I would like to protect resources of my golang REST API server, using the UMA protocol.
I was looking at the keycloak gatekeeper, but it appears not to support UMA authorization and now it is also deprecated. Its replacement, ouath2-proxy, does not appear to support UMA.
Which is the reccomended way to protect resources in a golang application using keycloak?
Regards,
Bernardo
Just an update, hoping it will be helpful for others: as a prototype I ended up implementing a proxy like gatekeeper, using Spiring Boot.
The proxy is based on the Zuul API Gateway (Netflix), which can be quickly integrated in a Spring boot application, and the Keycloak adapter for Spring Boot.
The adapter checks for authorization and implements the UMA protocol. Once the adapter authorizes the operation, Zuul takes control and forwards the request to my Golang microservice.
Bernardo