About
This initializes a Keycloak instance using the mrparkers/terraform-provider-keycloak Terraform provider.
This will:
- Create a test Keycloak instance inside a docker container using docker compose.
- Create the
example
realm.- Create the
alice
user. - Create the
administrators
group.- Assign the
example-go-saml
clientadministrator
role. - Add the
alice
user as a member.
- Assign the
- Create the
example-csharp-public-device
client - Create the
example-go-confidential
client. - Create the
example-go-saml
client.- Create the
administrator
role.
- Create the
- Create the
example-react-public
client.
- Create the
- Start the example
example-csharp-public-device
client (and test it).- Uses the OAuth 2.0 Device Authorization Grant (aka Device Flow).
- Start the example
example-go-confidential
client (and test it).- Uses the OAuth 2.0 Authorization Code Grant.
- Uses the Proof Key for Code Exchange (PKCE) extension.
- Start the example
example-go-saml
client (and test it).- Uses SAML 2.0.
- Start the example
example-react-public
client (and test it).- Uses OAuth 2.0 Authorization Code Grant.
- Uses the Proof Key for Code Exchange (PKCE) extension.
Usage
Install docker compose.
Add the following to your machine hosts
file:
127.0.0.1 keycloak.test
127.0.0.1 mail.test
127.0.0.1 example-go-confidential.test
127.0.0.1 example-go-saml.test
127.0.0.1 example-react-public.test
Start the environment:
./create.sh
Try the example applications displayed by the above command. E.g., try the
OpenID Connect Confidential Client as the alice
:alice
user at:
http://example-go-confidential.test:8081/auth/login
When anything goes wrong, you can try to troubleshoot at:
docker compose logs --follow
- http://keycloak.test:8080/realms/example/.well-known/openid-configuration (Keycloak OIDC configuration)
- http://keycloak.test:8080/realms/example/protocol/saml/descriptor (Keycloak SAML configuration)
- http://keycloak.test:8080 (Keycloak; login as
admin
:admin
) - http://mail.test:8025 (MailHog (email server))
- For SAML troubleshooting, you can use the browser developer tools to capture the requests/responses and paste them in the SAML Decoder & Parser at https://www.scottbrady91.com/tools/saml-parser.
Destroy everything:
./destroy.sh
List this repository dependencies (and which have newer versions):
export GITHUB_COM_TOKEN='YOUR_GITHUB_PERSONAL_TOKEN'
./renovate.sh