ncarlier / kong-integration-samples Goto Github PK

Hi,

First of all - thanks for the amazing job for putting together this useful tutorial for integrating Keycloak and Kong.

I successfully setup the 2 with their respective configs (Chuck API protected by Nokia-OIDC plugin).

When I try to access the /chuck API I am well redirected to the keycloack login page, however after submitting the credentials, I am getting a 500 errors (browser and curl):

"request to the redirect_uri_path but there's no session state found" (and I can see the session cookies)

it looks like it's related to lua-resty-openidc and the session storage.
In your example are you experiencing the same at all ? Is there anything I am missing ?

Kong version: 0.11.1
kong-oidc: 1.0.4

Thanks !

Great work on these! I encourage you to further publicize your work with the Kong community by announcing it on Kong Nation https://discuss.konghq.com/c/announcements

kelfink/kong-konga-cognito-docker#1

I've grabbed this docker-compose.yml file and made a switch to just rely on the "kong:latest" image for kong, instead of a local build, and not using your ncarlier build. Not sure why but lots of errors. Do I need to be using your image for this to work? See errors at issue. thanks, and sorry it's a bit off topic to our repo.

Thanks for the beautiful docker-compose which works great when deployed using docker-compose up -d --build but I want to deploy it in docker stack, which is not deploying the service at all.

I believe I have done all necessary changes required for deploying to docker stack.
Thanks

Was not able to make with-keycloak build deploy.
Few more packages were needed:

RUN yum install -y openssl-devel gcc

Hi,
When I ran make logs service=elasticsearch, I got a error make: *** No rule to make target 'logs'. Stop..
Did I miss something?

https://ncarlier.gitbooks.io/oss-api-management/content/howto-kong_with_keycloak.html
I don't know validation
1.Keycloak: generate token
2. Send token to Kong? I don't know check token in Kong. Please help me>?

Hello Ncarlier,
The blog was very helpfull to work with kong. I need some help in how to access the protected api localhost:9000/chuck on the browser by passing the access_token. It would be really helpfull.

I have client side application running on localhost:3000 and this link takes me to sample realm login once i login and try to access localhost:9000/chuck it gives unauthorized message.

client side code:

function getchuck () {
get('http://localhost:9000/chuck')
}

function getfree () {
get('http://localhost:9000/data1')
}

const div = document.getElementById('response')
function get (route) {
let req = new XMLHttpRequest
req.open('GET', route, true)
req.setRequestHeader('Accept', 'application/json')
req.setRequestHeader('Authorization', 'Bearer ' + keycloak.token)
req.onreadystatechange = function () {
if (req.readyState === 4) {
if (req.status === 200) {
div.innerText = req.responseText
} else {
div.innerText = 'Request returned: ' + req.status
}
}
}
req.send()
}

server side code:

app.get('/free',cors(), function (req, res) {
if (!req.headers['authorization']) return res.end()
let encToken = req.headers['authorization'].replace(/Bearer\s/, '')
let decToken = jwt.decode(encToken)
let clientAccess = decToken.resource_access['demo-client']
if (clientAccess && clientAccess.roles.includes('subscribed'))
res.json(['cat', 'dog', 'cow'])
else
res.json([])
})

I have added cors plugin to my services and routes.

Thanks,
Nayana