ngx-starter-kit
develop
develop
  • NGX Starter Kit
  • Getting Started
    • FAQ2
    • Why
    • Installation
    • Playbook
    • NestJs Playbook
  • Concepts
    • Introduction
    • Store
    • Actions
    • State
    • Select
  • Advanced
    • Action Handlers
    • Actions Life Cycle
    • Envoy Proxy
    • Cancellation
    • Composition
    • Error Handling
    • Ivy Migration Guide
    • Lazy Loading
    • Life-cycle
    • Mapped Sub States
    • Meta Reducers
    • Options
    • Shared State
    • State Token
    • State Operators
    • Style Guide
    • Troubleshooting
  • Dev Ops
    • Keycloak
  • Modules
    • Apps
      • WebApp
      • Api
    • Libs
      • Admin
      • Blog
      • Core
      • Dashboard
      • Gen
      • Home
      • Not Found
      • Shared
  • Recipes
    • Authentication
    • Caching
    • Component Events from NGXS
    • Debouncing Actions
    • Dynamic Plugins
    • Immutability Helpers
    • Style Guide
    • Unit Testing
  • Community
    • Resources
    • Contributors
    • Contributing
  • Change Log
  • FAQ
  • TODO
Powered by GitBook
On this page
  • Configure SPA Client
  • Start
  • Use
  • Setup
  • Test

Was this helpful?

  1. Dev Ops

Keycloak

Pre-configured KeyCloak OpenID Connect server for testing.

  • Realm: ngx

  • Client ID: ngxweb, ngxapi

  • Accounts:

    • ROLE_ADMIN

      1. ngxadmin : ngxadmin

    • ROLE_USER

      1. sumo: demo

      2. sumo1: demo

      3. sumo2: demo

      4. sumo3: demo

Configure SPA Client

set issuer, clientId in apps/webapp/src/environments/environment.ts

  auth: {
    clientId: 'ngxweb',
    issuer: 'http://localhost:8080/auth/realms/ngx',
  }

Start

# Start keycloak
docker-compose up keycloak

# Stop keycloak
docker-compose stop keycloak
# this will remove volume created by docker.
docker-compose down

# SSH into keycloak container
docker-compose exec keycloak sh

Use

http://localhost:8080/

admin: admin123

Setup

Do import config. (first time only...)

  1. login to keycloak admin console

  2. create new realm ngx

Test

# Environment variable. change as per your server setup
OIDC_ISSUER_URL=http://localhost:8080/auth/realms/ngx
OIDC_CLIENT=ngxweb

USERNAME=sumo
PASSWORD=demo

# get URLs
curl $OIDC_ISSUER_URL/.well-known/openid-configuration | jq .
#get certs
curl $OIDC_ISSUER_URL/protocol/openid-connect/certs | jq .

# Get tokens
response=$(curl -X POST $OIDC_ISSUER_URL/protocol/openid-connect/token \
 -H "Content-Type: application/x-www-form-urlencoded" \
 -d username=$USERNAME \
 -d password=$PASSWORD \
 -d client_id=$OIDC_CLIENT \
 -d 'grant_type=password' \
 -d 'scope=openid')

access_token=$(echo $response | jq  -r '.access_token')
id_token=$(echo $response | jq  -r '.id_token')
refresh_token=$(echo $response | jq  -r '.refresh_token')

# Print tokens
echo $access_token
echo $id_token
echo $refresh_token

# Get User Profile
curl -X POST $OIDC_ISSUER_URL/protocol/openid-connect/userinfo \
 -H "Content-Type: application/x-www-form-urlencoded" \
 -d "access_token=$access_token" | jq .

# Logout
curl -X POST  $OIDC_ISSUER_URL/protocol/openid-connect/logout \
 -H "Content-Type: application/x-www-form-urlencoded" \
 -d client_id=$OIDC_CLIENT \
 -d "refresh_token=$refresh_token" | jq .

Example Access Token

{
  "jti": "bcd8138f-cba9-49e4-a4fa-86f688ba2730",
  "exp": 1547688875,
  "nbf": 0,
  "iat": 1547688575,
  "iss": "http://localhost:8080/auth/realms/ngx",
  "aud": "ngxapi",
  "sub": "12c4ef1f-f4bd-451c-a435-ffc5daa1412c",
  "typ": "Bearer",
  "azp": "ngxweb",
  "auth_time": 0,
  "session_state": "92cc97ad-3be7-48e0-9ee9-4329b2a66f07",
  "acr": "1",
  "allowed-origins": ["*"],
  "realm_access": {
    "roles": ["ROLE_USER"]
  },
  "scope": "openid email ngxapi_audience profile",
  "email_verified": true,
  "name": "sumo1 ngx",
  "preferred_username": "sumo1",
  "given_name": "sumo1",
  "family_name": "ngx",
  "email": "sumo1@ngx.com"
}
PreviousDev OpsNextModules

Last updated 3 years ago

Was this helpful?

import pre-set

config