1
}
function throwError (message) {
throw new Error('SimpleJekyllSearch --- ' + message)
}
})(window)
}());
< / script >
<!-- Configuration -->
< script >
SimpleJekyllSearch({
searchInput: document.getElementById('search-input'),
resultsContainer: document.getElementById('results-container'),
json: '/search.json',
//searchResultTemplate: '< li > < a href = "https://static.rnmkcy.eu{url}" > {date} {title}< / a > < / li > '
searchResultTemplate: '< li > < a href = "{url}" > {date} {title}< / a > < / li > '
})
< / script >
<!-- Fin déclaration champ de recherche --> < / div > < nav class = "navigation" >
< ul > < li class = "navigation__item" > < a href = "/archive.html" > Etiquettes< / a > < / li > < li class = "navigation__item" > < a href = "/htmldoc.html" > Documents< / a > < / li > < li class = "navigation__item" > < a href = "/liens_ttrss.html" > Liens< / a > < / li > < li class = "navigation__item" > < a href = "/aide-jekyll-text-theme.html" > Aide< / a > < / li > < / ul >
< / nav > < / div >
< / header >
< / div > < div class = "page__content" > < div class = "main" > < div class = "grid grid--reverse" >
< div class = "col-main cell cell--auto" > <!-- start custom main top snippet --> < div id = "results-container" class = "search-result js-search-result" > < / div > <!-- end custom main top snippet -->
< article itemscope itemtype = "http://schema.org/Article" > < div class = "article__header" > < header > < h1 style = "color:Tomato;" > Nextcloud authentification Keycloak< / h1 > < / header > < / div > < meta itemprop = "headline" content = "Nextcloud authentification Keycloak" > < div class = "article__info clearfix" > < ul class = "left-col menu" > < li >
2024-11-08 14:10:33 +01:00
< a class = "button button--secondary button--pill button--sm" style = "color:#00FFFF" href = "/archive.html?tag=nextcloud" > nextcloud< / a >
2024-10-31 20:18:37 +01:00
< / li > < li >
2024-11-08 14:10:33 +01:00
< a class = "button button--secondary button--pill button--sm" style = "color:#00FFFF" href = "/archive.html?tag=authentification" > authentification< / a >
2024-10-31 20:18:37 +01:00
< / li > < / ul > < ul class = "right-col menu" > < li >
< i class = "far fa-calendar-alt" > < / i > < span title = "Création" style = "color:#FF00FF" > 20 mai 2022< / span >
< span title = "Modification" style = "color:#00FF7F" > 21 mai 2022< / span > < / li > < / ul > < / div > < meta itemprop = "datePublished" content = "2022-05-21T00:00:00+02:00" >
< meta itemprop = "keywords" content = "nextcloud,authentification" > < div class = "js-article-content" >
< div class = "layout--article" > <!-- start custom article top snippet -->
< style >
#myBtn {
display: none;
position: fixed;
bottom: 10px;
right: 10px;
z-index: 99;
font-size: 12px;
font-weight: bold;
border: none;
outline: none;
background-color: white;
color: black;
cursor: pointer;
padding: 5px;
border-radius: 4px;
}
#myBtn:hover {
background-color: #555;
}
< / style >
< button onclick = "topFunction()" id = "myBtn" title = "Haut de page" > ⇧ < / button >
< script >
//Get the button
var mybutton = document.getElementById("myBtn");
// When the user scrolls down 20px from the top of the document, show the button
window.onscroll = function() {scrollFunction()};
function scrollFunction() {
if (document.body.scrollTop > 20 || document.documentElement.scrollTop > 20) {
mybutton.style.display = "block";
} else {
mybutton.style.display = "none";
}
}
// When the user clicks on the button, scroll to the top of the document
function topFunction() {
document.body.scrollTop = 0;
document.documentElement.scrollTop = 0;
}
< / script >
<!-- end custom article top snippet -->
< div class = "article__content" itemprop = "articleBody" > < details >
< summary > < b > Afficher/cacher Sommaire< / b > < / summary >
<!-- affichage sommaire -->
< div class = "toc-aside js-toc-root" > < / div >
< / details > < p > < img src = "/images/keycloak_logo_200px.svg" alt = "" / > < br / >
< em > < a href = "https://www.keycloak.org/" > Keycloak< / a > est un logiciel à code source ouvert permettant d’ instaurer une méthode d’ authentification unique à travers la gestion par identité et par accès.< / em > < / p >
< p > Keycloack est un projet OpenSource sponsorisé par RedHat. Il joue le rôle d’ IAM (Identification And Access Management) pour permettre la mise en place de portail SSO par exemple.< br / >
Keycloak est compatible avec les principaux standards d’ authentification (dont OpenID-Connect, ce qui signifie qu’ il est relativement simple d’ intégration et d’ installation). Il est également possible de l’ intégrer à un domaine LDAP (interne ou externe).< / p >
< h2 id = "keycloak" > Keycloak< / h2 >
< p > < em > Installation sur un serveur Debian 10 ou 11< / em > < / p >
< h3 id = "prérequis" > Prérequis< / h3 >
< p > Ces conditions préalables existent pour l’ installation du serveur Keycloak :< / p >
< ul >
< li > Peut fonctionner sur tout système d’ exploitation qui exécute Java< / li >
< li > Java 8 JRE ou Java 11 JRE< / li >
< li > zip ou gzip et tar< / li >
< li > Au moins 512M de RAM< / li >
< li > Au moins 1G d’ espace disque< / li >
< li > Une base de données externe partagée comme PostgreSQL, MySQL, Oracle, etc. Keycloak nécessite une base de données externe partagée pour un fonctionnement en cluster.< / li >
< li > Support de la multidiffusion réseau sur votre machine pour un fonctionnement en cluster.< / li >
< li > Sous Linux, il est recommandé d’ utiliser < code class = "language-plaintext highlighter-rouge" > /dev/urandom< / code > comme source de données aléatoires pour éviter que Keycloak ne se bloque par manque d’ entropie disponible, à moins que l’ utilisation de < code class = "language-plaintext highlighter-rouge" > /dev/random< / code > ne soit imposée par votre politique de sécurité. Pour cela, sous Oracle JDK 8 et OpenJDK 8, définissez la propriété système < code class = "language-plaintext highlighter-rouge" > java.security.egd< / code > au démarrage sur < code class = "language-plaintext highlighter-rouge" > file:/dev/urandom< / code > .< / li >
< / ul >
< p > Préalable, un run time java< / p >
< div class = "language-plaintext highlighter-rouge" > < div class = "highlight" > < pre class = "highlight" > < code > sudo apt install openjdk-17-jre # ou default-jre
java --version
< / code > < / pre > < / div > < / div >
< div class = "language-plaintext highlighter-rouge" > < div class = "highlight" > < pre class = "highlight" > < code > openjdk 17.0.3 2022-04-19
OpenJDK Runtime Environment (build 17.0.3+7-Debian-1deb11u1)
OpenJDK 64-Bit Server VM (build 17.0.3+7-Debian-1deb11u1, mixed mode, sharing)
< / code > < / pre > < / div > < / div >
< h3 id = "installer" > Installer< / h3 >
< p > Commençons par le téléchargement de la distribution Keycloak.< / p >
< div class = "language-bash highlighter-rouge" > < div class = "highlight" > < pre class = "highlight" > < code > < span class = "nb" > export < / span > < span class = "nv" > KC_VERSION< / span > < span class = "o" > =< / span > 11.0.0
curl https://downloads.jboss.org/keycloak/< span class = "k" > ${< / span > < span class = "nv" > KC_VERSION< / span > < span class = "k" > }< / span > /keycloak-< span class = "k" > ${< / span > < span class = "nv" > KC_VERSION< / span > < span class = "k" > }< / span > .zip < span class = "nt" > --output< / span > keycloak-< span class = "k" > ${< / span > < span class = "nv" > KC_VERSION< / span > < span class = "k" > }< / span > .zip
< / code > < / pre > < / div > < / div >
< p > Nous continuons avec la décompression de l’ archive.< / p >
< div class = "language-plaintext highlighter-rouge" > < div class = "highlight" > < pre class = "highlight" > < code > unzip keycloak-${KC_VERSION}.zip
