feat: turnkey compose environment for testing the LDAP and OIDC auth backends#295
Open
allamiro wants to merge 1 commit into
Open
feat: turnkey compose environment for testing the LDAP and OIDC auth backends#295allamiro wants to merge 1 commit into
allamiro wants to merge 1 commit into
Conversation
6a46d87 to
fe30e0f
Compare
…backends Optional OpenLDAP and Keycloak services in docker-compose, disabled by default; uncomment a block to enable it. Example credentials live in .env.example (copy to .env, which is gitignored). The keycloak service imports tests/keycloak/realm.json on startup: realm 'keepass', confidential client 'keepass4web' with the /callback_user_auth redirect URI, and user testuser/testpass - both backends are testable with zero manual setup.
fe30e0f to
890b288
Compare
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Fixes #312.
What
Optional
openldapandkeycloakservices in docker-compose.yml for testing the LDAP and OIDC auth backends — disabled by default, enabled by removing the comment markers from the block you need. Matching config.yml snippets are documented inline..env.exampleholds all example credentials (LDAP root/admin/test user, Keycloak admin, OIDC client id/secret);cp .env.example .envand compose picks it up automatically (.envis gitignored)start-dev --import-realmimportstests/keycloak/realm.json— realmkeepass, confidential clientkeepass4webwith the/callback_user_authredirect URIs, and usertestuser/testpass. OIDC is testable with zero admin-console setup.envValidation (all live)
docker compose configresolves every variable from the example envrealms/keepassdiscovery endpoint serves ~5s after start/authenticatedreturns the PKCE redirect → Keycloak login form → credential POST → 302 to/callback_user_auth→ code exchange + ID-token validation → session established (cn: testuser)ldapsearchconfirms the seeded user; login flow verified earlier in this series