Vincent vincentchalamon
vincentchalamon
/ docker-compose.yaml
Last active
August 11, 2023 10:30
API Platform Keycloak Docker Compose
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # docker-compose.yaml | |
| version: "3.8" | |
| services: | |
| keycloak-database: | |
| image: postgres:15-alpine | |
| volumes: | |
| - keycloak_db_data:/var/lib/postgresql/data:rw | |
| environment: | |
| POSTGRES_DB: keycloak |
vincentchalamon
/ hwi_oauth.yaml
Created
March 4, 2022 15:45
API Platform Keycloak hwi/oauth-bundle Configuration
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # config/packages/hwi_oauth.yaml | |
| hwi_oauth: | |
| resource_owners: | |
| keycloak: | |
| type: keycloak | |
| base_url: <keycloak_url> # should look like https://www.example.com/auth | |
| realm: <realm_name> | |
| client_id: <client_id> | |
| client_secret: <client_secret> |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # config/packages/security.yaml | |
| security: | |
| enable_authenticator_manager: true | |
| providers: | |
| app_user_provider: | |
| entity: | |
| class: App\Entity\User | |
| property: email | |
| firewalls: | |
| main: |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| OIDC_SERVER_URL=https://localhost/oidc/realms/demo | |
| OIDC_SWAGGER_CLIENT_ID=api-platform-swagger |
vincentchalamon
/ security.yaml
Last active
August 11, 2023 11:23
Symfony Security configuration using AccessTokenAuthenticator
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # api/config/packages/security.yaml | |
| security: | |
| firewalls: | |
| main: | |
| pattern: ^/ | |
| access_token: | |
| token_handler: | |
| oidc: | |
| # Algorithm used to sign the JWS | |
| algorithm: 'ES256' |
vincentchalamon
/ docker-compose.yml
Last active
June 5, 2023 09:35
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| version: "3.8" | |
| services: | |
| # ... | |
| keycloak-config-cli: | |
| image: bitnami/keycloak-config-cli:5-debian-11 | |
| environment: | |
| KEYCLOAK_URL: http://caddy/oidc/ | |
| KEYCLOAK_USER: ${KEYCLOAK_USER:-admin} |
vincentchalamon
/ Caddyfile
Last active
June 5, 2024 14:46
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # ... | |
| # Matches requests for OIDC routes | |
| @oidc expression path('/oidc/*') | |
| route { | |
| # ... | |
| reverse_proxy @oidc http://{$OIDC_UPSTREAM} | |
| } |
vincentchalamon
/ security.yaml
Created
June 1, 2023 13:40
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| security: | |
| firewalls: | |
| main: | |
| access_token: | |
| token_handler: | |
| # OIDC_SERVER_URL_INTERNAL: https://caddy/oidc/realms/demo | |
| oidc_user_info: '%env(OIDC_SERVER_URL_INTERNAL)%/protocol/openid-connect/userinfo' |
vincentchalamon
/ [...nextauth].tsx
Last active
June 1, 2023 15:02
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| import NextAuth from "next-auth" | |
| import KeycloakProvider from "next-auth/providers/keycloak" | |
| export const authOptions = { | |
| // Configure one or more authentication providers | |
| providers: [ | |
| KeycloakProvider({ | |
| id: 'keycloak', | |
| clientId: process.env.OIDC_CLIENT_ID, | |
| issuer: process.env.OIDC_SERVER_URL, |
vincentchalamon
/ [...nextauth].tsx
Created
June 1, 2023 15:03
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| import NextAuth, { AuthOptions, SessionOptions } from "next-auth"; | |
| import { type TokenSet } from "next-auth/core/types"; | |
| import KeycloakProvider from "next-auth/providers/keycloak"; | |
| import { OIDC_CLIENT_ID, OIDC_SERVER_URL } from "../../../config/keycloak"; | |
| interface Session extends SessionOptions { | |
| accessToken: string | |
| error?: "RefreshAccessTokenError" | |
| } |