< / code > < / pre > < / div > < / div >
< p > Passer en mode sudo< / p >
< div class = "language-plaintext highlighter-rouge" > < div class = "highlight" > < pre class = "highlight" > < code > sudo -s
< / code > < / pre > < / div > < / div >
< p > Ensuite, déplacez le répertoire extrait vers le répertoire /opt avec la commande suivante :< / p >
< div class = "language-plaintext highlighter-rouge" > < div class = "highlight" > < pre class = "highlight" > < code > mv keycloak-${KC_VERSION} /opt/keycloak
< / code > < / pre > < / div > < / div >
< p > Ensuite, créez un utilisateur et un groupe dédiés à Keycloak avec la commande suivante :< / p >
< div class = "language-plaintext highlighter-rouge" > < div class = "highlight" > < pre class = "highlight" > < code > groupadd keycloak
useradd -r -g keycloak -d /opt/keycloak -s /sbin/nologin keycloak
< / code > < / pre > < / div > < / div >
< p > Ensuite, attribuez la propriété du répertoire /opt/keycloak à keycloak :< / p >
< div class = "language-plaintext highlighter-rouge" > < div class = "highlight" > < pre class = "highlight" > < code > chown -R keycloak : /opt/keycloak
chmod o+x /opt/keycloak/bin/*.sh
< / code > < / pre > < / div > < / div >
< h3 id = "configurer" > Configurer< / h3 >
< p > Ensuite, vous devrez créer un répertoire de configuration de Keycloak et copier le fichier de configuration type. Vous pouvez le créer dans le répertoire /etc :< / p >
< div class = "language-plaintext highlighter-rouge" > < div class = "highlight" > < pre class = "highlight" > < code > mkdir /etc/keycloak
< / code > < / pre > < / div > < / div >
< p > Copier les fichiers de configuration d’ exemple du répertoire < code class = "language-plaintext highlighter-rouge" > /opt/keycloak< / code > < / p >
< div class = "language-plaintext highlighter-rouge" > < div class = "highlight" > < pre class = "highlight" > < code > cp /opt/keycloak/docs/contrib/scripts/systemd/wildfly.conf /etc/keycloak/keycloak.conf
cp /opt/keycloak/docs/contrib/scripts/systemd/launch.sh /opt/keycloak/bin/
< / code > < / pre > < / div > < / div >
< p > Ensuite, définir la propriété appropriée< / p >
< div class = "language-plaintext highlighter-rouge" > < div class = "highlight" > < pre class = "highlight" > < code > chown keycloak: /opt/keycloak/bin/launch.sh
< / code > < / pre > < / div > < / div >
< p > Ensuite, éditer le fichier launch.sh et définir votre chemin Keycloak< / p >
< div class = "language-plaintext highlighter-rouge" > < div class = "highlight" > < pre class = "highlight" > < code > nano /opt/keycloak/bin/launch.sh
< / code > < / pre > < / div > < / div >
< div class = "language-bash highlighter-rouge" > < div class = "highlight" > < pre class = "highlight" > < code > < span class = "c" > #!/bin/bash< / span >
< span class = "k" > if< / span > < span class = "o" > [< / span > < span class = "s2" > "x< / span > < span class = "nv" > $WILDFLY_HOME< / span > < span class = "s2" > "< / span > < span class = "o" > =< / span > < span class = "s2" > "x"< / span > < span class = "o" > ]< / span > < span class = "p" > ;< / span > < span class = "k" > then
< / span > < span class = "nv" > WILDFLY_HOME< / span > < span class = "o" > =< / span > < span class = "s2" > "/opt/keycloak"< / span >
< span class = "k" > fi
if< / span > < span class = "o" > [[< / span > < span class = "s2" > "< / span > < span class = "nv" > $1< / span > < span class = "s2" > "< / span > < span class = "o" > ==< / span > < span class = "s2" > "domain"< / span > < span class = "o" > ]]< / span > < span class = "p" > ;< / span > < span class = "k" > then< / span >
< span class = "nv" > $WILDFLY_HOME< / span > /bin/domain.sh < span class = "nt" > -c< / span > < span class = "nv" > $2< / span > < span class = "nt" > -b< / span > < span class = "nv" > $3< / span >
< span class = "k" > else< / span >
< span class = "nv" > $WILDFLY_HOME< / span > /bin/standalone.sh < span class = "nt" > -c< / span > < span class = "nv" > $2< / span > < span class = "nt" > -b< / span > < span class = "nv" > $3< / span >
< span class = "k" > fi< / span >
< / code > < / pre > < / div > < / div >
< h3 id = "service-systemd" > Service Systemd< / h3 >
< p > Créer un fichier de service systemd pour gérer le service Keycloak.< / p >
< div class = "language-plaintext highlighter-rouge" > < div class = "highlight" > < pre class = "highlight" > < code > nano /etc/systemd/system/keycloak.service
< / code > < / pre > < / div > < / div >
< div class = "language-plaintext highlighter-rouge" > < div class = "highlight" > < pre class = "highlight" > < code > [Unit]
Description=The Keycloak Server
After=syslog.target network.target
Before=httpd.service
[Service]
Environment=LAUNCH_JBOSS_IN_BACKGROUND=1
EnvironmentFile=/etc/keycloak/keycloak.conf
User=keycloak
Group=keycloak
LimitNOFILE=102642
PIDFile=/var/run/keycloak/keycloak.pid
ExecStart=/opt/keycloak/bin/launch.sh $WILDFLY_MODE $WILDFLY_CONFIG $WILDFLY_BIND
StandardOutput=null
[Install]
WantedBy=multi-user.target
< / code > < / pre > < / div > < / div >
< p > Recharger le démon systemd pour appliquer les changements< / p >
< div class = "language-plaintext highlighter-rouge" > < div class = "highlight" > < pre class = "highlight" > < code > systemctl daemon-reload
< / code > < / pre > < / div > < / div >
< p > Ensuite, démarrez le service Keycloak et activez-le pour qu’ il démarre au redémarrage du système< / p >
< div class = "language-plaintext highlighter-rouge" > < div class = "highlight" > < pre class = "highlight" > < code > systemctl start keycloak
systemctl enable keycloak
< / code > < / pre > < / div > < / div >
< p > Vous pouvez vérifier l’ état du service Keycloak< / p >
< div class = "language-plaintext highlighter-rouge" > < div class = "highlight" > < pre class = "highlight" > < code > systemctl status keycloak
< / code > < / pre > < / div > < / div >
< div class = "language-plaintext highlighter-rouge" > < div class = "highlight" > < pre class = "highlight" > < code > ● keycloak.service - The Keycloak Server
Loaded: loaded (/etc/systemd/system/keycloak.service; enabled; vendor preset: enabled)
Active: active (running) since Fri 2022-05-20 09:38:25 UTC; 38s ago
Main PID: 3465 (launch.sh)
Tasks: 106 (limit: 2340)
Memory: 398.6M
CPU: 21.011s
CGroup: /system.slice/keycloak.service
├─3465 /bin/bash /opt/keycloak/bin/launch.sh standalone standalone.xml 0.0.0.0
├─3466 /bin/sh /opt/keycloak/bin/standalone.sh -c standalone.xml -b 0.0.0.0
└─3550 java -D[Standalone] -server -Xms64m -Xmx512m -XX:MetaspaceSize=96M -XX:MaxMetaspace>
May 20 09:38:25 ouestyan systemd[1]: Started The Keycloak Server.
May 20 09:39:01 ouestyan systemd[1]: /etc/systemd/system/keycloak.service:12: PIDFile= references a pat>
< / code > < / pre > < / div > < / div >
< p > A ce stade, le serveur Keycloak est démarré et écoute sur le port 8080. Vous pouvez le vérifier< / p >
< div class = "language-plaintext highlighter-rouge" > < div class = "highlight" > < pre class = "highlight" > < code > ss -antpl | grep 8080
< / code > < / pre > < / div > < / div >
< p > Vous obtiendrez la sortie suivante< / p >
< div class = "language-plaintext highlighter-rouge" > < div class = "highlight" > < pre class = "highlight" > < code > LISTEN 0 4096 0.0.0.0:8080 0.0.0.0:* users:(("java",pid=3550,fd=355))
< / code > < / pre > < / div > < / div >
< p > Vous pouvez également vérifier le journal du serveur Keycloak en utilisant la commande suivante :< / p >
< div class = "language-plaintext highlighter-rouge" > < div class = "highlight" > < pre class = "highlight" > < code > tail -f /opt/keycloak/standalone/log/server.log
< / code > < / pre > < / div > < / div >
< div class = "language-plaintext highlighter-rouge" > < div class = "highlight" > < pre class = "highlight" > < code > [...]
