Merge pull request #2094 from rabbitmq/use-versioned-oauth2-tutorial

OAuth2 examples for Next version should link to appropriate oauth2 tutorial branch

Author: michaelklishin

docs/oauth2-examples-auth0.md

@@ -32,7 +32,7 @@ and Auth0 as Authorization Server using the following flows:
 
 * Have an [Auth0](https://auth0.com/) account
 * Docker
-* A local clone of a [GitHub repository](https://github.com/rabbitmq/rabbitmq-oauth2-tutorial) that contains all the configuration files and scripts used on this example
+* A local clone of a [GitHub repository](https://github.com/rabbitmq/rabbitmq-oauth2-tutorial/tree/next) for branch `next` that contains all the configuration files and scripts used on this example.
 
 ## Create RabbitMQ API
 
@@ -115,7 +115,7 @@ called `audience` whose value matches the value of `auth_oauth2.resource_server_
 Earlier RabbitMQ versions always sent this URI parameter. If this additional URI parameter is not configured,
 Auth0 will consider the token invalid and RabbitMQ will display "No authorized" for error.
 
-These [two configuration lines](https://github.com/rabbitmq/rabbitmq-oauth2-tutorial/blob/main/conf/auth0/rabbitmq.conf.tmpl#L8-L9)
+These [two configuration lines](https://github.com/rabbitmq/rabbitmq-oauth2-tutorial/blob/next/conf/auth0/rabbitmq.conf.tmpl#L8-L9)
 configure the `audience` parameter with the value `rabbitmq`.
 
 :::

docs/oauth2-examples-entra-id/index.md

@@ -32,7 +32,7 @@ and Microsoft Entra ID as Authorization Server using the following flows:
 * Have an account in https://portal.azure.com.
 * Docker
 * Openssl
-* A local clone of a [GitHub repository](https://github.com/rabbitmq/rabbitmq-oauth2-tutorial) that contains all the configuration files and scripts used on this example
+* A local clone of a [GitHub repository](https://github.com/rabbitmq/rabbitmq-oauth2-tutorial/tree/next) for branch `next` that contains all the configuration files and scripts used on this example.
 
 ## Register your app
 
@@ -183,7 +183,7 @@ For more information, check out Microsoft Entra documentation about [configuring
 
 The configuration on **Entra ID** side is done. Next, configure RabbitMQ to use these resources.
 
-Clone [rabbitmq.conf.tmpl](https://github.com/rabbitmq/rabbitmq-oauth2-tutorial/tree/main/conf/entra/rabbitmq.conf.tmpl) from the tutorial repository
+Clone [rabbitmq.conf.tmpl](https://github.com/rabbitmq/rabbitmq-oauth2-tutorial/tree/next/conf/entra/rabbitmq.conf.tmpl) from the tutorial repository
 to `rabbitmq.conf`. It must be in the same directory as `rabbitmq.conf.tmpl`.
 
 Edit the new `rabbitmq.conf` file and proceed as follows:

docs/oauth2-examples-google.md

@@ -27,7 +27,7 @@ The main reason is because it does not issue JWT access tokens
 but opaque access tokens. To support opaque access tokens, RabbitMQ would have to issue an
 external HTTP request to convert the opaque access token into a JWT access token.
 
-Under the [`/conf/google`](https://github.com/rabbitmq/rabbitmq-oauth2-tutorial/tree/main/conf/google) folder you can find the configuration used to connect the
+Under the [`/conf/google`](https://github.com/rabbitmq/rabbitmq-oauth2-tutorial/tree/next/conf/google) folder you can find the configuration used to connect the
 RabbitMQ management UI with Google OAuth 2.0 endpoints. With this configuration,
 you can get to a point where the user is authenticated by Google, and eventually
 you get the error message in the RabbitMQ Management UI "Not Authorized".

docs/oauth2-examples-keycloak.md

@@ -32,7 +32,7 @@ and Keycloak as Authorization Server using the following flows:
 
 * Docker
 * make
-* A local clone of a [GitHub repository](https://github.com/rabbitmq/rabbitmq-oauth2-tutorial) that contains all the configuration files and scripts used on this example
+* A local clone of a [GitHub repository](https://github.com/rabbitmq/rabbitmq-oauth2-tutorial/tree/next) for branch `next` that contains all the configuration files and scripts used on this example
 
 ## Deploy Keycloak
 
@@ -54,7 +54,7 @@ management api and `producer` to access via AMQP protocol.
 
