Description
Keycloak authentication extension (auth adapter) with predefined configuration and authorization policies requirements.
It's simplify integration with auth service, all you needs it's just drop the installation keycloak client's file
(keycloak.json) in root application folder.
Setup
Authentication
- Allow to application reads client installation file from the root directory
public class Program
{
public static void Main(string[] args)
{
CreateWebHostBuilder(args).Build().Run();
}
public static IWebHostBuilder CreateWebHostBuilder(string[] args) =>
WebHost.CreateDefaultBuilder(args)
// New line
.UseKeycloak()
.UseStartup<Startup>();
}- Add Keycloak authentication functionality and authorization policies
public void ConfigureServices(IServiceCollection services)
{
// New line
services.AddKeycloakAuthentication(Configuration);
services.AddAuthorization(config => /* ... */);
}
public void Configure(IApplicationBuilder app, IWebHostEnvironment env)
{
app.UseAuthentication();
app.UseAuthorization();
}- Enjoy
Autosigning HttpClient
- Do first two steps from
Authenticationsection - Configure http client
public void ConfigureServices(IServiceCollection services)
{
services.AddKeycloakHttpClient<IMicroserviceTwo, MicroserviceTwo>(c => { /* ... */ });
services.AddKeycloakHttpClient<IMicroserviceThree, MicroserviceThree>(c => { /* ... */ });
}- Done. Just invoke
IMicroserviceTwoorIMicroserviceThreewhenever and don't think about auth tokens.
Features
- Authentication with autosetup through
keycloak.jsonfile - HttpClient with auto obtaining and refreshing access_token
- Predefined authorization policy requirements
3.1.ResourceAccess- allows to check roles from different resources
TODO
[ ] More predefined policy requirements
[ ] Importing Authorization configuration from Keycloak ([service-id]-authz-config.json)