GARAGENUM/keycloak-gatekeeper
GARAGENUM/keycloak-gatekeeper
15
1
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

ajout illustrations config

Browse Source
This commit is contained in:
Grégory Lebreton 2024-03-04 09:18:26 +01:00
parent 838b2d7388
commit c98c83edf6
7 changed files with 43 additions and 14 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

49
README.md
View File

@ -2,48 +2,69 @@
Proxy pour service redirigeant vers Keycloak pour authentification
## PRE REQUIS
![](docs/principe.png)
- Docker / docker compose
## PRE REQUIS :paperclip:
- Docker / docker compose :whale:
- Instance Keycloak
## CONFIFURATION
## CONFIFURATION :wrench:
### Gatekeeper
#### Config file (TO DO):
- Renseigner gatekeeper-config.yml:
```bash
# TO DO
```
#### Commandes:
#### DOCKER COMPOSE
- Renseigner les champs suivants:
```bash
- "--discovery-url=https://<MON_KEYCLOAK>/auth/realms/<MON_REALM>/.well-known/openid-configuration"
- "--client-id=<CLIENT_ID>"
- "--client-secret=<CLIENT_SECRET>"
# le port écouté doit être le même que celui mappé sur l'hôte
- "--listen=0.0.0.0:8880"
- "--upstream-url=http://<MON_SERVICE>:<PORT>"
```
### Keycloak
:warning: Le port renseigné dans "--upstream-url=http://<MON_SERVICE>:<PORT>" doit correspondre au port exposé par le conteneur.
:skull: Les port mappés pour le service gatekeeper doivent être les mêmes et doivent correspondre avec celui renseigné au niveau de "--listen=0.0.0.0:8880"
### Keycloak :key:
- Créer un client:
```bash
![keycloak illustration](docs/keycloak-1.png)
![keycloak illustration](docs/keycloak-2.png)
> Le client secret se trouve dans l'inglet "credentials"
- Créer une audience:
![keycloak illustration 2](docs/keycloak-3.png)
![keycloak illustration](docs/keycloak-4.png)
## UTILISATION :rocket:
- Cloner le projet:
```bash
git clone --submodules https://git.legaragenumerique.fr/GARAGENUM/keycloak-gatekeeper
cd keycloak-gatekeeper
```
![keycloak illustration](docs/pic_1.png)
## UTILISATION
- Lancer les conteneurs:
```bash
docker compose up -d
```
## TO DO
## TO DO :bookmark_tabs:
- [ ] Injecter gatekeeper-config.yml via volumes
- [ ] Keycloak client config illustrations
- [X] Keycloak client config illustrations
- [ ] Illustration workflow

8
docker-compose.yml
View File

@ -1,8 +1,16 @@
version: "3.9"
services:
service:
image: exemple.service
# ports:
# - NO:NO
gatekeeper:
image: dockerregistry.legaragenumerique.fr/gatekeeper
build:
context: keycloak-gatekeeper/
container_name: gatekeeper
restart: always
ports:

BIN
docs/keycloak-1.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 106 KiB

BIN
docs/keycloak-2.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 84 KiB

BIN
docs/keycloak-3.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 74 KiB

BIN
docs/keycloak-4.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 55 KiB

BIN
docs/principe.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 297 KiB