<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8">
<meta name="viewport" content="width=device-width, initial-scale=1.0, maximum-scale=1.0">
<base href="https://issues.jboss.org">
<title>Message Title</title>
</head>
<body class="jira" style="color: #333333; font-family: Arial, sans-serif; font-size: 14px; line-height: 1.429">
<table id="background-table" cellpadding="0" cellspacing="0" width="100%" style="border-collapse: collapse; mso-table-lspace: 0pt; mso-table-rspace: 0pt; background-color: #f5f5f5; border-collapse: collapse; mso-table-lspace: 0pt; mso-table-rspace: 0pt" bgcolor="#f5f5f5">
<!-- header here -->
<tbody>
<tr>
<td id="header-pattern-container" style="padding: 0px; border-collapse: collapse; padding: 10px 20px">
<table id="header-pattern" cellspacing="0" cellpadding="0" border="0" style="border-collapse: collapse; mso-table-lspace: 0pt; mso-table-rspace: 0pt">
<tbody>
<tr>
<td id="header-avatar-image-container" valign="top" style="padding: 0px; border-collapse: collapse; vertical-align: top; width: 32px; padding-right: 8px" width="32"> <img id="header-avatar-image" class="image_fix" src="https://static.jboss.org/developer/gravatar/a13557d1743f0fc4995cc122154945ad?d=mm&s=48" height="32" width="32" border="0" style="border-radius: 3px; vertical-align: top"> </td>
<td id="header-text-container" valign="middle" style="padding: 0px; border-collapse: collapse; vertical-align: middle; font-family: Arial, sans-serif; font-size: 14px; line-height: 20px; mso-line-height-rule: exactly; mso-text-raise: 1px"> <a class="user-hover" rel="weil" id="email_weil" href="https://issues.jboss.org/secure/ViewProfile.jspa?name=weil" style="color:#0052cc;; color: #3b73af; text-decoration: none">Wei Li</a> <strong>edited a comment</strong> on <a href="https://issues.jboss.org/browse/AEROGEAR-8331" style="color: #3b73af; text-decoration: none"><img src="cid:jira-generated-image-avatar-e56714c5-5614-412d-93aa-1fe3eee4ae70" height="16" width="16" border="0" align="absmiddle" alt="Task"> AEROGEAR-8331</a> </td>
</tr>
</tbody>
</table> </td>
</tr>
<tr>
<td id="email-content-container" style="padding: 0px; border-collapse: collapse; padding: 0 20px">
<table id="email-content-table" cellspacing="0" cellpadding="0" border="0" width="100%" style="border-collapse: collapse; mso-table-lspace: 0pt; mso-table-rspace: 0pt; border-spacing: 0; border-collapse: separate">
<tbody>
<tr>
<!-- there needs to be content in the cell for it to render in some clients -->
<td class="email-content-rounded-top mobile-expand" style="padding: 0px; border-collapse: collapse; color: #ffffff; padding: 0 15px 0 16px; height: 15px; background-color: #ffffff; border-left: 1px solid #cccccc; border-top: 1px solid #cccccc; border-right: 1px solid #cccccc; border-bottom: 0; border-top-right-radius: 5px; border-top-left-radius: 5px; height: 10px; line-height: 10px; padding: 0 15px 0 16px; mso-line-height-rule: exactly" height="10" bgcolor="#ffffff"> </td>
</tr>
<tr>
<td class="email-content-main mobile-expand " style="padding: 0px; border-collapse: collapse; border-left: 1px solid #cccccc; border-right: 1px solid #cccccc; border-top: 0; border-bottom: 0; padding: 0 15px 0 16px; background-color: #ffffff" bgcolor="#ffffff">
<table class="page-title-pattern" cellspacing="0" cellpadding="0" border="0" width="100%" style="border-collapse: collapse; mso-table-lspace: 0pt; mso-table-rspace: 0pt">
<tbody>
<tr>
<td style="vertical-align: top;; padding: 0px; border-collapse: collapse; padding-right: 5px; font-size: 20px; line-height: 30px; mso-line-height-rule: exactly" class="page-title-pattern-header-container"> <span class="page-title-pattern-header" style="font-family: Arial, sans-serif; padding: 0; font-size: 20px; line-height: 30px; mso-text-raise: 2px; mso-line-height-rule: exactly; vertical-align: middle"> <a href="https://issues.jboss.org/browse/AEROGEAR-8331" style="color: #3b73af; text-decoration: none">Re: Containerise the keycloak example server, provision it on OpenShift using the sync-app-apb and ensure it can be integrated with Keycloak</a> </span> </td>
</tr>
</tbody>
</table> </td>
</tr>
<tr>
<td id="text-paragraph-pattern-top" class="email-content-main mobile-expand comment-top-special-margin comment-top-pattern" style="padding: 0px; border-collapse: collapse; border-left: 1px solid #cccccc; border-right: 1px solid #cccccc; border-top: 0; border-bottom: 0; padding: 0 15px 0 16px; background-color: #ffffff; border-bottom: none; padding-bottom: 0" bgcolor="#ffffff">