2022-05-20 09:38:46,755 INFO [org.jboss.as] (Controller Boot Thread) WFLYSRV0025: Keycloak 11.0.0 (WildFly Core 12.0.3.Final) started in 20546ms - Started 588 of 886 services (601 services are lazy, passive or on-demand)
2022-05-20 09:38:46,759 INFO [org.jboss.as] (Controller Boot Thread) WFLYSRV0060: Http management interface listening on http://127.0.0.1:9990/management
2022-05-20 09:38:46,759 INFO [org.jboss.as] (Controller Boot Thread) WFLYSRV0051: Admin console listening on http://127.0.0.1:9990
< / code > < / pre > < / div > < / div >
< h3 id = "créer-un-utilisateur-admin" > Créer un utilisateur Admin< / h3 >
< p > Créer un utilisateur administrateur pour accéder à l’ interface web de Keycloak.< / p >
< div class = "language-plaintext highlighter-rouge" > < div class = "highlight" > < pre class = "highlight" > < code > /opt/keycloak/bin/add-user-keycloak.sh -u admin
< / code > < / pre > < / div > < / div >
< p > Définissez votre mot de passe comme indiqué ci-dessous (mp admin49600)< / p >
< div class = "language-plaintext highlighter-rouge" > < div class = "highlight" > < pre class = "highlight" > < code > Press ctrl-d (Unix) or ctrl-z (Windows) to exit
Password:
Added 'admin' to '/opt/keycloak/standalone/configuration/keycloak-add-user.json', restart server to load user
< / code > < / pre > < / div > < / div >
< p > Redémarrez le service Keycloak pour appliquer les changements :< / p >
< div class = "language-plaintext highlighter-rouge" > < div class = "highlight" > < pre class = "highlight" > < code > systemctl restart keycloak
< / code > < / pre > < / div > < / div >
< p > Vous devrez désactiver le HTTPS pour Keycloak. Vous pouvez le désactiver avec la commande suivante :< / p >
< div class = "language-plaintext highlighter-rouge" > < div class = "highlight" > < pre class = "highlight" > < code > /opt/keycloak/bin/kcadm.sh config credentials --server http://localhost:8080/auth --realm master --user admin
< / code > < / pre > < / div > < / div >
< p > Il vous sera demandé de fournir le mot de passe admin< / p >
< div class = "language-plaintext highlighter-rouge" > < div class = "highlight" > < pre class = "highlight" > < code > Logging into http://localhost:8080/auth as user admin of realm master
Enter password: **********
< / code > < / pre > < / div > < / div >
< p > Et exécutez la commande suivante pour désactiver le HTTPS :< / p >
< div class = "language-plaintext highlighter-rouge" > < div class = "highlight" > < pre class = "highlight" > < code > /opt/keycloak/bin/kcadm.sh update realms/master -s sslRequired=NONE
< / code > < / pre > < / div > < / div >
< h3 id = "nginx-reverse-proxy" > Nginx reverse proxy< / h3 >
< p > Configurer le fichier < code class = "language-plaintext highlighter-rouge" > /opt/keycloak/standalone/configuration/standalone.xml< / code > pour activer le proxy< / p >
< p > la ligne contenant < code class = "language-plaintext highlighter-rouge" > http-listener name="default"< / code > et remplacée par< / p >
< div class = "language-plaintext highlighter-rouge" > < div class = "highlight" > < pre class = "highlight" > < code > < http-listener name="default" socket-binding="http" redirect-socket="proxy-https" enable-http2="true" proxy-address-forwarding="true"/>
< / code > < / pre > < / div > < / div >
< p > Dans le groupe < code class = "language-plaintext highlighter-rouge" > socket-binding-group name="standard-sockets"< / code > il faut ajouter une ligne< / p >
< div class = "language-plaintext highlighter-rouge" > < div class = "highlight" > < pre class = "highlight" > < code > < socket-binding name="proxy-https" port="443"/>
< / code > < / pre > < / div > < / div >
< p > Redémarrer le service keycloak< / p >
< div class = "language-plaintext highlighter-rouge" > < div class = "highlight" > < pre class = "highlight" > < code > systemctl restart keycloak
< / code > < / pre > < / div > < / div >
< p > Le fichier de configuration nginx< / p >
< div class = "language-plaintext highlighter-rouge" > < div class = "highlight" > < pre class = "highlight" > < code > /etc/nginx/conf.d/keycloak.ouestyan.xyz.conf
< / code > < / pre > < / div > < / div >
< div class = "language-nginx highlighter-rouge" > < div class = "highlight" > < pre class = "highlight" > < code > < span class = "k" > server< / span > < span class = "p" > {< / span >
< span class = "kn" > listen< / span > < span class = "mi" > 80< / span > < span class = "p" > ;< / span >
< span class = "kn" > listen< / span > < span class = "s" > [::]:80< / span > < span class = "p" > ;< / span >
< span class = "c1" > ## redirect http to https ##< / span >
< span class = "kn" > server_name< / span > < span class = "s" > keycloak.ouestyan.xyz< / span > < span class = "p" > ;< / span >
< span class = "kn" > return< / span > < span class = "mi" > 301< / span > < span class = "s" > https://< / span > < span class = "nv" > $server_name$request_uri< / span > < span class = "p" > ;< / span >
< span class = "p" > }< / span >
< span class = "k" > server< / span > < span class = "p" > {< / span >
< span class = "kn" > listen< / span > < span class = "mi" > 443< / span > < span class = "s" > ssl< / span > < span class = "s" > http2< / span > < span class = "p" > ;< / span >
< span class = "kn" > listen< / span > < span class = "s" > [::]:443< / span > < span class = "s" > ssl< / span > < span class = "s" > http2< / span > < span class = "p" > ;< / span >
< span class = "kn" > server_name< / span > < span class = "s" > keycloak.ouestyan.xyz< / span > < span class = "p" > ;< / span >
< span class = "c1" > # Certificats Let's Encrypt < / span >
< span class = "c1" > # TLS 1.3 only< / span >
< span class = "c1" > # HSTS (ngx_http_headers_module is required) (63072000 seconds)< / span >
< span class = "c1" > # OCSP stapling< / span >
< span class = "c1" > # replace with the IP address of your resolver< / span >
< span class = "kn" > include< / span > < span class = "n" > /etc/nginx/tls-hsts-ocsp.conf< / span > < span class = "p" > ;< / span >
< span class = "kn" > location< / span > < span class = "n" > /< / span > < span class = "p" > {< / span >
< span class = "kn" > proxy_pass< / span > < span class = "s" > http://localhost:8080< / span > < span class = "p" > ;< / span > < span class = "c1" > # keycloak runs on port 8080 by default< / span >
< span class = "kn" > proxy_http_version< / span > < span class = "mf" > 1.1< / span > < span class = "p" > ;< / span >
< span class = "kn" > proxy_set_header< / span > < span class = "s" > Upgrade< / span > < span class = "nv" > $http_upgrade< / span > < span class = "p" > ;< / span >
< span class = "kn" > proxy_set_header< / span > < span class = "s" > Connection< / span > < span class = "s" > 'upgrade'< / span > < span class = "p" > ;< / span >
< span class = "kn" > proxy_set_header< / span > < span class = "s" > X-Forwarded-For< / span > < span class = "nv" > $proxy_protocol_addr< / span > < span class = "p" > ;< / span >
