DEV Community: Brecht Carnewal The latest articles on DEV Community by Brecht Carnewal (@carnewal). https://dev.to/carnewal https://media2.dev.to/dynamic/image/width=90,height=90,fit=cover,gravity=auto,format=auto/https:%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Fuser%2Fprofile_image%2F153812%2F277beca0-6bda-4ce7-b697-883c0619707c.png DEV Community: Brecht Carnewal https://dev.to/carnewal en Testing tRPC + Express with Jest and Supertest Brecht Carnewal Mon, 05 Feb 2024 10:51:48 +0000 https://dev.to/carnewal/testing-trpc-express-with-jest-and-supertest-4738 https://dev.to/carnewal/testing-trpc-express-with-jest-and-supertest-4738 <p>Spent quite a bit of time getting tRPC integrated into an existing Express based application. <br> This is a great setup because you can run the existing Express middleware (like auth validation, error &amp; metrics tracking) in front of tRPC.</p> <p>An interesting challenge was getting testing to work. You can't really create a <a href="https://trpc.io/docs/server/server-side-calls" rel="noopener noreferrer">caller</a> straight to the tRPC router because then you skip all of the Express middleware your production use cases may be using.</p> <p>We had an existing test setup with Jest + Supertest so I decided to build upon that. </p> <p>I was able to use the vanilla tRPC client to write tests by creating a custom link that uses supertest for request calling.</p> <p>Creating the client looks like this:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight typescript"><code><span class="kd">const</span> <span class="nx">client</span> <span class="o">=</span> <span class="nx">createTRPCClient</span><span class="o">&lt;</span><span class="nx">TRPCRouter</span><span class="o">&gt;</span><span class="p">({</span> <span class="na">links</span><span class="p">:</span> <span class="p">[</span><span class="nf">supertestLink</span><span class="p">(</span><span class="nx">app</span><span class="p">,</span> <span class="p">{</span> <span class="na">trpcPath</span><span class="p">:</span> <span class="dl">'</span><span class="s1">/api/v1/trpc</span><span class="dl">'</span><span class="p">,</span> <span class="na">headers</span><span class="p">:</span> <span class="p">{</span> <span class="na">Authorization</span><span class="p">:</span> <span class="nx">token</span> <span class="p">}</span> <span class="p">})],</span> <span class="na">transformer</span><span class="p">:</span> <span class="nx">superjson</span><span class="p">,</span> <span class="p">})</span> </code></pre> </div> <p>And then you can write your tests like this:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight typescript"><code><span class="nf">it</span><span class="p">(</span><span class="dl">'</span><span class="s1">creates a team</span><span class="dl">'</span><span class="p">,</span> <span class="k">async </span><span class="p">()</span> <span class="o">=&gt;</span> <span class="p">{</span> <span class="kd">const</span> <span class="nx">createResult</span> <span class="o">=</span> <span class="k">await</span> <span class="nx">client</span><span class="p">.</span><span class="nx">team</span><span class="p">.</span><span class="nx">createTeam</span><span class="p">.</span><span class="nf">mutate</span><span class="p">({</span> <span class="na">name</span><span class="p">:</span> <span class="dl">'</span><span class="s1">My new team</span><span class="dl">'</span><span class="p">,</span> <span class="p">})</span> <span class="nf">expect</span><span class="p">(</span><span class="nx">createResult</span><span class="p">?.</span><span class="nx">name</span><span class="p">).</span><span class="nf">toBe</span><span class="p">(</span><span class="dl">'</span><span class="s1">My new team</span><span class="dl">'</span><span class="p">)</span> <span class="p">})</span> </code></pre> </div> <p>You can find the implementation for the <code>supertestLink</code> in my repo:</p> <p><a href="https://github.com/Carnewal/trpc-supertest" rel="noopener noreferrer">https://github.com/Carnewal/trpc-supertest</a></p> <p>If anyone's interested I'll create an npm package for it :-)</p> <p>Brecht</p> trpc jest supertest express Import your bcrypt hashed user passwords into Keycloak Brecht Carnewal Sun, 23 Feb 2020 15:40:11 +0000 https://dev.to/carnewal/import-existing-users-with-bcrypt-hashed-passwords-in-keycloak-17oo https://dev.to/carnewal/import-existing-users-with-bcrypt-hashed-passwords-in-keycloak-17oo <p>If you're looking into migrating to <a href="https://www.keycloak.org/" rel="noopener noreferrer">Keycloak</a> as your auth provider, you've probably wondered how to import your current existing database's users, and more importantly those precious bcrypt hashed passwords. This short guide will show you the necessary steps.