 ## Start RabbitMQ
 
-Run the command below to start RabbitMQ configured with the **Keycloak** server we started in the previous section: This is the [rabbitmq.conf](https://github.com/rabbitmq/rabbitmq-oauth2-tutorial/blob/main/conf/keycloak/rabbitmq.conf) used for **Keycloak**.
+Run the command below to start RabbitMQ configured with the **Keycloak** server we started in the previous section: This is the [rabbitmq.conf](https://github.com/rabbitmq/rabbitmq-oauth2-tutorial/blob/next/conf/keycloak/rabbitmq.conf) used for **Keycloak**.
 ```bash
 export MODE=keycloak
 make start-rabbitmq
@@ -84,7 +84,7 @@ make start-perftest-producer-with-token PRODUCER=producer TOKEN=$(bin/keycloak/t
 
 In the following information, OAuth 2.0 authentication is tested with the AMQP protocol and the Pika library. These tests specifically demonstrate how to refresh a token on a live AMQP connection.
 
-The sample Python application [can be found on GitHub](https://github.com/rabbitmq/rabbitmq-oauth2-tutorial/tree/main/pika-client).
+The sample Python application [can be found on GitHub](https://github.com/rabbitmq/rabbitmq-oauth2-tutorial/tree/next/pika-client).
 
 To run this sample code proceed as follows:
 ```bash

docs/oauth2-examples-multiresource.md

@@ -30,7 +30,7 @@ and several OAuth resources using the following flows:
 ## Prerequisites
 
 * Docker
-* A local clone of a [GitHub repository](https://github.com/rabbitmq/rabbitmq-oauth2-tutorial) that contains all the configuration files and scripts used on this example
+* A local clone of a [GitHub repository](https://github.com/rabbitmq/rabbitmq-oauth2-tutorial/tree/next) for branch `next` that contains all the configuration files and scripts used on this example
 
 ## Single OAuth 2.0 vs Multiple OAuth 2.0 resources
 
@@ -52,7 +52,7 @@ As both teams are registered in the same OAuth2 server you are going to configur
 
 ### Test applications accessing AMQP protocol with their own audience
 
-This is a summary of the configuration, found in [rabbitmq.scenario1.conf](https://github.com/rabbitmq/rabbitmq-oauth2-tutorial/blob/main/conf/multi-keycloak/rabbitmq.scenario1.conf):
+This is a summary of the configuration, found in [rabbitmq.scenario1.conf](https://github.com/rabbitmq/rabbitmq-oauth2-tutorial/blob/next/conf/multi-keycloak/rabbitmq.scenario1.conf):
 
 There are two OAuth2 clients (`prod_producer` and `dev_producer`) declared in Keycloak and configured to access their respective audience: `rabbit_prod` and `rabbit_dev`.
 The RabbitMQ OAuth 2 plugin is configured like so:
@@ -91,7 +91,7 @@ Follow these steps to deploy Keycloak and RabbitMQ:
     It is recommended to follow the logs until keycloak is fully initialized: `docker logs keycloak -f`
     :::
 
-2. Launch RabbitMQ with [rabbitmq.scenario1.conf](https://github.com/rabbitmq/rabbitmq-oauth2-tutorial/blob/main/conf/multi-keycloak/rabbitmq.scenario1.conf):
+2. Launch RabbitMQ with [rabbitmq.scenario1.conf](https://github.com/rabbitmq/rabbitmq-oauth2-tutorial/blob/next/conf/multi-keycloak/rabbitmq.scenario1.conf):
 
     ```bash
     MODE="multi-keycloak" CONF="rabbitmq.scenario1.conf" make start-rabbitmq
@@ -198,7 +198,7 @@ This scenario uses the same OAuth 2.0 provider called **keycloak**, however, thi
 	- `prod_producer` with the audience `rabbit_prod` (password: `PdLHb1w8RH1oD5bpppgy8OF9G6QeRpL9`).
 	- `rabbit_prod_admin` (password: `rabbit_prod_admin`).
 
-Despite there is only one physical OAuth provider, you need to configure RabbitMQ with two OAuth 2.0 providers. Each tenant has its own `issuer` url. This is the configuration file used for this scenario is  [rabbitmq.scenario2.conf](https://github.com/rabbitmq/rabbitmq-oauth2-tutorial/blob/main/conf/multi-keycloak/rabbitmq.scenario2.conf). For convenience here is the relevant part:
+Despite there is only one physical OAuth provider, you need to configure RabbitMQ with two OAuth 2.0 providers. Each tenant has its own `issuer` url. This is the configuration file used for this scenario is  [rabbitmq.scenario2.conf](https://github.com/rabbitmq/rabbitmq-oauth2-tutorial/blob/next/conf/multi-keycloak/rabbitmq.scenario2.conf). For convenience here is the relevant part:
 ```ini
 ...
 ## Oauth providers
@@ -296,7 +296,7 @@ This scenario uses two separate OAuth 2.0 providers called `devkeycloak` and `pr
 	- `prod_producer` with the audience `rabbit_prod` (password: `PdLHb1w8RH1oD5bpppgy8OF9G6QeRpL9`).
 	- `rabbit_prod_admin` (password: `rabbit_prod_admin`).
 
-Check out the section `oauth_providers` in the configuration file [rabbitmq.scenario3.conf](https://github.com/rabbitmq/rabbitmq-oauth2-tutorial/blob/main/conf/multi-keycloak/rabbitmq.scenario3.conf) used by this scenario. Like in the scenario 2, there are two OAuth providers however this time the URL refers to two different hostnames. For convenience here is the relevant part:
+Check out the section `oauth_providers` in the configuration file [rabbitmq.scenario3.conf](https://github.com/rabbitmq/rabbitmq-oauth2-tutorial/blob/next/conf/multi-keycloak/rabbitmq.scenario3.conf) used by this scenario. Like in the scenario 2, there are two OAuth providers however this time the URL refers to two different hostnames. For convenience here is the relevant part:
 
 ```ini
 ...

docs/oauth2-examples-okta.md

@@ -30,8 +30,7 @@ and Okta as Authorization Server using the following flows:
 
 * Have an [Okta account](https://www.okta.com)
 * Docker
-* `git clone https://github.com/rabbitmq/rabbitmq-oauth2-tutorial`. This github repository
-contains all the configuration files and scripts used on this example
+*  A local clone of a [GitHub repository](https://github.com/rabbitmq/rabbitmq-oauth2-tutorial/tree/next) for branch `next` that contains all the configuration files and scripts used on this example.
 
 
 ## Create your app integration in Okta UI
@@ -195,10 +194,10 @@ For that, you will need the following values from the previous steps:
 * **okta-Issuer**: the **default Authorization server**
 * **okta-Metadata-URI**: the **default Authorization server**
 
-Copy [rabbitmq.conf.tmpl](https://github.com/rabbitmq/rabbitmq-oauth2-tutorial/tree/main/conf/okta/rabbitmq.conf.tmpl) from the tutorial repository
+Copy [rabbitmq.conf.tmpl](https://github.com/rabbitmq/rabbitmq-oauth2-tutorial/tree/next/conf/okta/rabbitmq.conf.tmpl) from the tutorial repository
 to `rabbitmq.conf`. It must be in the same directory as `rabbitmq.conf.tmpl`.
 
