nextml-code
diff --git a/‎.github/workflows/publish.yml
Lines changed: 1 addition & 4 deletions b/‎.github/workflows/publish.yml
Lines changed: 1 addition & 4 deletions
diff --git a/‎example/Dockerfile
Lines changed: 25 additions & 0 deletions b/‎example/Dockerfile
Lines changed: 25 additions & 0 deletions
diff --git a/‎example/README.md
Lines changed: 17 additions & 0 deletions b/‎example/README.md
Lines changed: 17 additions & 0 deletions
diff --git a/‎example/app/config.py
Lines changed: 11 additions & 0 deletions b/‎example/app/config.py
Lines changed: 11 additions & 0 deletions
diff --git a/‎example/app/main.py
Lines changed: 4 additions & 3 deletions b/‎example/app/main.py
Lines changed: 4 additions & 3 deletions
diff --git a/‎example/docker-compose.yml
Lines changed: 19 additions & 18 deletions b/‎example/docker-compose.yml
Lines changed: 19 additions & 18 deletions
@@ -17,7 +17,7 @@ jobs:
         uses: actions/setup-python@v1
         with:
           python-version: ${{ matrix.python-version }}
-      
+
       - name: Install Task
         uses: arduino/setup-task@v1
 
@@ -38,9 +38,6 @@ jobs:
         if: steps.cached-poetry-dependencies.outputs.cache-hit != 'true'
         run: poetry install --no-interaction --no-root
 
-      - name: Install library
-        run: poetry install --no-interaction
-
       - name: Run CI
         run: task ci
 
 
@@ -0,0 +1,25 @@
+# syntax=docker/dockerfile:experimental
+FROM python:3.8.8
+
+RUN apt-get update \
+    && apt-get install -y \
+        gcc \
+        ffmpeg \
+        libsm6 \
+        libxext6 \
+        git \
+        curl
+
+RUN curl -sSL https://raw.githubusercontent.com/python-poetry/poetry/master/get-poetry.py | python -
+
+WORKDIR /app
+COPY pyproject.toml .
+COPY poetry.lock .
+
+RUN ~/.poetry/bin/poetry install
+
+COPY app app
+
+EXPOSE 8000
+
+CMD ["/root/.poetry/bin/poetry", "run", "python", "-m", "app.main", "--host", "0.0.0.0", "--port", "8000", "--workers", "1"]
@@ -0,0 +1,17 @@
+# Example with keycloak
+
+## Setup your realm
+
+1. Start up keycloak with `docker-compose up` (the fastapi app will crash since
+   we do not have a realm yet).
+2. Log into keycloak at http://localhost:8080 with username/password `admin/admin`.
+3. Create a realm `my-realm`. This will set your `openid_connect_url` to `http://localhost:8080/auth/realms/my-realm/.well-known/openid-configuration`
+   and your issuer to `http://localhost:8080/auth/realms/my-realm`.
+4. Allow implicit flow (in order for login in interactive docs to work).
+5. Create a user and add credentials (password).
+
+## Login into docs with your credentials
+
+1. Kill app and then restart with `docker-compose up`.
+2. Go to `http://localhost:8000/docs` and login with your credentials by
+   clicking `authorize` in the top right corner.
@@ -0,0 +1,11 @@
+from pydantic import BaseSettings
+from pydantic import Field
+
+
+class Config(BaseSettings):
+    openid_connect_url: str = Field(..., env="AUTH_OPENID_CONNECT_URL")
+    issuer: str = Field(..., env="AUTH_ISSUER")
+    client_id: str = Field(..., env="AUTH_CLIENT_ID")
+
+
+config = Config()
@@ -1,6 +1,7 @@
 from typing import Optional
 
 import uvicorn
+from app.config import config
 from fastapi import Depends
 from fastapi import FastAPI
 from fastapi import Security
@@ -12,9 +13,9 @@
 from fastapi_third_party_auth import KeycloakIDToken
 
 auth = Auth(
-    openid_connect_url="http://localhost:8080/auth/realms/my-realm/.well-known/openid-configuration",
-    issuer="http://localhost:8080/auth/realms/my-realm",  # optional, verification only
-    client_id="my-client",  # optional, verification only
+    openid_connect_url=config.openid_connect_url,
+    issuer=config.issuer,  # optional, verification only
+    client_id=config.client_id,  # optional, verification only
     scopes=["email"],  # optional, verification only
     idtoken_model=KeycloakIDToken,  # optional, verification only
 )
 
@@ -1,17 +1,14 @@
-version: '3'
+version: "3"
 
 services:
-
-#   test-fastapi-keycloak:
-#     build:
-#       context: .
-#       dockerfile: Dockerfile
-#     restart: always
-#     depends_on:
-#       - keycloak
-#       # keycloak:
-#       #   condition: service_healthy
-#     network_mode: host
+  test-fastapi-keycloak:
+    build:
+      context: .
+      dockerfile: Dockerfile
+    depends_on:
+      keycloak:
+        condition: service_healthy
+    network_mode: host
 
   keycloak:
     image: jboss/keycloak:15.0.2
@@ -26,16 +23,20 @@ services:
       - DB_PASSWORD=password
       - KEYCLOAK_USER=admin
       - KEYCLOAK_PASSWORD=admin
-      - KEYCLOAK_IMPORT=/tmp/my-realm-export.json
     ports:
       - 8080:8080
     depends_on:
       - keycloak-postgres
-    # healthcheck:
-    #   test: ["CMD", "curl", "-f", "http://keycloak:8080"]
-    #   interval: 10s
-    #   timeout: 10s
-    #   retries: 2
+    environment:
+      - AUTH_OPENID_CONNECT_URL=http://localhost:8080/auth/realms/my-realm/.well-known/openid-configuration
+      - AUTH_ISSUER=http://localhost:8080/auth/realms/my-realm
+      - AUTH_CLIENT_ID=my-client
+    healthcheck:
+      test: "curl http://localhost:8080"
+      interval: 30s
+      timeout: 30s
+      retries: 3
+      start_period: 2m
 
   keycloak-postgres:
     image: postgres:13.4-alpine3.14