Skip to content

[OIDC] Get and run Keycloak on Linux Locally #6

New issue
New issue
Open
Open
[OIDC] Get and run Keycloak on Linux Locally#6
Labels
documentationImprovements or additions to documentation
@RyanL1997

Description

@RyanL1997
RyanL1997
opened on Nov 15, 2023

Introduction

To set up a local testing environment for OIDC with Keycloak and OpenSearch on your Mac, you'll want to follow a series of steps that replicate what your GitHub Actions workflow does. Below is a step-by-step guide to set up Keycloak, OpenSearch, and the necessary configurations for OIDC.

Steps

Prerequisites: Make sure you have Java installed, as both OpenSearch and Keycloak require it.
Install wget and curl if they are not already installed on your Mac.
You'll also need Node.js if you don't have it, as it's required for fetching the OpenSearch version from package.json.
Make sure you have OpenSearch and Keycloak downloaded, or you can use wget as in your workflow.

  1. Export some version variables:
export KEYCLOAK_VERSION='21.0.1'
  1. Download and Unpack Keycloak:
echo "Downloading Keycloak $KEYCLOAK_VERSION"
wget https://github.com/keycloak/keycloak/releases/download/$KEYCLOAK_VERSION/keycloak-$KEYCLOAK_VERSION.tar.gz
echo "Unpacking Keycloak"
tar -xzf keycloak-$KEYCLOAK_VERSION.tar.gz
  1. Start Keycloak:
export KEYCLOAK_ADMIN=admin
export KEYCLOAK_ADMIN_PASSWORD=admin
cd keycloak-$KEYCLOAK_VERSION/bin
chmod +x kc.sh
echo "Starting keycloak"
./kc.sh start-dev --http-enabled=true --hostname-strict-https=false --http-host=localhost --http-relative-path /auth --health-enabled=true &
  1. Set up Keycloak Admin CLI and Create Client
chmod +x kcadm.sh
./kcadm.sh config credentials --server http://localhost:8080/auth --realm master --user admin --password admin
CID=$(./kcadm.sh create clients -r master -s clientId=opensearch -s 'redirectUris=["http://localhost:5603/auth/openid/login", "http://localhost:5601", "http://localhost:5601/auth/openid/login"]' -s 'secret=oacHfNaXyy81r2uHq1A9RY4ASryre4rZ' -i)
  1. Create Client Mapper:
echo "Creating client mapper"
./kcadm.sh create clients/$CID/protocol-mappers/models  -r master -s 'config."id.token.claim"=true' -s 'config."multivalued"=true' -s 'config."claim.name"="roles"' -s 'config."userinfo.token.claim"=true' -s 'config."access.token.claim"=true' -s 'name=rolemapper' -s 'protocolMapper=oidc-usermodel-realm-role-mapper' -s "protocol=openid-connect"

Metadata

Metadata

Assignees

No one assigned

    Labels

    documentationImprovements or additions to documentation

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions