oidc completed and working

This commit is contained in:
Wolfgang Hottgenroth 2025-02-04 14:40:26 +01:00
parent 08afb4046e
commit 1d117dd5f6
Signed by: wn
GPG Key ID: 18FDFA577A8871AD
2 changed files with 44 additions and 0 deletions

View File

@ -19,9 +19,28 @@ apiServer:
secretKeyRef:
name: dtrack-secrets
key: db-password
- name: ALPINE_OIDC_ENABLED
value: "true"
- name: ALPINE_OIDC_CLIENT_ID
value: "dtrack"
- name: ALPINE_OIDC_ISSUER
value: "https://auth2.hottis.de/realms/hottis"
- name: ALPINE_OIDC_USERNAME_CLAIM
value: "preferred_username"
- name: ALPINE_OIDC_TEAMS_CLAIM
value: "roles"
- name: ALPINE_OIDC_USER_PROVISIONING
value: "true"
- name: ALPINE_OIDC_TEAM_SYNCHRONIZATION
value: "true"
frontend:
apiBaseUrl: https://dtrack-api.hottis.de
extraEnv:
- name: OIDC_ISSUER
value: "https://auth2.hottis.de/realms/hottis"
- name: OIDC_CLIENT_ID
value: "dtrack"

25
tools/token-test.sh Executable file
View File

@ -0,0 +1,25 @@
#!/bin/bash
echo "If something fails, remember to enable 'Direct access grants' for the client"
USER="..."
PASSWORD="..."
CLIENT_ID="..."
ISSUER=https://auth2.hottis.de/realms/hottis
TOKEN=`curl $ISSUER/protocol/openid-connect/token \
-d "scope=openid profile email" \
-d "client_id=$CLIENT_ID" \
-d "grant_type=password" \
-d "username=$USER" \
-d "password=$PASSWORD"`
echo $TOKEN
ACCESS_TOKEN=`echo $TOKEN | jq -r .access_token`
echo $ACCESS_TOKEN
echo "userinfo:"
curl -v $ISSUER/protocol/openid-connect/userinfo \
-H "Authorization: Bearer $ACCESS_TOKEN"
echo