This commit is contained in:
Bill Burke 2016-05-26 15:09:17 -04:00
parent ef5e5474c1
commit c775e3debe
8 changed files with 24 additions and 42 deletions

BIN
images/github-app-page.png Normal file

Binary file not shown.

After

Width:  |  Height:  |  Size: 396 KiB

Binary file not shown.

After

Width:  |  Height:  |  Size: 296 KiB

Binary file not shown.

After

Width:  |  Height:  |  Size: 356 KiB

Binary file not shown.

After

Width:  |  Height:  |  Size: 319 KiB

Binary file not shown.

After

Width:  |  Height:  |  Size: 323 KiB

View file

@ -2,7 +2,7 @@
==== Facebook ==== Facebook
There are a number of steps you have to complete to be able to login to Facebook. First, go to the `Identity Providers` left menu item There are a number of steps you have to complete to be able to login to Facebook. First, go to the `Identity Providers` left menu item
and selected `Facebook` fro the `Add provider` drop down list. This will bring you to the `Add identity provider` page. and selected `Facebook` from the `Add provider` drop down list. This will bring you to the `Add identity provider` page.
.Add Identity Provider .Add Identity Provider
image:../../../{{book.images}}/facebook-add-identity-provider.png[] image:../../../{{book.images}}/facebook-add-identity-provider.png[]
@ -11,7 +11,7 @@ You can't click save yet, as you'll need to obtain a `Client ID` and `Client Sec
page is the `Redirect URI`. You'll have to provide that to Facebook when you register {{book.project.name}} as a client there, so page is the `Redirect URI`. You'll have to provide that to Facebook when you register {{book.project.name}} as a client there, so
copy this URI to your clipboard. copy this URI to your clipboard.
To enable login with Face you first have to create a project and a client in the https://developers.facebook.com/[Facebook Developer Console]. To enable login with Facebook you first have to create a project and a client in the https://developers.facebook.com/[Facebook Developer Console].
NOTE: Facebook often changes the look and feel of the Facebook Developer Console, so these directions might not always be up to date and the NOTE: Facebook often changes the look and feel of the Facebook Developer Console, so these directions might not always be up to date and the
configuration steps might be slightly different. configuration steps might be slightly different.

View file

@ -1,51 +1,33 @@
==== Github ==== Github
To enable login with GitHub you first have to create an application in https://github.com/settings/applications[GitHub Settings]. There are a number of steps you have to complete to be able to login to Github. First, go to the `Identity Providers` left menu item
Then you need to copy the client id and secret into the Keycloak Admin Console. and selected `Github` from the `Add provider` drop down list. This will bring you to the `Add identity provider` page.
Let's see first how to create an application with GitHub. .Add Identity Provider
image:../../../{{book.images}}/github-add-identity-provider.png[]
. Log in to https://github.com/settings/applications[GitHub Settings]. You can't click save yet, as you'll need to obtain a `Client ID` and `Client Secret` from Github. One piece of data you'll need from this
Click the `Register new application` button. page is the `Redirect URI`. You'll have to provide that to Github when you register {{book.project.name}} as a client there, so
Use any value for `Application name`, `Homepage URL` and `Application Description` you want. copy this URI to your clipboard.
Click the `Register application` button.
. Copy `Client ID` and `Client Secret` from the https://github.com/settings/applications[GitHub Settings].
Now that you have the client id and secret, you can proceed with the creation of a Github Identity Provider in Keycloak. To enable login with Github you first have to register an application project in the and a client in
As follows: https://github.com/settings/applications[GitHub Application Settings]. Select the `Developer applications` tab.
. Select the `Github` identity provider from the drop-down box on the top right corner of the identity providers table in Keycloak's Admin Console. .Add a New App
You should be presented with a specific page to configure the selected provided. image:../../../images/github-developer-applications.png[]
. Copy the client id and secret to their corresponding fields in the Keycloak Admin Console.
Click `Save`.
Once you create the identity provider in Keycloak, you must update your GitHub application with the redirect url that was generated to your identity provider. Click the `Register a new application` button.
. Open the GitHub Settings and select your application. .Register App
In `Authorization callback URL` insert the redirect uri created by Keycloak. image:../../../images/github-register-app.png[]
The redirect uri usually have the following format: `http://{host}:{port}/auth/realms/{realm}/broker/{provider_alias}`.
NOTE: You can always get the redirect url for a specific identity provider from the table presented when you click on the 'Identity Provider' tab in _Realm > Settings_. You'll have to copy the `Redirect URI` from the {{book.project.name}} `Add Identity Provider` page and enter it into the
`Authorization callback URL` field on the Github `Register a new OAuth application` page. Once you've completed this
page you will be brough to the application's management page.
That is it! This pretty much what you need to do in order to setup this identity provider. .Github App Page
image:../../../images/gitbook-app-page.png[]
The table below lists some additional configuration options you may use when configuring this provider. You will need to obtain the client ID and secret from this page so you can enter them into the {{book.project.name}} `Add identity provider` page.
Go back to {{book.project.name}} and specify those items.
.Configuration Options
[cols="1,1", options="header"]
|===
|
Configuration
|
Description
|
Default Scopes
|
Allows you to manually specify the scopes that users must authorize when authenticating with this provider. For a complete list of scopes, please take a look at https://developer.github.com/v3/oauth/#scopes. By default, Keycloak uses the following scopes: user:email
|===

View file

@ -1,7 +1,7 @@
==== Google ==== Google
There are a number of steps you have to complete to be able to login to Google. First, go to the `Identity Providers` left menu item There are a number of steps you have to complete to be able to login to Google. First, go to the `Identity Providers` left menu item
and selected `Google` fro the `Add provider` drop down list. This will bring you to the `Add identity provider` page. and selected `Google` from the `Add provider` drop down list. This will bring you to the `Add identity provider` page.
.Add Identity Provider .Add Identity Provider
image:../../../{{book.images}}/google-add-identity-provider.png[] image:../../../{{book.images}}/google-add-identity-provider.png[]