< span class = "kn" > proxy_set_header< / span > < span class = "s" > X-Forwarded-Proto< / span > < span class = "nv" > $scheme< / span > < span class = "p" > ;< / span >
< span class = "kn" > proxy_set_header< / span > < span class = "s" > Host< / span > < span class = "nv" > $host< / span > < span class = "p" > ;< / span >
< span class = "kn" > proxy_cache_bypass< / span > < span class = "nv" > $http_upgrade< / span > < span class = "p" > ;< / span >
< span class = "p" > }< / span >
< span class = "p" > }< / span >
< / code > < / pre > < / div > < / div >
< p > Vérifier et relancer nginx< / p >
< div class = "language-plaintext highlighter-rouge" > < div class = "highlight" > < pre class = "highlight" > < code > sudo nginx -t
sudo systemctl reload nginx
< / code > < / pre > < / div > < / div >
< h2 id = "keycloak-web" > Keycloak web< / h2 >
< p > Ouvrir le lien < a href = "https://keycloak.ouestyan.xyz/auth/" > https://keycloak.ouestyan.xyz/auth/< / a > < br / >
< img src = "/images/keycloak100.png" alt = "" / > < br / >
< img src = "/images/keycloak101.png" alt = "" / > < / p >
< p > < img src = "/images/keycloak102.png" alt = "" / > < / p >
< h3 id = "clients" > Clients< / h3 >
< p > Créer notre client, qui sera donc notre serveur Nextcloud. Pour ce faire, on se rend sur l’ onglet < strong > Clients< / strong > puis < strong > Create< / strong > < br / >
< img src = "/images/keycloak103.png" alt = "" / > < / p >
< p > < img src = "/images/keycloak104.png" alt = "" / > < br / >
On lui renseigne un nom (Client ID), on choisi le type de protocole utilisé, ici ce sera OpenID-Connect, et enfin l’ URL de notre serveur. Nextcloud hébergé https://cloud.xoyize.xyz. Cliquer sur < strong > Save< / strong > < br / >
< img src = "/images/keycloak105.png" alt = "" / > < br / >
on renseigne un nom, une description, on choisi l’ < strong > Access Type< / strong > à < strong > Confidential< / strong > , car notre client doit renseigner un < strong > secret< / strong > pour initier la connexion< br / >
On laisse les différentes options par défaut, et on vérifie les URLs < br / >
On clique sur < strong > Save< / strong > pour terminer.< / p >
< p > Dans la partie < strong > Clients< / strong > , puis < strong > Nextcloud-hub< / strong > on se rend sur l’ onglet Roles et on peut y créer nos groupes. Ici, je vais créer un groupe nommé < strong > Utilisateurs< / strong > via “Add Role”< br / >
< img src = "/images/keycloak114.png" alt = "" / > < / p >
< p > Puis ensuite il faut rajouter un < strong > Mapper< / strong > , en se rendant dans l’ onglet correspondant. Ici, on clique sur < strong > Add builtin< / strong > , puis on sélectionne la case à cocher < strong > client roles< / strong > et on clique sur “Add selected”< br / >
< img src = "/images/keycloak115.png" alt = "" / > < / p >
< p > Ensuite il convient de modifier le nom du claim qui sera intégré au token. On remplace la valeur < strong > Token Claim Name< / strong > par < strong > roles< / strong > < br / >
< img src = "/images/keycloak116.png" alt = "" / > < / p >
< h3 id = "users" > Users< / h3 >
< p > Il faut créer un utilisateur sur notre Keycloack < br / >
< img src = "/images/keycloak107.png" alt = "" / > < / p >
< p > < img src = "/images/keycloak108.png" alt = "" / > < br / >
< img src = "/images/keycloak109.png" alt = "" / > < br / >
Une fois notre user créé, on lui setup un mot de passe en nous rendant dans < strong > Credentials< / strong >
< img src = "/images/keycloak110.png" alt = "" / > < br / >
Et enfin, après avoir créé notre user (yannick) on se rend sur < strong > Role Mappings< / strong > , et dans < strong > Client Roles< / strong > on peut choisir notre instance Nextcloud, puis lui assigné le nom du role (du groupe) voulu < br / >
< img src = "/images/keycloak117.png" alt = "" / > < / p >
< h2 id = "nextcloud" > Nextcloud< / h2 >
< h3 id = "configurer-extension-social-login" > Configurer extension “Social Login”< / h3 >
< p > ON ajoute un groupe (facultatif)< br / >
< img src = "/images/keycloak120.png" alt = "" / > < br / >
< img src = "/images/keycloak121.png" alt = "" / > < / p >
< p > La première étape est d’ installer l’ extension < strong > Social Login< / strong > dans < strong > Applications< / strong > :< br / >
< img src = "/images/keycloak006.png" alt = "" / > < br / >
Cliquer sur “Télécharger et activer”< / p >
< p > Puis en nous rendant dans les “Paramètres” → “Social login” (rubrique Administration). Cliquez en premier lieu sur < strong > Sauvegarder< / strong > après avoir (ou pas) coché certaines options désirées :< br / >
< img src = "/images/keycloak006.png" alt = "" / > < br / >
Modifier la configuration du plugin < strong > Social Login< / strong > , cliquer sur < strong > Sauvegarder< / strong >
< img src = "/images/keycloak008a.png" alt = "" / > < / p >
< ul >
< li > Empêcher la création d’ un compte si l’ adresse e-mail existe dans un autre compte : coché< / li >
< li > Update user profile every login: coché pour que les changements d’ utilisateur sur Keycloak se propagent lors de la prochaine utilisation< / li >
< / ul >
< p > On clique ensuite sur “Custom OpenID Connect”, et on rempli les champs adéquats< br / >
< img src = "/images/keycloak008.png" alt = "" / > < / p >
< ul >
< li > < strong > Internal name< / strong > : keycloak-yan< / li >
< li > < strong > Title< / strong > : keycloak-yan< / li >
< li > < strong > Authorize URL< / strong > : < a href = "https://keycloak.ouestyan.xyz/auth/realms/master/protocol/openid-connect/auth" > https://keycloak.ouestyan.xyz/auth/realms/master/protocol/openid-connect/auth< / a > , vous mettez donc votre URL en rajoutant le < code class = "language-plaintext highlighter-rouge" > /realms/master/protocol/openid-connect/auth< / code > , où < code class = "language-plaintext highlighter-rouge" > /master/< / code > est le nom de votre realm, ici via l’ instance de test de Keycloack celui-ci est nommé master< / li >
< li > < strong > Token URL< / strong > : < a href = "https://keycloak.ouestyan.xyz/auth/realms/master/protocol/openid-connect/token" > https://keycloak.ouestyan.xyz/auth/realms/master/protocol/openid-connect/token< / a > , comme pour l’ Authorize URL, vous avez compris l’ idée< / li >
< li > < strong > User info URL< / strong > (optional) : https://keycloak.ouestyan.xyz/realms/master/protocol/openid-connect/userinfo< / li >
< li > < strong > Client ID< / strong > : l’ id du client créé sur notre Keycloack, il s’ agissait de nextcloud-hub< / li >
< li > < strong > Client Secret< / strong > : pour l’ obtenir retournez sur la console admin de Keycloack, sur les paramètres de votre client, et allez dans Credentials puis Secret< br / >
< img src = "/images/keycloak007.png" alt = "" / > < / li >
< li > < strong > Scope< / strong > : openid< / li >
< li > < strong > Button style< / strong > : optionnel, mais vous pouvez choisir Keycloack< / li >
< li > < strong > Default group< / strong > : utilisateurs< / li >
