Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

External Access

For users accessing CHEFS externally, navigate to the Keycloak login page. Under Configure > Clients > chefs-backend and chefs > Web Origins add an asterisk * which will solve the 403 Forbidden Error.

Common Services API Access

This service requires an IDIR account. You can open this link https://getok.nrsapi.gov.bc.ca/devportal/api-directory/3181?preview=false and https://api.gov.bc.ca/devportal/app/requestAccountapi-directory/3182?preview=false to request an account after logging in with your IDIR. This will provide you with an API client id and secret to the CHES and CDOGS service.

It’s not necessary to immediately obtain access to CHES and CDOGS. If you wanted to take advantage of the document generator and email service in the future then this is where you would do it.Cannot connect to the Docker daemon:.

...

403 Error

Accessing CHEFS from an external network may result in a forbidden access 403 Error. To fix this, navigate to the Keycloak login page at http://localhost:8082/ and log in with the username and password “admin” after you have completed the build process. Under Configure > Clients, for chefs-frontend, add an asterisk * to the Web Origins field. This will permit all CORS origins and should solve the 403 Forbidden Error.

If you are hosting keycloak on an openshift server, ensure that in your `chefs-server-config` that your server_kc_publickey matches the value found in your keycloak server. You can obtain that value by going to your realm settings, clicking on keys, then clicking on the public key button for RS256.

...

...

Using Test Installation JSON

By default, the build files are set up to support the ‘Development’ Installation JSON from the Common Hosted Single Sign-On (CSS) page. If you wish to use the ‘Test’ Installation JSON, navigate to http://localhost:8082/ and login to your Keycloak Administration Console. Under Configure > Identity Providers, change all the https://dev.loginproxy.gov.bc.ca URL’s to https://test.loginproxy.gov.bc.ca.

This can be accomplished as a more permanent solution by changing all the URL’s in realm-export.json from https://dev.loginproxy.gov.bc.ca to https://test.loginproxy.gov.bc.ca. If already built, this process will require you to delete the Docker containers and volumes, and rebuild CHEFS.

...

Cannot Connect to the Docker Daemon

Before running docker compose up, you will need to start the Docker daemon. Most Linux distributions use systemctl to start services and the macOS equivalent is launchctl. Use the following command sudo systemctl start docker to run the Docker daemon :

Code Block
sudo systemctl start docker

or

Code Block
sudo launchctl start docker

for Mac users.

(replace with launchctl for Mac). If you are using the Docker desktop app, starting the application and then running docker compose up will also work.

App not loading on localhost

...

Localhost Port

If your system cannot run on the default port http://localhost:8081/app/, but if you have issues where it is not loading, try the following:

...

Code Block
function loadKeycloak(config) {
  Vue.use(VueKeycloakJs, {
    init: { onLoad: 'check-sso', checkLoginIframe: false },
    config: {
      clientId: config.keycloak.clientId,
      realm: config.keycloak.realm,
      url: config.keycloak.serverUrl
    },
    onReady: () => {
      initializeApp(true, config.basePath);
    },
    onInitError: error => {
      console.error('Keycloak failed to initialize'); // eslint-disable-line no-console
      console.error(error); // eslint-disable-line no-console
    }
  });
}

setting the checkLoginIframevalue to false.

Before pushing your code, remember to revert the changes to main.js, removing the checkLoginIFrame variable from the code.

2. CORS Unblock Extension

In case you get an error message where access is blocked by CORS policy similar to the one below:

...

Download the CORS Unblock extension for chrome and enable the following settings:

...

This extension disables CORS security and should allow you to load the local instance of your applicationnavigate to the Keycloak login page at http://localhost:8082/ and log in with the username and password “admin” after you have completed the build process. Under Configure > Clients, for chefs-frontend, add your URI under the Valid Redirect URIs field.

...

For any other issues not covered on this page, kindly contact Jason Chung.