我有以下环境:
因此,后端应用程序具有 env KEYCLOAK_URL 并且它用于两个应用程序(前端和后端),并且该 URL 在主机(在浏览器中)上不可用,因为 url 具有 docker 桥内部 ip
当用户访问前端应用程序时,前端应用程序向后端发出 getUser 请求并返回 用于从 env KEYCLOAK_URL 登录的 keyCloak 身份验证 URL,但该 URL 无法从浏览器访问
有人有解决这个问题的经验或建议吗?
docker-compose.yml
version: '3.7'
networks:
net:
driver: bridge
external: false
name: test-net
services:
postgres-db:
image: postgres:13.1
container_name: postgres-db
networks:
- net
ports:
- 5432:5432
volumes:
- ./init-postgresql.sql:/docker-entrypoint-initdb.d/1-init.sql:ro
- ./postgres-data:/var/lib/postgresql/data:rw
environment:
LC_ALL: 'C.UTF-8'
POSTGRES_USER: postgres
POSTGRES_PASSWORD: postgres
POSTGRES_HOST: postgres-db
POSTGRES_DB: postgres
PGDATA: /var/lib/postgresql/data
restart: unless-stopped
keycloak:
image: quay.io/keycloak/keycloak:11.0.2
container_name: keycloak
hostname: keycloak
command: -Dkeycloak.profile.feature.upload_scripts=enabled
networks:
- net
ports:
- 8180:8080
environment:
KEYCLOAK_USER: admin
KEYCLOAK_PASSWORD: admin
DB_VENDOR: POSTGRES
DB_ADDR: postgres-db
DB_USER: postgres
DB_PASSWORD: postgres
DB_DATABASE: keycloak
DB_SCHEMA: public
depends_on:
- postgres-db
restart: unless-stopped
app:
image: app
container_name: app
depends_on:
- keycloak
networks:
- net
ports:
- 8083:8083
environment:
KEYCLOAK_URL: http://keycloak:8080/auth
restart: unless-stopped
我尝试了另一种选择,将 spring boot 应用程序传输到 docker 主机网络并将 KEYCLOAK_URL 更改为 localhost:8180,但 Windows Docker Desktop 不支持主机网络
有两个选项
1: 公开 keycloak url 并使用 keycloaks 内部登录表单和登录流程
2: 在前端构建您自己的登录表单,并将您的后端与用于登录、令牌、角色等的 keycloak Rest api 连接起来
I have similar problem with keycloak and reactjs application. After configuring keycloak with reactjs application in docker i am getting error "Invalid redirect url"
I tried to define following urls:
in menu
keycloak-admin-console ->
react-app-realm -> clients ->
react-app -> Valid redirect URIs :
1. "*" just wild card
2. http://localhost:3000/
3. http://host.docker.internal:80/
4. http://172.20.0.1:3000/
nothing works.
How to configure redirect uri for keycloak, if application an
Here is my docker-compose file :
volumes:
postgres_data:
driver: local
services:
react-app:
networks:
kc_demo:
image: keycloak-react-app:latest
build: .
ports:
- 3000:80
volumes:
- ./keycloak/keycloak.json:/usr/share/nginx/html/config/keycloak.json
depends_on:
- keycloak
postgres:
networks:
kc_demo:
image: postgres:13
volumes:
- postgres_data:/var/lib/postgresql/data
environment:
POSTGRES_DB: keycloak
POSTGRES_USER: keycloak
POSTGRES_PASSWORD: password
keycloak:
networks:
kc_demo:
image: quay.io/keycloak/keycloak:latest
volumes:
- ./keycloak:/tmp/import
command: start-dev
environment:
DB_VENDOR: POSTGRES
DB_ADDR: postgres
DB_DATABASE: keycloak
DB_USER: keycloak
DB_SCHEMA: public
DB_PASSWORD: password
KEYCLOAK_IMPORT: /tmp/import/realm-export.json
KEYCLOAK_ADMIN : root
KC_HOSTNAME: 172.20.0.1
KC_HOSTNAME_STRICT: false
KC_PROXY_ADDRESS_FORWARDING: true
KC_HTTP_ENABLED: true
KC_PROXY: edge
KEYCLOAK_ADMIN_PASSWORD: admin
KEYCLOAK_USER: admin
KEYCLOAK_PASSWORD: Pa55w0rd
ports:
- 8080:8080
depends_on:
- postgres
networks:
kc_demo:
driver: bridge
name: kc_demo