-There is a second configuration file, [advanced.config](https://github.com/rabbitmq/rabbitmq-oauth2-tutorial/tree/main/conf/okta/advanced.config),
+There is a second configuration file, [advanced.config](https://github.com/rabbitmq/rabbitmq-oauth2-tutorial/tree/next/conf/okta/advanced.config),
 that will not need any modifications. This is the RabbitMQ [advanced configuration file](./configure/) where RabbitMQ scopes are mapped to the permissions previously configured in Okta.
 
 Edit `rabbitmq.conf` and proceed as follows:

docs/oauth2-examples-proxy.md

@@ -43,7 +43,7 @@ Let's test the following flow:
 
 * Docker
 * make
-* A local clone of a [GitHub repository](https://github.com/rabbitmq/rabbitmq-oauth2-tutorial) that contains all the configuration files and scripts used on this example
+* A local clone of a [GitHub repository](https://github.com/rabbitmq/rabbitmq-oauth2-tutorial/tree/next) for branch `next` that contains all the configuration files and scripts used on this example.
 
 ## Deploy Keycloak
 
@@ -52,7 +52,7 @@ Deploy Keycloak by running the following command:
 make start-keycloak
 ```
 
-Note: Keycloak is preconfigured with the required scopes, users, and clients. It is configured with its own signing key and the [rabbitmq.conf](https://github.com/rabbitmq/rabbitmq-oauth2-tutorial/tree/main/conf/oauth2-proxy/rabbitmq.conf) file is also configured with the same signing key.
+Note: Keycloak is preconfigured with the required scopes, users, and clients. It is configured with its own signing key and the [rabbitmq.conf](https://github.com/rabbitmq/rabbitmq-oauth2-tutorial/tree/next/conf/oauth2-proxy/rabbitmq.conf) file is also configured with the same signing key.
 
 To access Keycloak Management UI, go to http://0.0.0.0:8080/ and enter `admin` as username and password.
 
@@ -65,7 +65,7 @@ There is a dedicated **Keycloak realm** called `Test` configured as follows:
 ## Start RabbitMQ
 
 To start RabbitMQ run the following two commands. The first one tells RabbitMQ to pick up the
-rabbitmq.conf found under [conf/oauth2-proxy/rabbitmq.conf](https://github.com/rabbitmq/rabbitmq-oauth2-tutorial/tree/main/conf/oauth2-proxy/rabbitmq.conf)
+rabbitmq.conf found under [conf/oauth2-proxy/rabbitmq.conf](https://github.com/rabbitmq/rabbitmq-oauth2-tutorial/tree/next/conf/oauth2-proxy/rabbitmq.conf)
 
 ```
 export MODE=oauth2-proxy
@@ -74,7 +74,7 @@ make start-rabbitmq
 
 **NOTE**: Oauth2 Proxy requires that the `aud` claim matches the client's id. However, RabbitMQ requires the
 `aud` field to match `rabbitmq` which is the designated `resource_server_id`. Given that it has been
-impossible to configure keycloak with both values, [rabbitmq.conf](https://github.com/rabbitmq/rabbitmq-oauth2-tutorial/tree/main/conf/oauth2-proxy/rabbitmq.conf) has
+impossible to configure keycloak with both values, [rabbitmq.conf](https://github.com/rabbitmq/rabbitmq-oauth2-tutorial/tree/next/conf/oauth2-proxy/rabbitmq.conf) has
 the setting below which disables validation of the audience claim.
 
 ```ini
@@ -90,7 +90,7 @@ To start OAuth2 Proxy, run the following command:
 make start-oauth2-proxy
 ```
 
-Oauth2 Proxy is configured using [Alpha configuration](https://github.com/rabbitmq/rabbitmq-oauth2-tutorial/tree/main/conf/oauth2-proxy/alpha-config.yaml). This type of configuration inserts the access token into the HTTP **Authorization** header.
+Oauth2 Proxy is configured using [Alpha configuration](https://github.com/rabbitmq/rabbitmq-oauth2-tutorial/tree/next/conf/oauth2-proxy/alpha-config.yaml). This type of configuration inserts the access token into the HTTP **Authorization** header.
 
 
 ## Access [management UI](./management/)