Andreas/wekan
1
0
Fork 0
mirror of https://github.com/wekan/wekan.git synced 2025-12-17 07:50:12 +01:00
Code Issues Projects Releases Packages Wiki Activity Actions 5

Updated Keycloak (markdown)

Lauri Ojansivu 2019-04-21 14:37:51 +03:00
parent 334841bf49
commit 7e9b8e134f
1 changed files with 31 additions and 11 deletions
Download patch file Download diff file Expand all files Collapse all files

42
Keycloak.md

@ -6,17 +6,6 @@ Keycloak settings: [realm-export.zip](https://wekan.github.io/keycloak/realm-exp
Environment Variables that need to be set in your Wekan environment: Environment Variables that need to be set in your Wekan environment:
* OAUTH2_ENABLED = TRUE
* OAUTH2_CLIENT_ID = `<Keycloak create Client ID>`
* OAUTH2_SERVER_URL = `<Keycloak server name>/auth`
* OAUTH2_AUTH_ENDPOINT = `/realms/<keycloak realm>/protocol/openid-connect/auth`
* OAUTH2_USERINFO_ENDPOINT = `/realms/<keycloak realm>/protocol/openid-connect/userinfo`
* OAUTH2_TOKEN_ENDPOINT = `/realms/<keycloak realm>/protocol/openid-connect/token`
* OAUTH2_SECRET = `<keycloak client secret>`
* OAUTH2_ID_MAP = `preferred_username`
* OAUTH2_USERNAME_MAP = `preferred_username`
* OAUTH2_FULLNAME_MAP = `given_name`
* OAUTH2_EMAIL_MAP = `email`
> When creating a Client in keycloak, ensure the access type is confidential under the settings tab. After clicking save, you will have a Credentials tab. You can retrieve the secret from that location. > When creating a Client in keycloak, ensure the access type is confidential under the settings tab. After clicking save, you will have a Credentials tab. You can retrieve the secret from that location.
## Snap ## Snap
@ -34,3 +23,34 @@ sudo snap set wekan oauth2-username-map='preferred_username'
sudo snap set wekan oauth2-fullname-map='given_name' sudo snap set wekan oauth2-fullname-map='given_name'
sudo snap set wekan oauth2-email-map='email' sudo snap set wekan oauth2-email-map='email'
``` ```
### Debugging, if it does not work
```
sudo snap set wekan debug='true'
```
Click Oidc button. Then:
```
sudo snap logs wekan.wekan
sudo systemctl status snap.wekan.wekan
```
## Docker
[docker-compose.yml](https://github.com/wekan/wekan/blob/devel/docker-compose.yml)
```
- DEBUG=true
- OAUTH2_ENABLED=true
- OAUTH2_CLIENT_ID=<Keycloak create Client ID>
- OAUTH2_SERVER_URL=<Keycloak server name>/auth
- OAUTH2_AUTH_ENDPOINT=/realms/<keycloak realm>/protocol/openid-connect/auth
- OAUTH2_USERINFO_ENDPOINT=/realms/<keycloak realm>/protocol/openid-connect/userinfo
- OAUTH2_TOKEN_ENDPOINT=/realms/<keycloak realm>/protocol/openid-connect/token
- OAUTH2_SECRET=<keycloak client secret>
- OAUTH2_ID_MAP=preferred_username
- OAUTH2_USERNAME_MAP=preferred_username
- OAUTH2_FULLNAME_MAP=given_name
- OAUTH2_EMAIL_MAP=email
```
### Debugging, if it does not work
```
docker logs wekan-app
```