Keycloak: Difference between revisions
Jump to navigation
Jump to search
| Line 50: | Line 50: | ||
KEYCLOAK_USER: admin | KEYCLOAK_USER: admin | ||
KEYCLOAK_PASSWORD: password | KEYCLOAK_PASSWORD: password | ||
</syntaxhighlight> | |||
==Migrating From 7.0.0== | |||
Export from 7.0.0 | |||
<syntaxhighlight lang="bash"> | |||
/opt/jboss/keycloak/bin/standalone.sh \ | |||
-Djboss.socket.binding.port-offset=100 \ | |||
-Dkeycloak.migration.action=export \ | |||
-Dkeycloak.migration.provider=singleFile \ | |||
-Dkeycloak.migration.file=/tmp/keycloak-export.json | |||
</syntaxhighlight> | |||
Import to 12.0.1 | |||
<syntaxhighlight lang="bash"> | |||
/opt/jboss/keycloak/bin/standalone.sh \ | |||
-Djboss.socket.binding.port-offset=100 \ | |||
-Dkeycloak.migration.action=import \ | |||
-Dkeycloak.profile.feature.upload_scripts=enabled \ | |||
-Dkeycloak.migration.provider=singleFile \ | |||
-Dkeycloak.migration.file=/tmp/keycloak-export.json >/tmp/bollocks2.log 2>&1 | |||
</syntaxhighlight> | </syntaxhighlight> | ||
Revision as of 05:52, 2 April 2021
Setting up Server
Install Podman=
sudo apt install podman
Create Image
podman pull quay.io/keycloak/keycloak
# Note I run tomcat so changed the ports from 8080
# quay.io/keycloak/keycloak:12.0.1
podman run -d \
--name keycloak \
-p 8081:8080 \
-e KEYCLOAK_USER=admin \
-e KEYCLOAK_PASSWORD=password \
-e KEYCLOAK_IMPORT=/tmp/one-realm.json,/tmp/two-realm.json \
quay.io/keycloak/keycloak:7.0.0
Moving to Docker
Stopping and starting
sudo docker-compose up -d
sudo docker-compose down
Could not get the keycloak to work in Podman so moved to docker
version: '3'
services:
keycloak:
image: jboss/keycloak:12.0.1
ports:
- "9999:8080"
environment:
KEYCLOAK_USER: admin
KEYCLOAK_PASSWORD: password
KEYCLOAK_IMPORT: /tmp/one-realm.json,/tmp/two-realm.json
volumes:
- "./realms:/tmp"
version: '3'
services:
keycloak:
image: quay.io/keycloak/keycloak:12.0.1
ports:
- "9999:8080"
environment:
KEYCLOAK_USER: admin
KEYCLOAK_PASSWORD: password
Migrating From 7.0.0
Export from 7.0.0
/opt/jboss/keycloak/bin/standalone.sh \
-Djboss.socket.binding.port-offset=100 \
-Dkeycloak.migration.action=export \
-Dkeycloak.migration.provider=singleFile \
-Dkeycloak.migration.file=/tmp/keycloak-export.json
Import to 12.0.1
/opt/jboss/keycloak/bin/standalone.sh \
-Djboss.socket.binding.port-offset=100 \
-Dkeycloak.migration.action=import \
-Dkeycloak.profile.feature.upload_scripts=enabled \
-Dkeycloak.migration.provider=singleFile \
-Dkeycloak.migration.file=/tmp/keycloak-export.json >/tmp/bollocks2.log 2>&1
Configure Keycloak
If using docker you need to change podman to docker Disable https
podman exec -it keycloak bash
cd /opt/jboss/keycloak/bin
./kcadm.sh config credentials --server http://localhost:8080/auth --realm master --user admin
./kcadm.sh update realms/master -s sslRequired=NONE
Generate a Token
I used online help to set the server up. Especially https://medium.com/devops-dudes/securing-node-js-express-rest-apis-with-keycloak-a4946083be51
curl -X POST 'http://localhost:9999/auth/realms/one/protocol/openid-connect/token' \
--header 'Content-Type: application/x-www-form-urlencoded' \
--data-urlencode 'grant_type=password' \
--data-urlencode 'client_id=app' \
--data-urlencode 'client_secret=not this dummy' \
--data-urlencode 'username=carol' \
--data-urlencode 'password=carol' | jq