search

Finbuckle / Finbuckle.MultiTenant

Finbuckle.MultiTenant is an open-source multitenancy middleware library for .NET. It enables tenant resolution, per-tenant app behavior, and per-tenant data isolation.
https://www.finbuckle.com/multitenant
Apache License 2.0
1.29k stars 265 forks source link

PerTenantAuthentication with Keycloak #669

Open jhenrich opened 1 year ago

jhenrich commented 1 year ago

Hi, I am currently trying to integrate the package into our project (Blazor Server Side). I want each tenant to use a realm in keycloak for authentication.

Now I have the problem that I don't know how exactly to configure the whole thing.

I managed to call my tenants with tenant1.url, works great. But now I don't know what to do.

I tried to follow the following example

My problem is that if I add this

services.AddAuthentication(CookieAuthenticationDefaults.AuthenticationScheme)
            .AddCookie()
            .AddOpenIdConnect();

This is how i configured it at the moment

builder.Services.AddAuthentication(CookieAuthenticationDefaults.AuthenticationScheme)
    .AddCookie();

builder.Services.AddMultiTenant<TenantInfo>()
    .WithHostStrategy()
    .WithConfigurationStore()
    .WithRemoteAuthenticationCallbackStrategy();

I get the error that the ClientId is not set. I use the appSettings.json file mentioned on the page as an example.

Maybe I have a misunderstanding here, but how does the openID Connect login page work? I have not found in the docs, but perhaps also overlooked. Maybesome someone can point me in the right direction :)

Best regards

AndrewTriesToCode commented 1 year ago

Hi, take a look at this older sample: https://github.com/Finbuckle/Finbuckle.MultiTenant/tree/v6.9.0/samples/ASP.NET%20Core%203/PerTenantAuthenticationSample

Check the app pipeline config and and the user of 'WithPerTenantAuthentication. You'll see in theappsettings.jsonthat each tenant has some properties thatWithPerTenantAuthentication` will use by convention to set their specific OpenId Connect settings.