<table class="text-paragraph-pattern" cellspacing="0" cellpadding="0" border="0" width="100%" style="border-collapse: collapse; mso-table-lspace: 0pt; mso-table-rspace: 0pt; font-family: Arial, sans-serif; font-size: 14px; line-height: 20px; mso-line-height-rule: exactly; mso-text-raise: 2px">
<tbody>
<tr>
<td class="text-paragraph-pattern-container mobile-resize-text " style="padding: 0px; border-collapse: collapse; padding: 0 0 10px 0; padding-top: 10px"> <span class="diffcontext">Here are the steps I have gone through to get the sample keycloak nodejs app running on OpenShift:<br><br># Make sure the mobile-related services are installed on the cluster.<br># Use the Service catalog to provision the Identity management service into a namespace. Wait for the IDM service to be ready.<br># Deploy the example app image to the same namespace (it is available here: https://cloud.docker.com/repository/docker/weilee/keycloak-example). Wait for it to be up and running.<br># Next, we need to protect the example app with the IDM service:<br>## In the OpenShift UI, go to the namespace -> Overview -> Provisioned Services -> Identity Management -> Create Binding<br>## In the "Creating binding wizard", set the client id to be the name of the keycloak app deployed in step 3, and set the client type to be "Public". Finish the wizard and wait for the binding to be created.<br>## When it is done, login to the IDM service, and you should see there is a new realm created with the name of the openshift namespace. <br>## Update the realm config in IDM:<br>### Select the newly created realm, choose "Clients" -> client id<br>### In the "Settings" tab, add a new valid redirect url. It should be in the format of "http://<url of the keycloak example app>/*". e.g. "http://keycloak-example-myproject.192.168.64.22.nip.io/*"<br>### In the "Roles" tab, add a new role called "admin"<br>### Click on the "Users" option on the menu on the left hand side, and add a new user to the realm. Do not assign any other roles yet to the user<br>## When it is done, back to the openshift UI, go to</span> <span class="diffaddedchars" style="background-color:#ddfade;"> "</span> <span class="diffcontext"> Resources -> Secrets</span> <span class="diffaddedchars" style="background-color:#ddfade;">"</span> <span class="diffcontext">, and find the secret that is created by the binding step</span> <span class="diffremovedchars" style="background-color:#ffe7e7;text-decoration:line-through;">. It</span> <span class="diffaddedchars" style="background-color:#ddfade;"> (it</span> <span class="diffcontext"> should be something like "keycloak-</span> <span class="diffremovedchars" style="background-color:#ffe7e7;text-decoration:line-through;">\</span> <span class="diffcontext"><client id</span> <span class="diffremovedchars" style="background-color:#ffe7e7;text-decoration:line-through;">\</span> <span class="diffcontext">>-public"</span> <span class="diffaddedchars" style="background-color:#ddfade;">)</span> <span class="diffcontext">. Click on the secret, and click on "Add to application".<br>## In the pop up, select the deployment config of the example app in step 3 as the target application, and add the secret as a "volume". Enter a mount path for the secret (e.g./tmp/keycloak/). Save the config and it should trigger the keycloak example app to be deployed again.<br>## Go to "Application" -> Deploys -> keycloak example app, and choose the environment tab. Add the following environment variables: KEYCLOAK_CONFIG=/tmp/keycloak/config, NODE_TLS_REJECT_UNAUTHORIZED=0. Redeploy the app. Now the IDM config is mounted to the app, and the example app is protected by the IDM service.<br># Open a new tab, go to "http://<keycloak example app url>/graphql", you should be redirected to a login page of the IDM service. Login with the newly created user in setup 4.4, and you should see the graphql playground. However, you will see an error. Open a new tab and enter "http://<keycloak example app url>/token", you will get a new token back. Go back to the graphql playground, and select "HTTP HEADERS" view and paste the token value. In the query view, add "{ hello }" and try execute it. You will get a error complaining that the user do not have the right permission.<br># Go to IDM, select the user created in setup 4.4, and assign the "admin" role to the user (it should be the client role, not a realm-level role).<br># Open a new tab and go to "http://<keycloak example app url>/logout" to logout the current session. Then repeat step 5 and this time you should get a valid response back.<br><br></span> </td>