< / ul >
< p > On peut valider le tout en cliquant sur < strong > Sauvegarder< / strong > en bas de page.< / p >
< h3 id = "authentification-via-keycloak" > Authentification via keycloak< / h3 >
< p > Et si l’ on essaie de se connecter avec cet utilisateur “yannick”< br / >
< img src = "/images/keycloak111.png" alt = "" / > < br / >
< img src = "/images/keycloak112.png" alt = "" / > < / p >
< p > Tout fonctionne !< br / >
< img src = "/images/keycloak113.png" alt = "" / > < / p >
< h3 id = "cli---token--info-utilisateur" > CLI - Token + info utilisateur< / h3 >
< p > En ligne de commande , vérification du Token avec affichage des infos de l’ utilisateur “yannick”< / p >
< div class = "language-bash highlighter-rouge" > < div class = "highlight" > < pre class = "highlight" > < code > < span class = "c" > # Paramètres< / span >
< span class = "nv" > KEYCLOAK_HOST< / span > < span class = "o" > =< / span > keycloak.ouestyan.xyz
< span class = "nv" > KEYCLOAK_USERNAME< / span > < span class = "o" > =< / span > yannick
< span class = "nv" > KEYCLOAK_PASSWORD< / span > < span class = "o" > =< / span > yannick49600
< span class = "nv" > KEYCLOAK_REALM< / span > < span class = "o" > =< / span > master
< span class = "c" > # console admin Keycloack, paramètres de votre client, Credentials puis Secret< / span >
< span class = "nv" > KEYCLOAK_CLIENT_SECRET< / span > < span class = "o" > =< / span > 3a6f48bef-d214-ed56-49ab-cd230fa
< span class = "nv" > CLIENT_ID< / span > < span class = "o" > =< / span > nextcloud-hub
< span class = "c" > # Obtenir le jeton (token)< / span >
< span class = "nv" > TOKEN< / span > < span class = "o" > =< / span > < span class = "si" > $(< / span > curl < span class = "nt" > -s< / span > < span class = "se" > \< / span >
< span class = "nt" > -d< / span > < span class = "s2" > "client_id=< / span > < span class = "nv" > $CLIENT_ID< / span > < span class = "s2" > "< / span > < span class = "se" > \< / span >
< span class = "nt" > -d< / span > < span class = "s2" > "client_secret=< / span > < span class = "nv" > $KEYCLOAK_CLIENT_SECRET< / span > < span class = "s2" > "< / span > < span class = "se" > \< / span >
< span class = "nt" > -d< / span > < span class = "s2" > "username=< / span > < span class = "nv" > $KEYCLOAK_USERNAME< / span > < span class = "s2" > "< / span > < span class = "se" > \< / span >
< span class = "nt" > -d< / span > < span class = "s2" > "password=< / span > < span class = "nv" > $KEYCLOAK_PASSWORD< / span > < span class = "s2" > "< / span > < span class = "se" > \< / span >
< span class = "nt" > -d< / span > < span class = "s2" > "grant_type=password"< / span > < span class = "se" > \< / span >
< span class = "s2" > "https://< / span > < span class = "nv" > $KEYCLOAK_HOST< / span > < span class = "s2" > /auth/realms/< / span > < span class = "nv" > $KEYCLOAK_REALM< / span > < span class = "s2" > /protocol/openid-connect/token"< / span > | jq < span class = "nt" > -r< / span > < span class = "s1" > '.access_token'< / span > < span class = "si" > )< / span >
< span class = "c" > # Utiliser le jeton pour obtenir des informations sur l'utilisateur< / span >
curl < span class = "se" > \< / span >
< span class = "nt" > -H< / span > < span class = "s2" > "Authorization: bearer < / span > < span class = "nv" > $TOKEN< / span > < span class = "s2" > "< / span > < span class = "se" > \< / span >
https://< span class = "nv" > $KEYCLOAK_HOST< / span > /auth/realms/< span class = "nv" > $KEYCLOAK_REALM< / span > /protocol/openid-connect/userinfo | jq
< / code > < / pre > < / div > < / div >
< p > vous obtenez une réponse au format JSON< / p >
< div class = "language-json highlighter-rouge" > < div class = "highlight" > < pre class = "highlight" > < code > < span class = "p" > {< / span > < span class = "w" >
< / span > < span class = "nl" > "sub"< / span > < span class = "p" > :< / span > < span class = "w" > < / span > < span class = "s2" > "d826c0ce-f2ab-404b-a29e-5040c8d782ad"< / span > < span class = "p" > ,< / span > < span class = "w" >
< / span > < span class = "nl" > "email_verified"< / span > < span class = "p" > :< / span > < span class = "w" > < / span > < span class = "kc" > false< / span > < span class = "p" > ,< / span > < span class = "w" >
< / span > < span class = "nl" > "preferred_username"< / span > < span class = "p" > :< / span > < span class = "w" > < / span > < span class = "s2" > "yannick"< / span > < span class = "p" > ,< / span > < span class = "w" >
< / span > < span class = "nl" > "email"< / span > < span class = "p" > :< / span > < span class = "w" > < / span > < span class = "s2" > "yannick@yanfi.space"< / span > < span class = "p" > ,< / span > < span class = "w" >
< / span > < span class = "nl" > "roles"< / span > < span class = "p" > :< / span > < span class = "w" > < / span > < span class = "p" > [< / span > < span class = "w" >
< / span > < span class = "s2" > "manage-account"< / span > < span class = "p" > ,< / span > < span class = "w" >
< / span > < span class = "s2" > "manage-account-links"< / span > < span class = "p" > ,< / span > < span class = "w" >
< / span > < span class = "s2" > "view-profile"< / span > < span class = "p" > ,< / span > < span class = "w" >
< / span > < span class = "s2" > "Utilisateurs"< / span > < span class = "w" >
< / span > < span class = "p" > ]< / span > < span class = "w" >
< / span > < span class = "p" > }< / span > < span class = "w" >
< / span > < / code > < / pre > < / div > < / div >
< h2 id = "liens" > Liens< / h2 >
< ul >
< li > < a href = "https://keycloak.ch/keycloak-tutorials/tutorial-1-installing-and-running-keycloak/" > Installer et exécuter Keycloak< / a > < / li >
< li > < a href = "https://cloudinfrastructureservices.co.uk/install-keycloak-sso-on-ubuntu-20-04/" > How to Install KeyCloak SSO on Ubuntu 20.04 (Tutorial)< / a > < / li >
< li > < a href = "https://learning.minamirnd.work/keycloak-install-ubuntu/" > Installing and running Keycloak standalone on Ubuntu 20.04< / a > < / li >
< li > < a href = "https://blog.w3asel.com/2019/10/authenticating-nextcloud-with-keycloak-using-openid-connect/" > Authenticating Nextcloud with Keycloak using OpenID Connect< / a > < / li >
< li > < a href = "https://blog.laubacher.io/keycloak-with-2fa-as-nextcloud-backend" > Keycloak with 2FA as Nextcloud backend< / a > < / li >
< li > < a href = "https://www.aukfood.fr/comment-nous-avons-cree-une-architecture-sso-nextcloud-keycloak-yubikey/" > Comment nous avons créé une architecture SSO : Nextcloud + Keycloak + YubiKey< / a > < / li >
< li > < a href = "https://heiswayi.nrird.com/sso-with-keycloak" > SSO with Keycloak< / a > < / li >
< li > < a href = "https://janikvonrotz.ch/2020/10/20/openid-connect-with-nextcloud-and-keycloak/" > OpenID Connect with Nextcloud and Keycloak< / a > < / li >
< / ul >
< / div >
< div class = "d-print-none" > < footer class = "article__footer" > < meta itemprop = "dateModified" content = "2022-05-20T00:00:00+02:00" > <!-- start custom article footer snippet -->
