Live demo for authentication

Using:

Keycloak for authentication
React for client usecase
OPA for service token signitaure verify usecase

not recommend using OPA to do http request inside, just for examplify

Quick start

step 1. service up

cd images/
# run keycloak, react, and opa
# using nginx proxy them to http://localhost 
docker-compose up

step 2. authentication

visit http://localhost/

login info:

name: myuser
pwd: myuser

will show token info in the page after pass authentication

see code in src/KeycloakProvider.tsx

step 3. token verify

visit http://localhost/verify

after authentication, will using access_token to request OPA verify api, which show the normal process of token verification.

(just using the token's issuer configration.)

see code in images/opa/verify.rego

Related technical concepts

Summary-zh

OAuth, OpenID Connect, and SAML

What’s the Difference Between OAuth, OpenID Connect, and SAML?

OpenID Connect (oidc)

more details in: openid.net

Oauth 2.0

https://www.ruanyifeng.com/blog/2014/05/oauth_2_0.html

more details in: oauth.net

Authentication vs. Authorization

more details in Authentication vs. Authorization

Standard flow with PKCE

more details in: OAuth 2.0: Implicit Flow is Dead, Try PKCE Instead

About

Live demo of Keycloak authentication

http://blog.newbmiao.com/2021/09/19/tech-behind-authentication.html

Languages

Language:TypeScript 47.3%Language:HTML 16.6%Language:Open Policy Agent 12.9%Language:JavaScript 10.6%Language:Shell 5.9%Language:Dockerfile 5.3%Language:CSS 1.4%