express-gateway-keycloak v0.0.40

Keycloak plugins for Express-gateway: express-gateway-plugin-keycloak

This project is a plugin to integrate Keycloak NodeJS Adapter in Express-Gateway

Usage

Common

You want to apply the same authentication strategy for your apigateway instance (ex: microprofile architecture)

• add to system.config.yml

express-gateway-keycloak:
package: express-gateway-keycloak
keycloakConfig:
    realm: "..."
    auth-server-url: "..."
    ssl-required: none
    bearer-only: false
    client-id: "..."
    confidential-port: 0
    realmPublicKey: "..."

• add to gateway.config.yml

policies:
  - keycloak-protect
...
  marketplace-api:
    apiEndpoints:
      - api
    policies:
      - keycloak-protect:

Multiple authentication profiles

You want to apply different authentication strategies depending endpoints (ex: monolithic architecture)

• add to system.config.yml

  express-gateway-keycloak-api:
    package: express-gateway-keycloak
    # Provide unique policy id
    registerName: keycloak-protect-api
    # Define paths impacted by this keycloak configuration
    paths: 
      - /myapi/v1/
    # Keycloak configuration for this profile  
    keycloakConfig: 
      realm: "..."
      auth-server-url: "..."
      ssl-required: none
      bearer-only: true
      public-client: false
      confidential-port: 0
      client-id: "..."
      secret: "..."
      realmPublicKey: "..."

  express-gateway-keycloak-admin:
    package: express-gateway-keycloak
    # Provide unique policy id
    registerName: keycloak-protect-admin
    # Define paths impacted by this keycloak configuration
    paths: 
      - /admin
    keycloakConfig:
      realm: "..."
      auth-server-url: "..."
      ssl-required: none
      bearer-only: false
      public-client: true
      client-id: "..."
      confidential-port: 0
      realmPublicKey: "..."

• add to gateway.config.yml

policies:
  - keycloak-protect-api
  - keycloak-protect-admin
pipelines:
  marketplace-api:
    apiEndpoints:
      - api
    policies:
      - keycloak-protect-api:
      - expression:
        - action:
            jscode: 'req.headers["X-Auth-Username"] = req.kauth.grant.access_token.content.preferred_username;'
...
  marketplace-admin:
    apiEndpoints:
      - admin
    policies:
      - keycloak-protect-admin:

Development

• Quality control

npm run check

• Compilation

npm run compile

Changelog

0.1.0

• apply TypeScript standard (quality contraints)
• add readme and badge
• support multiple authentification profiles

License

• Apache License, Version 2.0