Take the following steps to run NGINX Plus in a Docker container and test OIDC for Keycloak integration.
Note: You could remotely test in your remote machine if you copy entire files there.
-
Edit
hosts
file in your laptop via if you want to locally test your app:$ sudo vi /etc/hosts 127.0.0.1 nginx.keycloak.test 127.0.0.1 host.docker.internal
-
Download NGINX Plus license files, and copy them to
./docker/build-context/ssl/
nginx-repo.crt nginx-repo.key
-
Run a Web Browser with
http://nginx.keycloak.test:11000
, and enter anIdP application
'sclient ID
: -
Login to click
Sign in
button:Enter your name and password which are registered in Keycloak.
You will see the following screen once you are successfully signed-in.
-
Test a secured sample API with access token by clicking
Call a Sample Proxied API
:Note:
Modify an URI if you want to test one of your API endpoints where access token is included in the header.
- An endpoint of sample API is defined in
oidc_frontend_backend.conf
. You can add any API endpoint when you want to use an access token by referencing the following example:
location /v1/api/example { auth_jwt "" token=$id_token; auth_jwt_key_request /_jwks_uri; # Enable when using URL proxy_set_header Authorization "Bearer $access_token"; proxy_pass http://my_backend_app; access_log /var/log/nginx/access.log oidc_jwt; }
- An endpoint of sample API is defined in
-
Logout to click 'Sign out' button:
-
Stop Docker containers
$ make down
-
Remove Docker container images
$ make clean