</p> <p>I assume you already have a Keycloak instance running on your local machine at port 8080. The Keycloak version I'm using at time of writing is 8.2. </p> <p>If you haven't already, install <a href="https://github.com/leroyguillaume/keycloak-bcrypt" rel="noopener noreferrer">keycloak-bcrypt</a> and the <code>jbcrypt</code> library on your keycloak instance. I've gathered the steps into a single script, I'm running Keycloak in a Docker container so the file locations might be different for you:</p> <div class="highlight js-code-highlight"> <pre class="highlight shell"><code> <span class="nv">KEYCLOAK_HOME</span><span class="o">=</span>~/keycloak curl https://repo1.maven.org/maven2/org/mindrot/jbcrypt/0.4/jbcrypt-0.4.jar <span class="o">&gt;</span> jbcrypt-0.4.jar <span class="nv">$KEYCLOAK_HOME</span>/bin/jboss-cli.sh <span class="nt">--command</span><span class="o">=</span><span class="s2">"module add --name=org.mindrot.jbcrypt --resources=jbcrypt-0.4.jar"</span> curl <span class="nt">-L</span> https://github.com/leroyguillaume/keycloak-bcrypt/releases/download/1.2.0/keycloak-bcrypt-1.2.0.jar <span class="o">&gt;</span> <span class="nv">$KEYCLOAK_HOME</span>/standalone/deployments/keycloak-bcrypt-1.2.0.jar </code></pre> </div> <p>Now you should restart Keycloak.</p> <p>You can start using the bcrypt hashing algorithm by setting it up under Authentication (the other settings are optional): </p> <p><a href="https://media.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fi%2Fiv78qe51nrhhz3lusm8e.png" class="article-body-image-wrapper"><img src="https://media.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fi%2Fiv78qe51nrhhz3lusm8e.png" alt="Keycloak Bcrypt setup"></a></p> <p>We'll write our migration in JavaScript. You'll have to create a new package (or use your existing migration framework) to run the migration in. </p> <p>Install the <a href="https://github.com/keycloak/keycloak-nodejs-admin-client" rel="noopener noreferrer">Keycloak admin client for node.js</a> with:<br> <code>npm i --save keycloak-admin</code></p> <p>You're all set to start migrating! Edit the below code snippet to your needs by changing the environments and adding attributes, roles or groups as you see necessary.</p> <div class="highlight js-code-highlight"> <pre class="highlight javascript"><code> <span class="k">import</span> <span class="nx">KeycloakAdminClient</span> <span class="k">from</span> <span class="dl">'</span><span class="s1">keycloak-admin</span><span class="dl">'</span><span class="p">;</span> <span class="kd">const</span> <span class="p">{</span> <span class="nx">AUTH_URL</span> <span class="o">=</span> <span class="dl">'</span><span class="s1">http://localhost:8080/auth</span><span class="dl">'</span><span class="p">,</span> <span class="nx">AUTH_REALM_NAME</span> <span class="o">=</span> <span class="dl">'</span><span class="s1">myRealmName</span><span class="dl">'</span><span class="p">,</span> <span class="nx">AUTH_ADMIN_USERNAME</span> <span class="o">=</span> <span class="dl">'</span><span class="s1">admin</span><span class="dl">'</span><span class="p">,</span> <span class="nx">AUTH_ADMIN_PASSWORD</span> <span class="o">=</span> <span class="dl">'</span><span class="s1">admin</span><span class="dl">'</span><span class="p">,</span> <span class="nx">AUTH_ADMIN_CLIENT</span> <span class="o">=</span> <span class="dl">'</span><span class="s1">admin-cli</span><span class="dl">'</span><span class="p">,</span> <span class="nx">AUTH_ADMIN_SECRET</span> <span class="o">=</span> <span class="dl">'</span><span class="s1">jriozejrioezjriorez</span><span class="dl">'</span><span class="p">,</span> <span class="c1">// ^ needed if your admin-cli client is set to confidential</span> <span class="p">}</span> <span class="o">=</span> <span class="nx">process</span><span class="p">.</span><span class="nx">env</span><span class="p">;</span> <span class="kd">const</span> <span class="nx">authClient</span> <span class="o">=</span> <span class="k">new</span> <span class="nc">KeycloakAdminClient</span><span class="p">({</span> <span class="na">baseUrl</span><span class="p">:</span> <span class="nx">AUTH_URL</span><span class="p">,</span> <span class="c1">// http://localhost:8080/auth</span> <span class="na">realmName</span><span class="p">:</span> <span class="nx">AUTH_REALM_NAME</span><span class="p">,</span> <span class="p">});</span> <span class="kd">const</span> <span class="nx">startMigration</span> <span class="o">=</span> <span class="k">async </span><span class="p">({</span> <span class="nx">database</span> <span class="p">})</span> <span class="o">=&gt;</span> <span class="p">{</span> <span class="k">await</span> <span class="nx">authClient</span><span class="p">.</span><span class="nf">auth</span><span class="p">({</span> <span class="na">username</span><span class="p">:</span> <span class="nx">AUTH_ADMIN_USERNAME</span><span class="p">,</span> <span class="na">password</span><span class="p">:</span> <span class="nx">AUTH_ADMIN_PASSWORD</span><span class="p">,</span> <span class="na">clientId</span><span class="p">:</span> <span class="nx">AUTH_ADMIN_CLIENT</span><span class="p">,</span> <span class="c1">// probably admin-cli</span> <span class="c1">// only needed if your admin client is set to confidential</span> <span class="na">clientSecret</span><span class="p">:</span> <span class="nx">AUTH_ADMIN_SECRET</span><span class="p">,</span> <span class="na">grantType</span><span class="p">:</span> <span class="dl">'</span><span class="s1">password</span><span class="dl">'</span><span class="p">,</span> <span class="p">});</span> <span class="kd">const</span> <span class="nx">existingUsers</span> <span class="o">=</span> <span class="k">await</span> <span class="nx">database</span><span class="p">.</span><span class="nx">users</span><span class="p">.</span><span class="nf">find</span><span class="p">();</span> <span class="k">for </span><span class="p">(</span><span class="kd">let</span> <span class="nx">existingUser</span> <span class="k">of</span> <span class="nx">existingUsers</span><span class="p">)</span> <span class="p">{</span> <span class="kd">const</span> <span class="nx">user</span> <span class="o">=</span> <span class="p">{</span> <span class="na">realm</span><span class="p">:</span> <span class="nx">AUTH_REALM_NAME</span><span class="p">,</span> <span class="na">credentials</span><span class="p">:</span> <span class="p">[</span> <span class="p">{</span> <span class="na">algorithm</span><span class="p">:</span> <span class="dl">'</span><span class="s1">bcrypt</span><span class="dl">'</span><span class="p">,</span> <span class="na">hashedSaltedValue</span><span class="p">:</span> <span class="nx">existingUser</span><span class="p">.</span><span class="nx">password</span><span class="p">,</span> <span class="c1">// the bcrypt-hashed password</span> <span class="na">hashIterations</span><span class="p">:</span> <span class="mi">10</span><span class="p">,</span> <span class="na">type</span><span class="p">:</span> <span class="dl">'</span><span class="s1">password</span><span class="dl">'</span><span class="p">,</span> <span class="p">},</span> <span class="p">],</span> <span class="na">email</span><span class="p">:</span> <span class="nx">existingUser</span><span class="p">.</span><span class="nx">email</span><span class="p">,</span> <span class="na">username</span><span class="p">:</span> <span class="nx">existingUser</span><span class="p">.</span><span class="nx">email</span><span class="p">,</span> <span class="na">emailVerified</span><span class="p">:</span> <span class="kc">true</span><span class="p">,</span> <span class="na">enabled</span><span class="p">:</span> <span class="kc">true</span><span class="p">,</span> <span class="p">};</span> <span class="k">await</span> <span class="nx">authClient</span><span class="p">.</span><span class="nx">users</span><span class="p">.</span><span class="nf">create</span><span class="p">(</span><span class="nx">user</span><span class="p">);</span> <span class="p">}</span> <span class="p">};</span> </code></pre> </div> <p>Et voilĂ . Your existing users were migrated to Keycloak and they'll still be able to log in with the same password as they would before. </p> <p>Until next time!</p> keycloak bcrypt password authentication