search

nokia / kong-oidc

OIDC plugin for Kong
Apache License 2.0
454 stars 320 forks source link

How to configure route with oidc plugin ? #145

Open WoodyFleurant opened 4 years ago

WoodyFleurant commented 4 years ago

I am able to configure routes with oidc using admin api. However, using kubernetes KongPlugin resource it does not work, and i don't see any error logs. Configuration seems to be 'skipped'.

apiVersion: configuration.konghq.com/v1
kind: KongIngress
metadata:
  name: https-only
route:
  protocols:
    - https
---
apiVersion: configuration.konghq.com/v1
kind: KongPlugin
metadata:
  name: oidc-kibana
config:
  client_id: kibana
  client_secret: toto
  discovery: https://keycloak.toto.com/auth/realms/master/.well-known/openid-configuration
plugin: oidc
---
apiVersion: extensions/v1beta1
kind: Ingress
metadata:
  name: k8s-ingress-kibana
  annotations:
    kubernetes.io/ingress.class: "kong"
    configuration.konghq.com: https-only, oidc-kibana
spec:
  tls:
    - hosts:
      - "*.toto.app"
      secretName: ssl-cert-wildcard
  rules:
  - host: kibana.toto.app
    http:
      paths:
        - path: /
          backend:
            serviceName: kibana
            servicePort: 5601
---
xmcn2 commented 4 years ago

Hi Woody,

Do you have the OIDC plugin installed in Kong? I used https://github.com/Kong/docker-kong/tree/master/customize to create a custom Kong image with the plugin installed.

docker build --build-arg PLUGINS="kong-oidc" --tag my-org/kong:v1 .

defiboy commented 4 years ago

any updates on this? I also cannot make it work like this.