Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

[OIDC] Get and run Keycloak on Linux Locally #6

Open
RyanL1997 opened this issue Nov 15, 2023 · 0 comments
Open

[OIDC] Get and run Keycloak on Linux Locally #6

RyanL1997 opened this issue Nov 15, 2023 · 0 comments
Labels
documentation Improvements or additions to documentation

Comments

@RyanL1997
Copy link
Owner

RyanL1997 commented Nov 15, 2023

Introduction

To set up a local testing environment for OIDC with Keycloak and OpenSearch on your Mac, you'll want to follow a series of steps that replicate what your GitHub Actions workflow does. Below is a step-by-step guide to set up Keycloak, OpenSearch, and the necessary configurations for OIDC.

Steps

Prerequisites: Make sure you have Java installed, as both OpenSearch and Keycloak require it.
Install wget and curl if they are not already installed on your Mac.
You'll also need Node.js if you don't have it, as it's required for fetching the OpenSearch version from package.json.
Make sure you have OpenSearch and Keycloak downloaded, or you can use wget as in your workflow.

  1. Export some version variables:
export KEYCLOAK_VERSION='21.0.1'
  1. Download and Unpack Keycloak:
echo "Downloading Keycloak $KEYCLOAK_VERSION"
wget https://github.com/keycloak/keycloak/releases/download/$KEYCLOAK_VERSION/keycloak-$KEYCLOAK_VERSION.tar.gz
echo "Unpacking Keycloak"
tar -xzf keycloak-$KEYCLOAK_VERSION.tar.gz
  1. Start Keycloak:
export KEYCLOAK_ADMIN=admin
export KEYCLOAK_ADMIN_PASSWORD=admin
cd keycloak-$KEYCLOAK_VERSION/bin
chmod +x kc.sh
echo "Starting keycloak"
./kc.sh start-dev --http-enabled=true --hostname-strict-https=false --http-host=localhost --http-relative-path /auth --health-enabled=true &
  1. Set up Keycloak Admin CLI and Create Client
chmod +x kcadm.sh
./kcadm.sh config credentials --server http://localhost:8080/auth --realm master --user admin --password admin
CID=$(./kcadm.sh create clients -r master -s clientId=opensearch -s 'redirectUris=["http://localhost:5603/auth/openid/login", "http://localhost:5601", "http://localhost:5601/auth/openid/login"]' -s 'secret=oacHfNaXyy81r2uHq1A9RY4ASryre4rZ' -i)
  1. Create Client Mapper:
echo "Creating client mapper"
./kcadm.sh create clients/$CID/protocol-mappers/models  -r master -s 'config."id.token.claim"=true' -s 'config."multivalued"=true' -s 'config."claim.name"="roles"' -s 'config."userinfo.token.claim"=true' -s 'config."access.token.claim"=true' -s 'name=rolemapper' -s 'protocolMapper=oidc-usermodel-realm-role-mapper' -s "protocol=openid-connect"
@RyanL1997 RyanL1997 added the documentation Improvements or additions to documentation label Nov 15, 2023
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
documentation Improvements or additions to documentation
Projects
None yet
Development

No branches or pull requests

1 participant