Aspire + Web API
This samples contains Keycloak installation configured via configuration files.
Here is what it does:
- Starts a Keycloak Instance as part of Aspire Integration
- Imports realm and test users (
test1:test
,test2:test
)
The Keycloak is already configured, all you need to do is to run sample and try to retrieve token via Swagger UI.
Run:
bash
dotnet run --project ./AppHost
Code
AppHost
:
cs
var builder = DistributedApplication.CreateBuilder(args);
var keycloak = builder
.AddKeycloakContainer("keycloak")
.WithDataVolume()
.WithImport("./KeycloakConfiguration/Test-realm.json")
.WithImport("./KeycloakConfiguration/Test-users-0.json");
var realm = keycloak.AddRealm("Test");
builder.AddProject<Projects.Api>("api").WithReference(keycloak).WithReference(realm);
builder.Build().Run();
Api
:
cs
using Keycloak.AuthServices.Authentication;
using Keycloak.AuthServices.Common;
using Microsoft.OpenApi.Models;
var builder = WebApplication.CreateBuilder(args);
var services = builder.Services;
var configuration = builder.Configuration;
builder.AddServiceDefaults();
var clientName = "workspaces-client";
services.AddEndpointsApiExplorer();
services.AddSwaggerGen(c =>
{
var keycloakOptions = configuration.GetKeycloakOptions<KeycloakAuthenticationOptions>()!;
c.AddSecurityDefinition(
"oidc",
new OpenApiSecurityScheme
{
Name = "oauth2",
Type = SecuritySchemeType.OpenIdConnect,
OpenIdConnectUrl = new Uri(keycloakOptions.OpenIdConnectUrl!)
}
);
c.AddSecurityRequirement(
new OpenApiSecurityRequirement
{
{
new OpenApiSecurityScheme
{
Reference = new OpenApiReference
{
Type = ReferenceType.SecurityScheme,
Id = "oidc"
}
},
Array.Empty<string>()
}
}
);
c.SwaggerDoc("v1", new OpenApiInfo { Title = $"API (v1)", Version = "v1" });
});
services.AddKeycloakWebApiAuthentication(
configuration,
options =>
{
options.Audience = clientName;
options.RequireHttpsMetadata = false;
}
);
services.AddAuthorization();
var app = builder.Build();
app.UseSwagger();
app.UseSwaggerUI(options =>
{
options.SwaggerEndpoint("/swagger/v1/swagger.json", "v1");
options.RoutePrefix = string.Empty;
});
app.UseHttpsRedirection();
app.UseAuthentication();
app.UseAuthorization();
app.MapGet("/hello", () => "Hello World!").RequireAuthorization();
app.Run();
See sample source code: keycloak-authorization-services-dotnet/tree/main/samples/GettingStartedAndAspire