Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

OIDC integration PoC #516

Draft
wants to merge 24 commits into
base: develop
Choose a base branch
from
Draft

OIDC integration PoC #516

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
24 commits
Select commit Hold shift + click to select a range
d940723
Added: oidc-pkce boilerplate
GPortas Oct 3, 2024
5bc3cc6
Changed: simpler OIDC config init
GPortas Oct 3, 2024
d5b41b2
chore: use alpha version of js-dataverse
g-saracca Oct 4, 2024
8e80e3d
feat: avoid react strict mode for now to avoid double renders on dev …
g-saracca Oct 4, 2024
ee4d48f
feat: autoLogin config to false to avoid inmediate login from AuthCon…
g-saracca Oct 4, 2024
1edfce9
feat: modify protected route base on AuthContext properties
g-saracca Oct 4, 2024
d11f55e
feat: login, logout and user name in header with OIDC AuthContext fun…
g-saracca Oct 4, 2024
454ddb4
feat: some experimental things and logs in the SessionProvider
g-saracca Oct 4, 2024
da681ad
Fixed: reverse proxy rules
GPortas Oct 7, 2024
78ef74a
Added: OIDC support for the containerized Dataverse instance
GPortas Oct 7, 2024
cb43509
Added: missing Bearer token feature flag turned on
GPortas Oct 7, 2024
5b07eb4
Added: format tweak in docker-compose
GPortas Oct 7, 2024
ba14705
Removed: session auth feature flag from docker-compose due to incompa…
GPortas Oct 7, 2024
4cbaa12
Fixed: OIDC integration issues
GPortas Oct 8, 2024
faae765
feat: change base url naming of backend url due to conflict with base…
g-saracca Oct 8, 2024
78b37ed
feat: callback page, redirect user to intended page
g-saracca Oct 8, 2024
7115e7a
Merge branch 'poc/oidc_pkce' of https://github.com/IQSS/dataverse-fro…
g-saracca Oct 8, 2024
00d3a0e
Changed: using js-dataverse version with OIDC token bearer auth
GPortas Oct 11, 2024
d4fa0c4
Merge branch 'poc/oidc_pkce' of github.com:IQSS/dataverse-frontend in…
GPortas Oct 11, 2024
9c2beee
Changed: upgraded js-dataverse package version
GPortas Oct 14, 2024
819196c
Merge branch 'develop' into poc/oidc_pkce
g-saracca Oct 14, 2024
78828e8
feat: back to using authenticated user data from dataverse
g-saracca Oct 14, 2024
bdc76d4
feat: fix lint and change wording
g-saracca Oct 14, 2024
882fbb9
feat: send login state as object with returnTo path
g-saracca Oct 15, 2024
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
34 changes: 33 additions & 1 deletion dev-env/docker-compose-dev.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -9,6 +9,7 @@ services:
depends_on:
- dev_dataverse
- dev_frontend
- dev_keycloak
volumes:
- ./nginx.conf:/etc/nginx/nginx.conf
- ./docker-dev-volumes/nginx/logs:/var/log/nginx/
Expand Down Expand Up @@ -46,7 +47,11 @@ services:
DATAVERSE_DB_HOST: postgres
DATAVERSE_DB_PASSWORD: secret
DATAVERSE_DB_USER: ${DATAVERSE_DB_USER}
DATAVERSE_FEATURE_API_SESSION_AUTH: 1
DATAVERSE_FEATURE_API_BEARER_AUTH: 1
DATAVERSE_AUTH_OIDC_ENABLED: 1
DATAVERSE_AUTH_OIDC_CLIENT_ID: test
DATAVERSE_AUTH_OIDC_CLIENT_SECRET: 94XHrfNRwXsjqTqApRrwWmhDLDHpIYV8
DATAVERSE_AUTH_OIDC_AUTH_SERVER_URL: http://keycloak.mydomain.com:9080/realms/test
JVM_ARGS: -Ddataverse.pid.providers=fake
-Ddataverse.pid.default-provider=fake
-Ddataverse.pid.fake.type=FAKE
Expand All @@ -66,6 +71,9 @@ services:
-Ddataverse.files.s3.connection-pool-size=2048
-Ddataverse.files.s3.custom-endpoint-region=us-east-1
-Ddataverse.files.s3.custom-endpoint-url=https://s3.us-east-1.amazonaws.com
expose:
- '8080'
# TODO: The port has been opened for the redirection to /oauth2/callback.xhtml after a JSF OIDC login. We may prefer to change this to use the proxy.
ports:
- '8080:8080'
networks:
Expand Down Expand Up @@ -172,6 +180,30 @@ services:
tmpfs:
- /mail:mode=770,size=128M,uid=1000,gid=1000

dev_keycloak:
container_name: 'dev_keycloak'
image: 'quay.io/keycloak/keycloak:21.0'
hostname: keycloak
command:
- 'start-dev'
- '--import-realm'
environment:
- KC_HTTP_PORT=9080
- KC_HOSTNAME=localhost
- KC_HOSTNAME_PORT=8000
- KC_HOSTNAME_ADMIN_URL=http://localhost:8000
- KEYCLOAK_ADMIN=kcadmin
- KEYCLOAK_ADMIN_PASSWORD=kcpassword
- KEYCLOAK_LOGLEVEL=DEBUG
networks:
dataverse:
aliases:
- keycloak.mydomain.com
expose:
- 9080
volumes:
- './keycloak/test-realm.json:/opt/keycloak/data/import/test-realm.json'

networks:
dataverse:
driver: bridge
Loading
Loading