Simple Authproxy for Keycloak using nodejs and express and keycloak-connect

Use this when

• You want to have a local auth proxy that uses production near authentication
• You have some private projects that should be restricted to a defined group of people

The following instructions tell you, how to run this auth proxy locally. To get it running on a server, you will have to do some more manual steps, that are not described here. (Which include some more knowledge about networking, ssl, etc.)

Prerequisites:

• Installed Docker
• Installed NodeJs

Start a keycloak instance:

$ docker run -p 18080:8080 -e KEYCLOAK_USER=admin -e KEYCLOAK_PASSWORD=admin -e --name kc jboss/keycloak

This will run a keycloak container on port 18080. After running you will have access to the keycloak admin interface under http://localhost:18080/

• Login with admin/admin
• Configure a Realm (see https://github.com/keycloak/keycloak-nodejs-connect/tree/master/example): I called it: "my-super-realm"
• Create at least one user (and roles if needed)
• Configure a Client
  • Client Protocol: openid-connect
  • Access Type: confidential
• Go to clients -> Installation -> Select Keycloak OIDC JSON and copy the shown content to ./keycloak.json
• now run npm install
• now run npm start
• Start your application that shall be proxied
• open http://localhost:8081/
• Login should be shown, after successful login, you should be proxied to your application