</tr>
</tbody>
</table> </td>
</tr>
<tr>
<td class="email-content-main mobile-expand " style="padding: 0px; border-collapse: collapse; border-left: 1px solid #cccccc; border-right: 1px solid #cccccc; border-top: 0; border-bottom: 0; padding: 0 15px 0 16px; background-color: #ffffff" bgcolor="#ffffff">
<table id="actions-pattern" cellspacing="0" cellpadding="0" border="0" width="100%" style="border-collapse: collapse; mso-table-lspace: 0pt; mso-table-rspace: 0pt; font-family: Arial, sans-serif; font-size: 14px; line-height: 20px; mso-line-height-rule: exactly; mso-text-raise: 1px">
<tbody>
<tr>
<td id="actions-pattern-container" valign="middle" style="padding: 0px; border-collapse: collapse; padding: 10px 0 10px 24px; vertical-align: middle; padding-left: 0">
<table align="left" style="border-collapse: collapse; mso-table-lspace: 0pt; mso-table-rspace: 0pt">
<tbody>
<tr>
<td class="actions-pattern-action-icon-container" style="padding: 0px; border-collapse: collapse; font-family: Arial, sans-serif; font-size: 14px; line-height: 20px; mso-line-height-rule: exactly; mso-text-raise: 0; vertical-align: middle"> <a href="https://issues.jboss.org/browse/AEROGEAR-8331#add-comment" target="_blank" title="Add Comment" style="color: #3b73af; text-decoration: none"> <img class="actions-pattern-action-icon-image" src="cid:jira-generated-image-static-comment-icon-70a4538e-8e79-46d2-98a6-926bb75428ca" alt="Add Comment" title="Add Comment" height="16" width="16" border="0" style="vertical-align: middle"> </a> </td>
<td class="actions-pattern-action-text-container" style="padding: 0px; border-collapse: collapse; font-family: Arial, sans-serif; font-size: 14px; line-height: 20px; mso-line-height-rule: exactly; mso-text-raise: 4px; padding-left: 5px"> <a href="https://issues.jboss.org/browse/AEROGEAR-8331#add-comment" target="_blank" title="Add Comment" style="color: #3b73af; text-decoration: none">Add Comment</a> </td>
</tr>
</tbody>
</table> </td>
</tr>
</tbody>
</table> </td>
</tr>
<!-- there needs to be content in the cell for it to render in some clients -->
<tr>
<td class="email-content-rounded-bottom mobile-expand" style="padding: 0px; border-collapse: collapse; color: #ffffff; padding: 0 15px 0 16px; height: 5px; line-height: 5px; background-color: #ffffff; border-top: 0; border-left: 1px solid #cccccc; border-bottom: 1px solid #cccccc; border-right: 1px solid #cccccc; border-bottom-right-radius: 5px; border-bottom-left-radius: 5px; mso-line-height-rule: exactly" height="5" bgcolor="#ffffff"> </td>
</tr>
</tbody>
</table> </td>
</tr>
<tr>
<td id="footer-pattern" style="padding: 0px; border-collapse: collapse; padding: 12px 20px">
<table id="footer-pattern-container" cellspacing="0" cellpadding="0" border="0" style="border-collapse: collapse; mso-table-lspace: 0pt; mso-table-rspace: 0pt">
<tbody>
<tr>
<td id="footer-pattern-text" class="mobile-resize-text" width="100%" style="padding: 0px; border-collapse: collapse; color: #999999; font-size: 12px; line-height: 18px; font-family: Arial, sans-serif; mso-line-height-rule: exactly; mso-text-raise: 2px"> This message was sent by Atlassian Jira <span id="footer-build-information">(v7.12.1#712002-<span title="609a50578ba6bc73dbf8b05dddd7c04a04b6807c" data-commit-id="609a50578ba6bc73dbf8b05dddd7c04a04b6807c}">sha1:609a505</span>)</span> </td>
<td id="footer-pattern-logo-desktop-container" valign="top" style="padding: 0px; border-collapse: collapse; padding-left: 20px; vertical-align: top">
<table style="border-collapse: collapse; mso-table-lspace: 0pt; mso-table-rspace: 0pt">
<tbody>
<tr>
<td id="footer-pattern-logo-desktop-padding" style="padding: 0px; border-collapse: collapse; padding-top: 3px"> <img id="footer-pattern-logo-desktop" src="https://issues.jboss.org/images/mail/atlassian-email-logo.png" alt="Atlassian logo" title="Atlassian logo" width="191" height="24" class="image_fix"> </td>
</tr>
</tbody>
</table> </td>
</tr>
</tbody>
</table> </td>
</tr>
</tbody>
</table>
</body>
</html>