<!-- end custom article footer snippet -->
<!--
< div align = "right" > < a type = "application/rss+xml" href = "/feed.xml" title = "S'abonner" > < i class = "fa fa-rss fa-2x" > < / i > < / a >
  < / div >
-->
< / footer >
< div class = "article__section-navigator clearfix" > < div class = "previous" > < span > PRÉCÉDENT< / span > < a href = "/2022/05/18/Nextcloud-Hub_Nginx_PHP8_MariaDB_SSL-TLS.html" > Nginx compilé, PHP8.1, MariaDB, Nextcloud Hub et certificats Let's Encrypt< / a > < / div > < div class = "next" > < span > SUIVANT< / span > < a href = "/2022/05/24/BorgBackup_sauvegarde_Home.html" > BorgBackup sauvegarde Home< / a > < / div > < / div > < / div >
< / div >
< script > ( f u n c t i o n ( ) {
var SOURCES = window.TEXT_VARIABLES.sources;
window.Lazyload.js(SOURCES.jquery, function() {
$(function() {
var $this ,$scroll;
var $articleContent = $('.js-article-content');
var hasSidebar = $('.js-page-root').hasClass('layout--page--sidebar');
var scroll = hasSidebar ? '.js-page-main' : 'html, body';
$scroll = $(scroll);
$articleContent.find('.highlight').each(function() {
$this = $(this);
$this.attr('data-lang', $this.find('code').attr('data-lang'));
});
$articleContent.find('h1[id], h2[id], h3[id], h4[id], h5[id], h6[id]').each(function() {
$this = $(this);
$this.append($('< a class = "anchor d-print-none" aria-hidden = "true" > < / a > ').html('< i class = "fas fa-anchor" > < / i > '));
});
$articleContent.on('click', '.anchor', function() {
$scroll.scrollToAnchor('#' + $(this).parent().attr('id'), 400);
});
});
});
})();
< / script >
< / div > < section class = "page__comments d-print-none" > < / section > < / article > <!-- start custom main bottom snippet -->
<!-- end custom main bottom snippet -->
< / div >
< / div > < / div > < / div > < / div >
< / div > < script > ( f u n c t i o n ( ) {
var SOURCES = window.TEXT_VARIABLES.sources;
window.Lazyload.js(SOURCES.jquery, function() {
var $body = $('body'), $window = $(window);
var $pageRoot = $('.js-page-root'), $pageMain = $('.js-page-main');
var activeCount = 0;
function modal(options) {
var $root = this, visible, onChange, hideWhenWindowScroll = false;
var scrollTop;
function setOptions(options) {
var _options = options || {};
visible = _options.initialVisible === undefined ? false : show;
onChange = _options.onChange;
hideWhenWindowScroll = _options.hideWhenWindowScroll;
}
function init() {
setState(visible);
}
function setState(isShow) {
if (isShow === visible) {
return;
}
visible = isShow;
if (visible) {
activeCount++;
scrollTop = $(window).scrollTop() || $pageMain.scrollTop();
$root.addClass('modal--show');
$pageMain.scrollTop(scrollTop);
activeCount === 1 & & ($pageRoot.addClass('show-modal'), $body.addClass('of-hidden'));
hideWhenWindowScroll & & window.hasEvent('touchstart') & & $window.on('scroll', hide);
$window.on('keyup', handleKeyup);
} else {
activeCount > 0 & & activeCount--;
$root.removeClass('modal--show');
$window.scrollTop(scrollTop);
activeCount === 0 & & ($pageRoot.removeClass('show-modal'), $body.removeClass('of-hidden'));
hideWhenWindowScroll & & window.hasEvent('touchstart') & & $window.off('scroll', hide);
$window.off('keyup', handleKeyup);
}
onChange & & onChange(visible);
}
function show() {
setState(true);
}
function hide() {
setState(false);
}
function handleKeyup(e) {
// Char Code: 27 ESC
if (e.which === 27) {
hide();
}
}
setOptions(options);
init();
return {
show: show,
hide: hide,
$el: $root
};
}
$.fn.modal = modal;
});
})();
< / script > < div class = "modal modal--overflow page__search-modal d-print-none js-page-search-modal" > < script >
(function () {
var SOURCES = window.TEXT_VARIABLES.sources;
window.Lazyload.js(SOURCES.jquery, function() {
// search panel
var search = (window.search || (window.search = {}));
var useDefaultSearchBox = window.useDefaultSearchBox === undefined ?
true : window.useDefaultSearchBox ;
var $searchModal = $('.js-page-search-modal');
var $searchToggle = $('.js-search-toggle');
var searchModal = $searchModal.modal({ onChange: handleModalChange, hideWhenWindowScroll: true });
var modalVisible = false;
search.searchModal = searchModal;
var $searchBox = null;
var $searchInput = null;
var $searchClear = null;
function getModalVisible() {
return modalVisible;
}
search.getModalVisible = getModalVisible;
function handleModalChange(visible) {
modalVisible = visible;
if (visible) {
search.onShow & & search.onShow();
useDefaultSearchBox & & $searchInput[0] & & $searchInput[0].focus();
} else {
search.onShow & & search.onHide();
useDefaultSearchBox & & $searchInput[0] & & $searchInput[0].blur();
setTimeout(function() {
useDefaultSearchBox & & ($searchInput.val(''), $searchBox.removeClass('not-empty'));
search.clear & & search.clear();
window.pageAsideAffix & & window.pageAsideAffix.refresh();
}, 400);
}
}
$searchToggle.on('click', function() {
modalVisible ? searchModal.hide() : searchModal.show();
});
// Char Code: 83 S, 191 /
$(window).on('keyup', function(e) {
if (!modalVisible & & !window.isFormElement(e.target || e.srcElement) & & (e.which === 83 || e.which === 191)) {
modalVisible || searchModal.show();
}
});
if (useDefaultSearchBox) {
$searchBox = $('.js-search-box');
$searchInput = $searchBox.children('input');
$searchClear = $searchBox.children('.js-icon-clear');
search.getSearchInput = function() {
return $searchInput.get(0);
};
search.getVal = function() {
return $searchInput.val();
};
search.setVal = function(val) {
$searchInput.val(val);
};
$searchInput.on('focus', function() {
$(this).addClass('focus');
});
$searchInput.on('blur', function() {
$(this).removeClass('focus');
});
$searchInput.on('input', window.throttle(function() {
var val = $(this).val();
if (val === '' || typeof val !== 'string') {
search.clear & & search.clear();
} else {
$searchBox.addClass('not-empty');
search.onInputNotEmpty & & search.onInputNotEmpty(val);
}
}, 400));
$searchClear.on('click', function() {
$searchInput.val(''); $searchBox.removeClass('not-empty');
search.clear & & search.clear();
});
}
});
})();
< / script > < div class = "search search--dark" >
< div class = "main" >
< div class = "search__header" > Recherche< / div >
< div class = "search-bar" >
< div class = "search-box js-search-box" >
< div class = "search-box__icon-search" > < i class = "fas fa-search" > < / i > < / div >
< input id = "search-input" type = "text" / >
< div class = "search-box__icon-clear js-icon-clear" >
< a > < i class = "fas fa-times" > < / i > < / a >
< / div >
< / div >
< button class = "button button--theme-dark button--pill search__cancel js-search-toggle" >
Annuler< / button >
< / div >
< div id = "results-container" class = "search-result js-search-result" > < / div >
< / div >
< / div >
<!-- Script pointing to search - script.js -->
< script > / * !
* Simple-Jekyll-Search
* Copyright 2015-2020, Christian Fei
* Licensed under the MIT License.
