Skip to content

Instantly share code, notes, and snippets.

@abdennour

abdennour/keycload_oauth.md

Created July 11, 2020 09:23
Show Gist options
  • Star 0 You must be signed in to star a gist
  • Fork 0 You must be signed in to fork a gist
  • Save abdennour/8894fa92208d85d7e5435931281efed1 to your computer and use it in GitHub Desktop.
Save abdennour/8894fa92208d85d7e5435931281efed1 to your computer and use it in GitHub Desktop.
Download ZIP
Keycloak + Oauth2-proxy
Raw
keycload_oauth.md

I deployed the keycloak-operator as in whats described on operatorhub.io then created a client like:

apiVersion: keycloak.org/v1alpha1
kind: KeycloakClient
metadata:
  name: foo
  namespace: my-keycloak-operator
  labels:
    app: sso
spec:
  client:
    redirectUris:
    - 'https://mysite.mydomain'
    description: Foo Client
    enabled: true
    clientId: foo
    name: foo
    secret: fooclient
  realmSelector:
    matchLabels:
      app: sso

then you can use oauth2 proxy to read the secrets with this patch like: https://github.com/helm/charts/pull/22231/files#diff-1814985cb280af8b98f23690d9facec5R159-R168

As a workaround, I had to manually create the oauth2 proxy secret reading out the data in the keycloak managed secret and putting it into the oauth2 proxy secret. This is not ideal though.

Originally posted by @kfox1111 in helm/charts#22231 (comment)

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment