how to authenticate without redirecting to login screen?

revomatico / kong-oidc

OIDC plugin for Kong

Apache License 2.0

109 stars 75 forks source link

I set up an environment with keycloak, kong and a microservice.

I'm using Insomnia to test the endpoints, I've already configured OAuth2 and generated an Access Token and Refresh Token. I would like Kong instead of redirecting me to the Keycloak login screen, already using the Access Token to authorize.

How can I do this?

Raw OIDC Plugin

{
  "route": null,
  "name": "oidc",
  "consumer": null,
  "service": {
    "id": "31a0235e-0291-4958-b827-e72566e69f27"
  },
  "tags": null,
  "id": "57240b4d-2ccb-4c28-96c1-61bfda81247f",
  "enabled": true,
  "config": {
    "skip_already_auth_requests": "no",
    "timeout": null,
    "discovery": "http://service-keycloak:8080/realms/develop/.well-known/openid-configuration",
    "bearer_jwt_auth_enable": "yes",
    "groups_claim": "groups",
    "header_names": [],
    "header_claims": [],
    "disable_userinfo_header": "no",
    "filters": null,
    "introspection_endpoint": null,
    "disable_access_token_header": "no",
    "access_token_header_name": "X-Access-Token",
    "access_token_as_bearer": "yes",
    "disable_id_token_header": "no",
    "introspection_cache_ignore": "no",
    "id_token_header_name": "X-ID-Token",
    "scope": "openid",
    "unauth_action": "auth",
    "ignore_auth_filters": null,
    "logout_path": "/logout",
    "revoke_tokens_on_logout": "no",
    "redirect_after_logout_uri": "/",
    "bearer_only": "yes",
    "post_logout_redirect_uri": null,
    "ssl_verify": "no",
    "realm": "kong",
    "validate_scope": "no",
    "redirect_uri": null,
    "redirect_after_logout_with_id_token_hint": "no",
    "session_secret": null,
    "introspection_endpoint_auth_method": null,
    "client_id": "administracao",
    "bearer_jwt_auth_signing_algs": [
      "RS256"
    ],
    "token_endpoint_auth_method": "client_secret_post",
    "bearer_jwt_auth_allowed_auds": null,
    "response_type": "code",
    "use_jwks": "no",
    "client_secret": "MZmTbQrVvOKZbE7eS2B1VnhsomekWuyZ",
    "userinfo_header_name": "X-USERINFO",
    "recovery_page_path": null
  },
  "protocols": [
    "grpc",
    "grpcs",
    "http",
    "https"
  ],
  "created_at": 1666014812
}

{ "route": null, "name": "oidc", "consumer": null, "service": { "id": "31a0235e-0291-4958-b827-e72566e69f27" }, "tags": null, "id": "57240b4d-2ccb-4c28-96c1-61bfda81247f", "enabled": true, "config": { "skip_already_auth_requests": "no", "timeout": null, "discovery": "http://service-keycloak:8080/realms/develop/.well-known/openid-configuration", "bearer_jwt_auth_enable": "yes", "groups_claim": "groups", "header_names": [], "header_claims": [], "disable_userinfo_header": "no", "filters": null, "introspection_endpoint": "http://localhost:8080/realms/develop/protocol/openid-connect/token/introspect", "disable_access_token_header": "no", "access_token_header_name": "X-Access-Token", "access_token_as_bearer": "yes", "disable_id_token_header": "no", "introspection_cache_ignore": "no", "id_token_header_name": "X-ID-Token", "scope": "openid", "unauth_action": "auth", "ignore_auth_filters": null, "logout_path": "/logout", "revoke_tokens_on_logout": "no", "redirect_after_logout_uri": "/", "bearer_only": "yes", "post_logout_redirect_uri": null, "ssl_verify": "no", "realm": "kong", "validate_scope": "no", "redirect_uri": "https://www.google.com", "redirect_after_logout_with_id_token_hint": "no", "session_secret": null, "introspection_endpoint_auth_method": null, "client_id": "administracao", "bearer_jwt_auth_signing_algs": [ "RS256" ], "token_endpoint_auth_method": "client_secret_post", "bearer_jwt_auth_allowed_auds": [ "account" ], "response_type": "code", "use_jwks": "no", "client_secret": "MZmTbQrVvOKZbE7eS2B1VnhsomekWuyZ", "userinfo_header_name": "X-USERINFO", "recovery_page_path": null }, "protocols": [ "grpc", "grpcs", "http", "https" ], "created_at": 1666014812 }

revomatico / kong-oidc

how to authenticate without redirecting to login screen? #22

Raw OIDC Plugin

My Raw