*/
(function(){
'use strict'
var _$Templater_7 = {
compile: compile,
setOptions: setOptions
}
const options = {}
options.pattern = /\{(.*?)\}/g
options.template = ''
options.middleware = function () {}
function setOptions (_options) {
options.pattern = _options.pattern || options.pattern
options.template = _options.template || options.template
if (typeof _options.middleware === 'function') {
options.middleware = _options.middleware
}
}
function compile (data) {
return options.template.replace(options.pattern, function (match, prop) {
const value = options.middleware(prop, data[prop], options.template)
if (typeof value !== 'undefined') {
return value
}
return data[prop] || match
})
}
'use strict';
function fuzzysearch (needle, haystack) {
var tlen = haystack.length;
var qlen = needle.length;
if (qlen > tlen) {
return false;
}
if (qlen === tlen) {
return needle === haystack;
}
outer: for (var i = 0, j = 0; i < qlen ; i + + ) {
var nch = needle.charCodeAt(i);
while (j < tlen ) {
if (haystack.charCodeAt(j++) === nch) {
continue outer;
}
}
return false;
}
return true;
}
var _$fuzzysearch_1 = fuzzysearch;
'use strict'
/* removed: const _$fuzzysearch_1 = require('fuzzysearch') */;
var _$FuzzySearchStrategy_5 = new FuzzySearchStrategy()
function FuzzySearchStrategy () {
this.matches = function (string, crit) {
return _$fuzzysearch_1(crit.toLowerCase(), string.toLowerCase())
}
}
'use strict'
var _$LiteralSearchStrategy_6 = new LiteralSearchStrategy()
function LiteralSearchStrategy () {
this.matches = function (str, crit) {
if (!str) return false
str = str.trim().toLowerCase()
crit = crit.trim().toLowerCase()
return crit.split(' ').filter(function (word) {
return str.indexOf(word) >= 0
}).length === crit.split(' ').length
}
}
'use strict'
var _$Repository_4 = {
put: put,
clear: clear,
search: search,
setOptions: __setOptions_4
}
/* removed: const _$FuzzySearchStrategy_5 = require('./SearchStrategies/FuzzySearchStrategy') */;
/* removed: const _$LiteralSearchStrategy_6 = require('./SearchStrategies/LiteralSearchStrategy') */;
function NoSort () {
return 0
}
const data = []
let opt = {}
opt.fuzzy = false
opt.limit = 10
opt.searchStrategy = opt.fuzzy ? _$FuzzySearchStrategy_5 : _$LiteralSearchStrategy_6
opt.sort = NoSort
opt.exclude = []
function put (data) {
if (isObject(data)) {
return addObject(data)
}
if (isArray(data)) {
return addArray(data)
}
return undefined
}
function clear () {
data.length = 0
return data
}
function isObject (obj) {
return Boolean(obj) & & Object.prototype.toString.call(obj) === '[object Object]'
}
function isArray (obj) {
return Boolean(obj) & & Object.prototype.toString.call(obj) === '[object Array]'
}
function addObject (_data) {
data.push(_data)
return data
}
function addArray (_data) {
const added = []
clear()
for (let i = 0, len = _data.length; i < len ; i + + ) {
if (isObject(_data[i])) {
added.push(addObject(_data[i]))
}
}
return added
}
function search (crit) {
if (!crit) {
return []
}
return findMatches(data, crit, opt.searchStrategy, opt).sort(opt.sort)
}
function __setOptions_4 (_opt) {
opt = _opt || {}
opt.fuzzy = _opt.fuzzy || false
opt.limit = _opt.limit || 10
opt.searchStrategy = _opt.fuzzy ? _$FuzzySearchStrategy_5 : _$LiteralSearchStrategy_6
opt.sort = _opt.sort || NoSort
opt.exclude = _opt.exclude || []
}
function findMatches (data, crit, strategy, opt) {
const matches = []
for (let i = 0; i < data.length & & matches . length < opt . limit ; i + + ) {
const match = findMatchesInObject(data[i], crit, strategy, opt)
if (match) {
matches.push(match)
}
}
return matches
}
function findMatchesInObject (obj, crit, strategy, opt) {
for (const key in obj) {
if (!isExcluded(obj[key], opt.exclude) & & strategy.matches(obj[key], crit)) {
return obj
}
}
}
function isExcluded (term, excludedTerms) {
for (let i = 0, len = excludedTerms.length; i < len ; i + + ) {
const excludedTerm = excludedTerms[i]
if (new RegExp(excludedTerm).test(term)) {
return true
}
}
return false
}
/* globals ActiveXObject:false */
'use strict'
var _$JSONLoader_2 = {
load: load
}
function load (location, callback) {
const xhr = getXHR()
xhr.open('GET', location, true)
xhr.onreadystatechange = createStateChangeListener(xhr, callback)
xhr.send()
}
function createStateChangeListener (xhr, callback) {
return function () {
if (xhr.readyState === 4 & & xhr.status === 200) {
try {
callback(null, JSON.parse(xhr.responseText))
} catch (err) {
callback(err, null)
}
}
}
}
function getXHR () {
return window.XMLHttpRequest ? new window.XMLHttpRequest() : new ActiveXObject('Microsoft.XMLHTTP')
}
'use strict'
var _$OptionsValidator_3 = function OptionsValidator (params) {
if (!validateParams(params)) {
throw new Error('-- OptionsValidator: required options missing')
}
if (!(this instanceof OptionsValidator)) {
return new OptionsValidator(params)
}
const requiredOptions = params.required
this.getRequiredOptions = function () {
return requiredOptions
}
this.validate = function (parameters) {
const errors = []
requiredOptions.forEach(function (requiredOptionName) {
if (typeof parameters[requiredOptionName] === 'undefined') {
errors.push(requiredOptionName)
}
})
return errors
}
function validateParams (params) {
if (!params) {
return false
}
return typeof params.required !== 'undefined' & & params.required instanceof Array
}
}
'use strict'
var _$utils_9 = {
merge: merge,
isJSON: isJSON
}
function merge (defaultParams, mergeParams) {
const mergedOptions = {}
for (const option in defaultParams) {
mergedOptions[option] = defaultParams[option]
if (typeof mergeParams[option] !== 'undefined') {
mergedOptions[option] = mergeParams[option]
}
}
return mergedOptions
}
function isJSON (json) {
try {
if (json instanceof Object & & JSON.parse(JSON.stringify(json))) {
return true
}
return false
} catch (err) {
return false
}
}
var _$src_8 = {};
(function (window) {
'use strict'
let options = {
searchInput: null,
resultsContainer: null,
json: [],
success: Function.prototype,
searchResultTemplate: '< li > < a href = "{url}" title = "{desc}" > {title}< / a > < / li > ',
templateMiddleware: Function.prototype,
sortMiddleware: function () {
return 0
},
noResultsText: 'No results found',
limit: 10,
fuzzy: false,
debounceTime: null,
exclude: []
}
let debounceTimerHandle
const debounce = function (func, delayMillis) {
if (delayMillis) {
clearTimeout(debounceTimerHandle)
debounceTimerHandle = setTimeout(func, delayMillis)
} else {
func.call()
}
}
const requiredOptions = ['searchInput', 'resultsContainer', 'json']
/* removed: const _$Templater_7 = require('./Templater') */;
/* removed: const _$Repository_4 = require('./Repository') */;
/* removed: const _$JSONLoader_2 = require('./JSONLoader') */;
const optionsValidator = _$OptionsValidator_3({
required: requiredOptions
})
/* removed: const _$utils_9 = require('./utils') */;
window.SimpleJekyllSearch = function (_options) {
const errors = optionsValidator.validate(_options)
if (errors.length > 0) {
throwError('You must specify the following required options: ' + requiredOptions)
}
options = _$utils_9.merge(options, _options)
_$Templater_7.setOptions({
template: options.searchResultTemplate,
middleware: options.templateMiddleware
})
_$Repository_4.setOptions({
fuzzy: options.fuzzy,
limit: options.limit,
sort: options.sortMiddleware,
exclude: options.exclude
})
if (_$utils_9.isJSON(options.json)) {
initWithJSON(options.json)
} else {
initWithURL(options.json)
}
const rv = {
search: search
}
typeof options.success === 'function' & & options.success.call(rv)
return rv
}
function initWithJSON (json) {
_$Repository_4.put(json)
registerInput()
}
function initWithURL (url) {
_$JSONLoader_2.load(url, function (err, json) {
if (err) {
throwError('failed to get JSON (' + url + ')')
}
initWithJSON(json)
})
}
function emptyResultsContainer () {
options.resultsContainer.innerHTML = ''
}
function appendToResultsContainer (text) {
options.resultsContainer.innerHTML += text
}
function registerInput () {
options.searchInput.addEventListener('input', function (e) {
if (isWhitelistedKey(e.which)) {
emptyResultsContainer()
debounce(function () { search(e.target.value) }, options.debounceTime)
}
})
}
function search (query) {
if (isValidQuery(query)) {
emptyResultsContainer()
render(_$Repository_4.search(query), query)
}
}
function render (results, query) {
const len = results.length
if (len === 0) {
return appendToResultsContainer(options.noResultsText)
}
for (let i = 0; i < len ; i + + ) {
results[i].query = query
appendToResultsContainer(_$Templater_7.compile(results[i]))
}
}
function isValidQuery (query) {
