am trying to use kong oicd
with keycloak 19.0.3
to secure my app and that my Dockerfile
FROM kong/kong:2.7.0
ENV OIDC_PLUGIN_VERSION=1.2.3-2
ENV GIT_VERSION=2.24.4-r0
ENV UNZIP_VERSION=6.0-r7
ENV LUAROCKS_VERSION=2.4.4-r1
USER root
RUN apk update && apk add git unzip luarocks
RUN luarocks install kong-oidc
RUN git clone --branch v1.2.3-2 https://github.com/revomatico/kong-oidc.git
WORKDIR /kong-oidc
RUN luarocks make
RUN luarocks pack kong-oidc ${OIDC_PLUGIN_VERSION} \
&& luarocks install kong-oidc-${OIDC_PLUGIN_VERSION}.all.rock
WORKDIR /
RUN git clone --branch 20200505-access-token-processing https://github.com/BGaunitz/kong-plugin-jwt-keycloak.git
WORKDIR /kong-plugin-jwt-keycloak
RUN luarocks make
RUN luarocks pack kong-plugin-jwt-keycloak ${JWT_PLUGIN_VERSION} \
&& luarocks install kong-plugin-jwt-keycloak-${JWT_PLUGIN_VERSION}.all.rock
USER kong
i did configure by passing the client id
and client secret
and the discovery endpoint
when i visit the configured route in kong i get redirected to keycloak to authenticate and after success auth, i get redirected back to my app but when i check the headers i find no x-userUnfo
and i find only session cookie
am i missing something?
am using nginx as an app to test in my case and i need to make in the future request from my app to some API which also will be protected by kong oidc and i need to have a piece of the identity of the current loggedin user to do permission stuff