{"id":24511784,"url":"https://github.com/sguessou/sso-clojure","last_synced_at":"2025-04-14T08:31:42.477Z","repository":{"id":69024124,"uuid":"293604148","full_name":"sguessou/sso-clojure","owner":"sguessou","description":"OAuth 2.0 with Keycloak and Clojure","archived":false,"fork":false,"pushed_at":"2025-01-29T14:47:25.000Z","size":299,"stargazers_count":4,"open_issues_count":0,"forks_count":1,"subscribers_count":1,"default_branch":"master","last_synced_at":"2025-03-27T22:04:26.878Z","etag":null,"topics":["cheshire","clojure","keycloak","oauth2","reitit","ring","selmer"],"latest_commit_sha":null,"homepage":"","language":"Clojure","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":null,"status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/sguessou.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":null,"code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2020-09-07T18:32:35.000Z","updated_at":"2025-01-29T14:47:30.000Z","dependencies_parsed_at":"2025-01-29T15:28:13.223Z","dependency_job_id":"c54f0b1c-9291-4acc-8478-db6ff89fc64d","html_url":"https://github.com/sguessou/sso-clojure","commit_stats":null,"previous_names":[],"tags_count":0,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/sguessou%2Fsso-clojure","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/sguessou%2Fsso-clojure/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/sguessou%2Fsso-clojure/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/sguessou%2Fsso-clojure/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/sguessou","download_url":"https://codeload.github.com/sguessou/sso-clojure/tar.gz/refs/heads/master","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":248845625,"owners_count":21170826,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["cheshire","clojure","keycloak","oauth2","reitit","ring","selmer"],"created_at":"2025-01-22T00:42:12.392Z","updated_at":"2025-04-14T08:31:42.461Z","avatar_url":"https://github.com/sguessou.png","language":"Clojure","readme":"# OAuth 2.0 with Keycloak and Clojure (WIP!)\n\n![Authorization Code Flow image](images/authorization_code_flow.png)\n\nThe purpose of this project is to showcase the use of Keycloak as an authorization server. We will be using Clojure for building the authorization client and other protected resources.\nAs time goes on, other features will be added and documented. The possible features can be seen in the listing below:\n\n* Protecting resources with JWT tokens and added security with PKCE\n* Redis for caching\n* UI with Clojurescript (Hiccup, Reagent \u0026 maybe Re-frame as well ;))\n* CI/CD (not sure about the technologies yet...)\n* Unit tests\n* Load testing (clj-gatling)\n\n## Keycloak\n\nKeycloak is used as our authorization server and access management solution.\n\nI'll be running a containerized keycloak, using the docker-compose tool.  \nTo boot the container, run the command:\n```\n$ docker-compose -f keycloak-postgres.yml up\n```\nKeycloak will be available at this address: `http://localhost:8080`  \nYou can log in as administrator with these credentials: `admin / admin`   \nThe following command will allow us to import the preconfigured keycloak testing environment:\n```\n$ docker exec -it mykeycloak /opt/jboss/keycloak/bin/standalone.sh \\\n-Djboss.socket.binding.port-offset=100 \\\n-Dkeycloak.migration.action=import \\\n-Dkeycloak.migration.provider=singleFile \\\n-Dkeycloak.migration.file=/opt/jboss/keycloak/imports/my_realm.json\n```\nThe following elements will be generated for us automatically: \n* Test realm -\u003e `Sso-test`\n* Authorization client -\u003e `billingApp`\n* Token checker client -\u003e `tokenChecker` \n* Test user with credentials -\u003e `bob / return0`\n* New client scope -\u003e `getBillingService`   \nThe `getBillingService` scope is required in the token when requesting services from the protected resource server. \n\nIf you choose to create your own test keycloak environment, use the following configuration for your client:\n* Client protocol -\u003e `openid-connect`\n* Access type -\u003e `confidential`\n* Root URL -\u003e `http://localhost:3000`\n\nTo list the Keycloak endpoints in use in our authorization client, load your test realm page and click on the endpoints link. You should get a similar listing as in the pic below:\n\n![Openid-configuration image](images/openid-configuration.png)\n\nLastly add a new user for login purposes.\n\n## Authorization Client (Clojure)\nThe Clojure projects are managed with the Clojure CLI tool. The `deps.edn` file holds the configuration and the needed dependencies.  \nTo run the service, cd into the `clj-auth-service` directory and execute the command:\n```\n$ clj -M -m core.sso-clojure\n```\nThe authorization service will be running on port `3000`.\n\nThe `Services` link on the landing page is mapped to a handler, that fetches data from the `Billing` service which is protected.   \nWe need to be logged in and have a valid token with the right scope in order to successfully request the services.\n\n## Billing Service Client (Clojure)\nTo run the service, CD into the `billing-service` directory and run the command:\n```\n$ clj -M -m core.billing-service\n```\nThe protected resource server will be running on port `4000`.\n\n## Redis\nRedis is running on port `6377` and can be accessed with `redis-cli`:\n```\n$ redis-cli -p 6377\n```\n\n## Implicit Client (CLJS project)\n```\n$ npx create-cljs-project implicit-client\n```\n## License\n\n* [Apache License, Version 2.0](https://www.apache.org/licenses/LICENSE-2.0)\n","funding_links":[],"categories":[],"sub_categories":[],"project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fsguessou%2Fsso-clojure","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fsguessou%2Fsso-clojure","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fsguessou%2Fsso-clojure/lists"}