missing x-userinfo header when using keycloack and kong-oicd
am trying to use kong oicd with keycloak 19.0.3 to secure my app and that my Dockerfile
FROM kong/kong:2.7.0
ENV OIDC_PLUGIN_VERSION=1.2.3-2
ENV GIT_VERSION=2.24.4-r0
ENV UNZIP_VERSION=6.0-r7
ENV LUAROCKS_VERSION=2.4.4-r1
USER root
RUN apk update && apk add git unzip luarocks
RUN luarocks install kong-oidc
RUN git clone --branch v1.2.3-2 https://github.com/revomatico/kong-oidc.git
WORKDIR /kong-oidc
RUN luarocks make
RUN luarocks pack kong-oidc ${OIDC_PLUGIN_VERSION} \
&& luarocks install kong-oidc-${OIDC_PLUGIN_VERSION}.all.rock
WORKDIR /
RUN git clone --branch 20200505-access-token-processing https://github.com/BGaunitz/kong-plugin-jwt-keycloak.git
WORKDIR /kong-plugin-jwt-keycloak
RUN luarocks make
RUN luarocks pack kong-plugin-jwt-keycloak ${JWT_PLUGIN_VERSION} \
&& luarocks install kong-plugin-jwt-keycloak-${JWT_PLUGIN_VERSION}.all.rock
USER kong
i did configure by passing the client id and client secret and the descovery endpoint
when i visit the configured route in kong i get redirected to keycloak to authenticate and after success auth i get redirected back to my app but when i check the headers i find no x-userUnfo and i find only session cookie am i missing something ?
am using nginx as an app to test in my case
You wont't see those request headers in the request from your browser to Kong but in the upstream request from Kong to your service. The OIDC plugin will inject them.
One note about the jwt-keycloak plugin: you have to change its prority, e.g. to
ENV JWT_KEYCLOAK_PRIORITY="900"
Otherwise it will be executed before the OIDC plugin but you want to have it afterwards.
- localstack trying to connect to localhost:4566 when we explicitly have the url set to 4576
- Installing Docker in Ubuntu, from repo. Can't find a repo
- Differences Between Dockerfile Instructions in Shell and Exec Form
- What are shell form and exec form?
- Magento cloud docker PHP 8.3: unable to create new composer project
- Docker: ERROR [internal] load metadata for docker.io
- Unable to start Elastic Search 8 and Kibana using Docker
- Gilab CI: load ssh key from environment variable
- Django + Docker: connection to server at "localhost" (127.0.0.1), port 5432 failed
- Docker: Error response from daemon: failed to create endpoint priceless_noether on network bridge:
- Docker compose script complaining about a python module import
- How to achieve a rolling update with docker-compose?
- Create a Linux-based Docker file for .NET Framework project
- exec: "docker-credential-desktop.exe": executable file not found in $PATH
- Why does docker and docker compose gives separate results while accessing /opt directory?
- Using current user when running container in docker-compose
- fail to connect to host when attempting to spin up metabase using mysql database in docker
- How to install git on a docker ubuntu image?
- Connect docker python to SQL server with pyodbc
- How I can access docker data volumes on Windows machine?
- Selenium within a Docker container can't find chromedriver
- Could not find ffmpeg executable, tried "/srv/linux-x64/ffmpeg"
- Cannot find latest dotnet core images on docker (2.2.7)
- How To Run Cron As Non Root In Alpine
- Using WP-CLI locally with sites in docker
- What is the best way to pass AWS credentials to a Docker container?
- How do I hold stopping docker container to get NYC report. Sleep doesn't work
- Docker mosquitto Adress not available
- Reading encrypted private key in PKCS#8 format through bouncycastle, Java failing in docker container
- How to view docker-compose healthcheck logs?