Skip to content

Commit

Permalink
Update Keycloak (#238)
Browse files Browse the repository at this point in the history
  • Loading branch information
@dzarras
dzarras authored Nov 18, 2024
1 parent 91156b7 commit f85a33e
Show file tree
Hide file tree
Showing 7 changed files with 39 additions and 429 deletions.
21 changes: 8 additions & 13 deletions docker-compose/docker-compose.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -6,36 +6,31 @@ networks:

services:
keycloak:
image: quay.io/keycloak/keycloak:24.0.3-0
image: quay.io/keycloak/keycloak:26.0.5-0
container_name: keycloak
command:
- start-dev
- --import-realm
- --features=dpop
environment:
- KC_PROXY=edge
- KC_PROXY_HEADERS=xforwarded
- KC_HTTP_ENABLED=true
- KC_HTTP_RELATIVE_PATH=/idp
- KC_HOSTNAME=localhost
- KC_HOSTNAME_STRICT=false
- KC_HOSTNAME_STRICT_BACKCHANNEL=false
- KC_HOSTNAME=https://localhost/idp
- KC_HOSTNAME_BACKCHANNEL_DYNAMIC=true
- KC_HTTPS_CERTIFICATE_FILE=/etc/ssl/certs/keycloak.tls.crt
- KC_HTTPS_CERTIFICATE_KEY_FILE=/etc/ssl/certs/keycloak.tls.key
- KC_HEALTH_ENABLED=true
- KC_METRICS_ENABLED=true
- KC_SPI_THEME_STATIC_MAX_AGE=-1
- KC_SPI_THEME_CACHE_THEMES=false
- KC_SPI_THEME_CACHE_TEMPLATES=false
- KEYCLOAK_ADMIN=admin
- KEYCLOAK_ADMIN_PASSWORD=password
- KC_BOOTSTRAP_ADMIN_USERNAME=admin
- KC_BOOTSTRAP_ADMIN_PASSWORD=password
healthcheck:
test: "bash /opt/keycloak/health-check.sh"
interval: 5s
timeout: 10s
retries: 12
start_interval: 30s
volumes:
- ./keycloak/extra/health-check.sh:/opt/keycloak/health-check.sh
- ./keycloak/realms/:/opt/keycloak/data/import
- ./keycloak/themes/:/opt/keycloak/themes
- ./keycloak/certs/:/etc/ssl/certs/
networks:
- default
Expand Down
5 changes: 2 additions & 3 deletions docker-compose/keycloak/extra/health-check.sh
View file
Original file line number Diff line number Diff line change
@@ -1,9 +1,8 @@
#!/bin/bash
exec 3<>/dev/tcp/localhost/8080

echo -e "GET ${KC_HTTP_RELATIVE_PATH}/health/ready HTTP/1.1\nhost: localhost:8080\n" >&3

timeout --preserve-status 1 cat <&3 | grep -m 1 status | grep -m 1 UP
echo -e "GET ${KC_HTTP_RELATIVE_PATH} HTTP/1.1\nHost: localhost\n" >&3
timeout --preserve-status 1 cat <&3 | grep -m 1 "HTTP/1.1" | grep -m 1 "303 See Other"
ERROR=$?

