Copied to clipboard

Flag this post as spam?

This post will be reported to the moderators as potential spam to be looked at


  • Søren Müller 3 posts 73 karma points
    1 week ago
    Søren Müller
    0

    Use Keycloak for Login auth to Backoffice

    Hi,

    I'm trying to use keycloak as my IDP for login to Umbraco Backoffice.. Since there is no umbraco nuget package for this, I first tried using a guide for login with Google+. It works perfect.. then i added the nuget package "Owin.Security.Keycloak-3". Then I added this extension funtion below and called it from "UmbracoStandardOwinStartup" class.. But I dont get any login button and cant set umbraco linking options, since this is obfuscated in the google login nuget package.. Any tried this or hav any idea .. Thx :-)

           static string persistentAuthType = "keycloak_cookies"; // Or name it whatever you want
    
        public static void ConfigureBackOfficeKeycloakAuth(this IAppBuilder app, string clientId, string clientSecret,
            string caption = "Cadpeople keycloak", string style = "btn-google", string icon = "fa-google")
        {
    
            //const string persistentAuthType = "keycloak_cookies"; // Or name it whatever you want
    
            app.UseCookieAuthentication(new CookieAuthenticationOptions
            {
                AuthenticationType = persistentAuthType
            });
    
            // You may also use this method if you have multiple authentication methods below,
            // or if you just like it better:
            app.SetDefaultSignInAsAuthenticationType(persistentAuthType);
    
            // some more here login button, linking acccounts etc.??
    
            app.UseKeycloakAuthentication(new KeycloakAuthenticationOptions
            {
    
                Realm = "UmbracoTest",
                ClientId = "u-client-bo",
                ClientSecret = "<client secret>",
                KeycloakUrl = "<url>",
                AuthenticationType = persistentAuthType,
                SignInAsAuthenticationType = persistentAuthType,
                //Token validation options - these are all set to defaults
                AllowUnsignedTokens = false,
                DisableIssuerSigningKeyValidation = false,
                DisableIssuerValidation = false,
                DisableAudienceValidation = false,
                TokenClockSkew = TimeSpan.FromSeconds(2)
            });
        }
    
Please Sign in or register to post replies

Write your reply to:

Draft