return query & & query.length > 0
}
function isWhitelistedKey (key) {
return [13, 16, 20, 37, 38, 39, 40, 91].indexOf(key) === -1
}
function throwError (message) {
throw new Error('SimpleJekyllSearch --- ' + message)
}
})(window)
}());
< / script >
<!-- Configuration -->
< script >
SimpleJekyllSearch({
searchInput: document.getElementById('search-input'),
resultsContainer: document.getElementById('results-container'),
noResultsText: '< p > Aucun résultat!< / p > ',
json: '/search.json',
searchResultTemplate: '< li > < a href = "{url}" > {date} {title}< / a > (Création {create})< / li > '
})
< / script >
< / div > < / div >
< script > ( f u n c t i o n ( ) {
var SOURCES = window.TEXT_VARIABLES.sources;
window.Lazyload.js(SOURCES.jquery, function() {
function scrollToAnchor(anchor, duration, callback) {
var $root = this;
$root.animate({ scrollTop: $(anchor).position().top }, duration, function() {
window.history.replaceState(null, '', window.location.href.split('#')[0] + anchor);
callback & & callback();
});
}
$.fn.scrollToAnchor = scrollToAnchor;
});
})();
(function() {
var SOURCES = window.TEXT_VARIABLES.sources;
window.Lazyload.js(SOURCES.jquery, function() {
function affix(options) {
var $root = this, $window = $(window), $scrollTarget, $scroll,
offsetBottom = 0, scrollTarget = window, scroll = window.document, disabled = false, isOverallScroller = true,
rootTop, rootLeft, rootHeight, scrollBottom, rootBottomTop,
hasInit = false, curState;
function setOptions(options) {
var _options = options || {};
_options.offsetBottom & & (offsetBottom = _options.offsetBottom);
_options.scrollTarget & & (scrollTarget = _options.scrollTarget);
_options.scroll & & (scroll = _options.scroll);
_options.disabled !== undefined & & (disabled = _options.disabled);
$scrollTarget = $(scrollTarget);
isOverallScroller = window.isOverallScroller($scrollTarget[0]);
$scroll = $(scroll);
}
function preCalc() {
top();
rootHeight = $root.outerHeight();
rootTop = $root.offset().top + (isOverallScroller ? 0 : $scrollTarget.scrollTop());
rootLeft = $root.offset().left;
}
function calc(needPreCalc) {
needPreCalc & & preCalc();
scrollBottom = $scroll.outerHeight() - offsetBottom - rootHeight;
rootBottomTop = scrollBottom - rootTop;
}
function top() {
if (curState !== 'top') {
$root.removeClass('fixed').css({
left: 0,
top: 0
});
curState = 'top';
}
}
function fixed() {
if (curState !== 'fixed') {
$root.addClass('fixed').css({
left: rootLeft + 'px',
top: 0
});
curState = 'fixed';
}
}
function bottom() {
if (curState !== 'bottom') {
$root.removeClass('fixed').css({
left: 0,
top: rootBottomTop + 'px'
});
curState = 'bottom';
}
}
function setState() {
var scrollTop = $scrollTarget.scrollTop();
if (scrollTop >= rootTop & & scrollTop < = scrollBottom) {
fixed();
} else if (scrollTop < rootTop ) {
top();
} else {
bottom();
}
}
function init() {
if(!hasInit) {
var interval, timeout;
calc(true); setState();
// run calc every 100 millisecond
interval = setInterval(function() {
calc();
}, 100);
timeout = setTimeout(function() {
clearInterval(interval);
}, 45000);
window.pageLoad.then(function() {
setTimeout(function() {
clearInterval(interval);
clearTimeout(timeout);
}, 3000);
});
$scrollTarget.on('scroll', function() {
disabled || setState();
});
$window.on('resize', function() {
disabled || (calc(true), setState());
});
hasInit = true;
}
}
setOptions(options);
if (!disabled) {
init();
}
$window.on('resize', window.throttle(function() {
init();
}, 200));
return {
setOptions: setOptions,
refresh: function() {
calc(true, { animation: false }); setState();
}
};
}
$.fn.affix = affix;
});
})();
(function() {
var SOURCES = window.TEXT_VARIABLES.sources;
window.Lazyload.js(SOURCES.jquery, function() {
function toc(options) {
var $root = this, $window = $(window), $scrollTarget, $scroller, $tocUl = $('< ul class = "toc toc--ellipsis" > < / ul > '), $tocLi, $headings, $activeLast, $activeCur,
selectors = 'h1,h2,h3', container = 'body', scrollTarget = window, scroller = 'html, body', disabled = false,
headingsPos, scrolling = false, hasRendered = false, hasInit = false;
function setOptions(options) {
var _options = options || {};
_options.selectors & & (selectors = _options.selectors);
_options.container & & (container = _options.container);
_options.scrollTarget & & (scrollTarget = _options.scrollTarget);
_options.scroller & & (scroller = _options.scroller);
_options.disabled !== undefined & & (disabled = _options.disabled);
$headings = $(container).find(selectors).filter('[id]');
$scrollTarget = $(scrollTarget);
$scroller = $(scroller);
}
function calc() {
headingsPos = [];
$headings.each(function() {
headingsPos.push(Math.floor($(this).position().top));
});
}
function setState(element, disabled) {
var scrollTop = $scrollTarget.scrollTop(), i;
if (disabled || !headingsPos || headingsPos.length < 1 ) { return ; }
if (element) {
$activeCur = element;
} else {
for (i = 0; i < headingsPos.length ; i + + ) {
if (scrollTop >= headingsPos[i]) {
$activeCur = $tocLi.eq(i);
} else {
$activeCur || ($activeCur = $tocLi.eq(i));
break;
}
}
}
$activeLast & & $activeLast.removeClass('active');
($activeLast = $activeCur).addClass('active');
}
function render() {
if(!hasRendered) {
$root.append($tocUl);
$headings.each(function() {
var $this = $(this);
$tocUl.append($('< li > < / li > ').addClass('toc-' + $this.prop('tagName').toLowerCase())
.append($('< a > < / a > ').text($this.text()).attr('href', '#' + $this.prop('id'))));
});
$tocLi = $tocUl.children('li');
$tocUl.on('click', 'a', function(e) {
e.preventDefault();
var $this = $(this);
scrolling = true;
setState($this.parent());
$scroller.scrollToAnchor($this.attr('href'), 400, function() {
scrolling = false;
});
});
}
hasRendered = true;
}
function init() {
var interval, timeout;
if(!hasInit) {
render(); calc(); setState(null, scrolling);
// run calc every 100 millisecond
interval = setInterval(function() {
calc();
}, 100);
timeout = setTimeout(function() {
clearInterval(interval);
}, 45000);
window.pageLoad.then(function() {
setTimeout(function() {
clearInterval(interval);
clearTimeout(timeout);
}, 3000);
});
$scrollTarget.on('scroll', function() {
disabled || setState(null, scrolling);
});
$window.on('resize', window.throttle(function() {
if (!disabled) {
render(); calc(); setState(null, scrolling);
}
}, 100));
}
hasInit = true;
}
setOptions(options);
if (!disabled) {
init();
}
$window.on('resize', window.throttle(function() {
init();
}, 200));
return {
setOptions: setOptions
};
}
$.fn.toc = toc;
});
})();
/*(function () {
})();*/
< / script > < script >
/* toc must before affix, since affix need to konw toc' height. */(function() {
var SOURCES = window.TEXT_VARIABLES.sources;
var TOC_SELECTOR = window.TEXT_VARIABLES.site.toc.selectors;
window.Lazyload.js(SOURCES.jquery, function() {
var $window = $(window);
var $articleContent = $('.js-article-content');
var $tocRoot = $('.js-toc-root'), $col2 = $('.js-col-aside');
var toc;
var tocDisabled = false;
var hasSidebar = $('.js-page-root').hasClass('layout--page--sidebar');
var hasToc = $articleContent.find(TOC_SELECTOR).length > 0;
function disabled() {
return $col2.css('display') === 'none' || !hasToc;
}
tocDisabled = disabled();
toc = $tocRoot.toc({
selectors: TOC_SELECTOR,
container: $articleContent,
scrollTarget: hasSidebar ? '.js-page-main' : null,
scroller: hasSidebar ? '.js-page-main' : null,
disabled: tocDisabled
});
$window.on('resize', window.throttle(function() {
tocDisabled = disabled();
toc & & toc.setOptions({
disabled: tocDisabled
});
}, 100));
});
})();
(function() {
var SOURCES = window.TEXT_VARIABLES.sources;
window.Lazyload.js(SOURCES.jquery, function() {
var $window = $(window), $pageFooter = $('.js-page-footer');
var $pageAside = $('.js-page-aside');
var affix;
var tocDisabled = false;
var hasSidebar = $('.js-page-root').hasClass('layout--page--sidebar');
affix = $pageAside.affix({
offsetBottom: $pageFooter.outerHeight(),
scrollTarget: hasSidebar ? '.js-page-main' : null,
scroller: hasSidebar ? '.js-page-main' : null,
scroll: hasSidebar ? $('.js-page-main').children() : null,
disabled: tocDisabled
});
$window.on('resize', window.throttle(function() {
affix & & affix.setOptions({
disabled: tocDisabled
});
}, 100));
window.pageAsideAffix = affix;
});
})();
< / script > <!-- -->
< / div >
< script > ( f u n c t i o n ( ) {
var $root = document.getElementsByClassName('root')[0];
if (window.hasEvent('touchstart')) {
$root.dataset.isTouch = true;
document.addEventListener('touchstart', function(){}, false);
}
})();
< / script >
< / body >
< / html >