exec 3<&-
Expand Down
35 changes: 28 additions & 7 deletions docker-compose/keycloak/realms/pid-issuer-realm-realm.json
View file
Original file line number Diff line number Diff line change
Expand Up @@ -528,7 +528,9 @@
"redirectUris": [
"/realms/pid-issuer-realm/account/*"
],
"webOrigins": [],
"webOrigins": [
"*"
],
"notBefore": 0,
"bearerOnly": false,
"consentRequired": false,
Expand Down Expand Up @@ -564,7 +566,9 @@
"redirectUris": [
"/realms/pid-issuer-realm/account/*"
],
"webOrigins": [],
"webOrigins": [
"*"
],
"notBefore": 0,
"bearerOnly": false,
"consentRequired": false,
Expand Down Expand Up @@ -607,7 +611,9 @@
"alwaysDisplayInConsole": false,
"clientAuthenticatorType": "client-secret",
"redirectUris": [],
"webOrigins": [],
"webOrigins": [
"*"
],
"notBefore": 0,
"bearerOnly": false,
"consentRequired": false,
Expand Down Expand Up @@ -639,7 +645,9 @@
"alwaysDisplayInConsole": false,
"clientAuthenticatorType": "client-secret",
"redirectUris": [],
"webOrigins": [],
"webOrigins": [
"*"
],
"notBefore": 0,
"bearerOnly": true,
"consentRequired": false,
Expand Down Expand Up @@ -894,7 +902,9 @@
"alwaysDisplayInConsole": false,
"clientAuthenticatorType": "client-secret",
"redirectUris": [],
"webOrigins": [],
"webOrigins": [
"*"
],
"notBefore": 0,
"bearerOnly": true,
"consentRequired": false,
Expand Down Expand Up @@ -1627,6 +1637,18 @@
}
}
],
"org.keycloak.userprofile.UserProfileProvider": [
{
"id": "bfa86063-5fbd-444b-8c6b-52d9a6b8ed21",
"providerId": "declarative-user-profile",
"subComponents": {},
"config": {
"kc.user.profile.config": [
"{\"attributes\":[{\"name\":\"username\",\"displayName\":\"${username}\",\"validations\":{\"length\":{\"min\":3,\"max\":255},\"username-prohibited-characters\":{},\"up-username-not-idn-homograph\":{}},\"annotations\":{},\"permissions\":{\"view\":[\"admin\",\"user\"],\"edit\":[\"admin\",\"user\"]},\"group\":\"credentials\",\"multivalued\":false},{\"name\":\"email\",\"displayName\":\"${email}\",\"validations\":{\"email\":{},\"length\":{\"max\":255}},\"annotations\":{},\"required\":{\"roles\":[\"user\"]},\"permissions\":{\"view\":[\"admin\",\"user\"],\"edit\":[\"admin\",\"user\"]},\"group\":\"credentials\",\"multivalued\":false},{\"name\":\"firstName\",\"displayName\":\"${firstName}\",\"validations\":{\"length\":{\"max\":255},\"person-name-prohibited-characters\":{}},\"annotations\":{},\"required\":{\"roles\":[\"user\"]},\"permissions\":{\"view\":[\"admin\",\"user\"],\"edit\":[\"admin\",\"user\"]},\"group\":\"profile\",\"multivalued\":false},{\"name\":\"lastName\",\"displayName\":\"${lastName}\",\"validations\":{\"length\":{\"max\":255},\"person-name-prohibited-characters\":{}},\"annotations\":{},\"required\":{\"roles\":[\"user\"]},\"permissions\":{\"view\":[\"admin\",\"user\"],\"edit\":[\"admin\",\"user\"]},\"group\":\"profile\",\"multivalued\":false},{\"name\":\"gender\",\"displayName\":\"Gender\",\"validations\":{\"options\":{\"options\":[\"0\",\"1\",\"2\",\"3\"]}},\"annotations\":{\"inputOptionLabels\":{\"0\":\"Not known\",\"1\":\"Male\",\"2\":\"Female\",\"3\":\"Not applicable\"},\"inputType\":\"select-radiobuttons\"},\"permissions\":{\"view\":[\"admin\",\"user\"],\"edit\":[\"admin\",\"user\"]},\"group\":\"profile\",\"multivalued\":false},{\"name\":\"birthdate\",\"displayName\":\"Birthdate\",\"validations\":{\"iso-date\":{}},\"annotations\":{\"inputType\":\"html5-date\"},\"permissions\":{\"view\":[\"admin\",\"user\"],\"edit\":[\"admin\",\"user\"]},\"group\":\"profile\",\"multivalued\":false},{\"name\":\"age_over_18\",\"displayName\":\"Age over 18\",\"validations\":{\"options\":{\"options\":[\"true\",\"false\"]}},\"annotations\":{\"inputType\":\"select\",\"inputOptionLabels\":{\"true\":\"Yes\",\"false\":\"No\"}},\"permissions\":{\"view\":[\"admin\",\"user\"],\"edit\":[\"admin\",\"user\"]},\"group\":\"profile\",\"multivalued\":false},{\"name\":\"picture\",\"displayName\":\"Picture\",\"validations\":{},\"annotations\":{},\"permissions\":{\"view\":[\"admin\",\"user\"],\"edit\":[\"admin\",\"user\"]},\"group\":\"profile\",\"multivalued\":false},{\"name\":\"street\",\"displayName\":\"Street\",\"validations\":{},\"annotations\":{},\"permissions\":{\"view\":[\"admin\",\"user\"],\"edit\":[\"admin\",\"user\"]},\"group\":\"address\",\"multivalued\":false},{\"name\":\"locality\",\"displayName\":\"Locality\",\"validations\":{},\"annotations\":{},\"permissions\":{\"view\":[\"admin\",\"user\"],\"edit\":[\"admin\",\"user\"]},\"group\":\"address\",\"multivalued\":false},{\"name\":\"region\",\"displayName\":\"Region\",\"validations\":{},\"annotations\":{},\"permissions\":{\"view\":[\"admin\",\"user\"],\"edit\":[\"admin\",\"user\"]},\"group\":\"address\",\"multivalued\":false},{\"name\":\"postal_code\",\"displayName\":\"Postal Code\",\"validations\":{},\"annotations\":{},\"permissions\":{\"view\":[\"admin\",\"user\"],\"edit\":[\"admin\",\"user\"]},\"group\":\"address\",\"multivalued\":false},{\"name\":\"country\",\"displayName\":\"Country\",\"validations\":{},\"annotations\":{},\"permissions\":{\"view\":[\"admin\",\"user\"],\"edit\":[\"admin\",\"user\"]},\"group\":\"address\",\"multivalued\":false},{\"name\":\"formatted\",\"displayName\":\"Formatted\",\"validations\":{},\"annotations\":{},\"permissions\":{\"view\":[\"admin\",\"user\"],\"edit\":[\"admin\",\"user\"]},\"group\":\"address\",\"multivalued\":false}],\"groups\":[{\"name\":\"user-metadata\",\"displayHeader\":\"User metadata\",\"displayDescription\":\"Attributes, which refer to user metadata\"},{\"name\":\"address\",\"displayHeader\":\"Address\",\"displayDescription\":\"\",\"annotations\":{}},{\"name\":\"credentials\",\"displayHeader\":\"Credentials\",\"displayDescription\":\"\",\"annotations\":{}},{\"name\":\"profile\",\"displayHeader\":\"Profile\",\"displayDescription\":\"\",\"annotations\":{}}],\"unmanagedAttributePolicy\":\"ENABLED\"}"
]
}
}
],
"org.keycloak.keys.KeyProvider": [
{
"id": "4da6878f-706e-416d-a679-250bd5368dbe",
Expand Down Expand Up @@ -2359,6 +2381,5 @@
},
"clientPolicies": {
"policies": []
},
"loginTheme": "pid-issuer"
}
}
19 changes: 0 additions & 19 deletions docker-compose/keycloak/themes/pid-issuer/login/messages/messages_en.properties
View file

This file was deleted.

Loading

0 comments on commit f85a33e

Please sign in to comment.