Open ekomsctr opened 3 weeks ago
Hello,
Here is an example of MVC project. ref: https://nikiforovall.github.io/keycloak-authorization-services-dotnet/examples/web-app-mvc.html
Aspire provides some variables, but not all, you still need to complete the configuration by providing missing variables, like here (we provide clientId because Aspire don't know about your client registrations): https://nikiforovall.github.io/keycloak-authorization-services-dotnet/examples/aspire-web-api.html
I think combining these two example will do what you need
Thank you for the clear answer, by combining concepts from both the samples i got it working! Here's what i've ended up doing:
var clientId = builder.AddParameter("ClientId", false);
var project = builder.AddProject<Projects.Your_Project_Name>("management")
.WithExternalHttpEndpoints()
.WithReference(keycloak)
.WithEnvironment("Keycloak__ClientId", clientId)
Wired up the parameter inside the WebApp authentication setup
builder.Services.AddAuthentication(OpenIdConnectDefaults.AuthenticationScheme)
.AddKeycloakWebApp(
configureKeycloakOptions: options =>
{
builder.Configuration.GetSection(KeycloakAuthenticationOptions.Section).Bind(options);
},
configureOpenIdConnectOptions: options =>
{
// Other code omitted for brevity...
options.ClientId = builder.Configuration.GetValue<string>("KeyCloak:ClientId");
options.RequireHttpsMetadata = false;
// Other code omitted for brevity...
}
);
Doing so i hope i can (almost) seamlessy use the KeyCloak section when deploying the projects while still using .NET Aspire configuration perks. If you have any suggestions to improve this implementation, it would be greatly appreciated!
@ekomsctr looks good to me. However, you may consider the following suggestions:
ClientId
by adding Keycloak__Resource
(and maybe Keycloak__Credentials__Secret
if you need it), ref: https://github.com/NikiforovAll/keycloak-authorization-services-dotnet/blob/39333813c7ac188fdb02a4981adb2ca652dc1292/src/Keycloak.AuthServices.Authentication/WebAppExtensions/KeycloakWebAppAuthenticationBuilderExtensions.cs#L265
Hello,
i'm trying to use the library to authenticate my MVC Web App against a keycloak server. I could do so successfully (and it was very simple) with a Web Api project, but even following the sample i could not get it to work. Either i'm getting a "missing clientid in configuration" or a "missing authority, metadatahttps in the configuration".
Is this scenario supported? I have to specify something more in the .NET Aspire registration?
Edit: I manually added the Keycloak__ClientId env variables and now it's requiring https, is there any parameter to set this on the web app or should i add another env variable? Error: The MetadataAddress or Authority must use HTTPS unless disabled for development by setting RequireHttpsMetadata=false
Thanks in advance