Some setup to be able to test an OIDC client
The problem: when you are trying to debug and test an OIDC client locally, it is difficult. There are two main players that play a huge role: the OIDC Server and the load balancer that sits in front of your service.
The second player, the load balancer, can be easy to forget if you are testing your application locally. However, when you are deploying your application to a cluster without sticky sessions, the load balancer plays a big role and its nice to be able to test this locally.
To create a test service, we use keycloak. To create a test loadbalancer, we use nginx.
This setup uses Docker and bash.
There are a few steps of setup for both the OIDC server and the loadbalancer.
- Start you application locally on a few ports
- Modify the
bin/nginx/nginx.conf. Theserver host.docker.internal:5677lines should be modified so that you have one line for each instance of your service that is running and the port afterhost.docker.internalis the port that the instance is running on - Run
./bin/create. This will create a keycloak docker image, create an OIDC client within that image (printing the client secret to the console), and set up and start an NGINX using the config inbin/nginx/nginx.conf
The options for the create script can be modified using environment variables:
CLIENT_IDspecifies the id of the client that will be generated (default: myclient)NGINX_CONFspecifies the absolute path to the nginx config that will be used (by default,bin/nginx.conf)REDIRECT_URLfor your application. Defaults tohttp://localhost/*which is the wildcard for the loadbalancer which is started with the nginx config
Once you've set up your playground, you can start it with ./bin/start and stop it with ./bin/stop
Delete everything with ./bin/remove
oidc-testing-playground is Open Source software released under the Apache 2.0 license.