Created
January 12, 2018 22:35
-
-
Save alhafoudh/e87392ee60cf14bb33962847f5a84b24 to your computer and use it in GitHub Desktop.
keycloak openresty authentication
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| set $session_check_ssi off; | |
| set $session_secret Eeko7aeb6iu5Wohch9Loo1aitha0ahd1; | |
| set $session_storage cookie; | |
| access_by_lua_block { | |
| local opts = { | |
| redirect_uri_path = "/auth", | |
| discovery = "https://keycloak.freevision.sk/auth/realms/rancher-elk/.well-known/openid-configuration", | |
| client_id = "nginx", | |
| client_secret = "2cfde6f9-4283-456a-9f13-1b803482db9a" | |
| } | |
| -- call authenticate for OpenID Connect user authentication | |
| local res, err = require("resty.openidc").authenticate(opts) | |
| if err then | |
| ngx.status = 500 | |
| ngx.say(err) | |
| ngx.exit(ngx.HTTP_INTERNAL_SERVER_ERROR) | |
| end | |
| ngx.req.set_header("X-User", res.id_token.sub) | |
| } |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment