🐛 [Backport-Release-0.1] Add forwarding headers to reverse proxy for …

…keycloak (#822) (#918)

With this, I can run the below and login correctly with auth enabled

`kubectl port-forward svc/tackle-ui 7080:8080 -n konveyor-tackle`

Fixes #821

For more info on debugging this, I captured some rough notes here:
https://gist.github.com/jwmatthews/25ad0f2814d8bb6796649dcd22be4ed1

---------

Signed-off-by: John Matthews <[email protected]>
(cherry picked from commit 01eb1b9)

<!--
## PR Title Prefix

Every **PR Title** should be prefixed with :text: to indicate its type.

- Breaking change: ⚠️ (`⚠️`)
- Non-breaking feature: ✨ (`✨`)
- Patch fix: 🐛 (`🐛`)
- Docs: 📖 (`📖`)
- Infra/Tests/Other: 🌱 (`🌱`)
- No release note: 👻 (`👻`)

For example, a pull request containing breaking changes might look like
`⚠️ My pull request contains breaking changes`.

Since GitHub supports emoji aliases (ie. `👻`), there is no need to
include
the emoji directly in the PR title -- **please use the alias**. It used
to be
the case that projects using emojis for PR typing had to include the
emoji
directly because GitHub didn't render the alias. Given that `⚠️`
is
easy enough to read as text, easy to parse in release tooling, and
rendered in
GitHub well, we prefer to standardize on the alias.

For more information, please see the Konveyor
[Versioning
Doc](https://github.com/konveyor/release-tools/blob/main/VERSIONING.md).
-->

Co-authored-by: John Matthews <[email protected]>

server/setupProxy.js

@@ -7,6 +7,23 @@ module.exports = function (app) {
       target: process.env.KEYCLOAK_SERVER_URL || "http://localhost:9001",
       changeOrigin: true,
       logLevel: process.env.DEBUG ? "debug" : "info",
+      onProxyReq: (proxyReq, req, res) => {
+        // Keycloak needs these header set so we can function in Kubernetes (non-OpenShift)
+        // https://www.keycloak.org/server/reverseproxy
+        //
+        // Note, on OpenShift, this works as the haproxy implementation
+        // for the OpenShift route is setting these for us automatically
+        //
+        // We saw problems with including the below broke the OpenShift route
+        //  {"X-Forwarded-Proto", req.protocol} broke the OpenShift
+        //  {"X-Forwarded-Port", req.socket.localPort}
+        //  {"Forwarded", `for=${req.socket.remoteAddress};proto=${req.protocol};host=${req.headers.host}`}
+        // so we are not including even though they are customary
+        //
+        proxyReq.setHeader("X-Forwarded-For", req.socket.remoteAddress);
+        proxyReq.setHeader("X-Real-IP", req.socket.remoteAddress);
+        proxyReq.setHeader("X-Forwarded-Host", req.headers.host);
+      },
     })
   );
   app.use(