Wiki.js and KeyCloak with Docker #7433
Unanswered
GFreericks
asked this question in
Help / Questions
Replies: 1 comment
-
Solution: You have to use the IP-Address instead of "localhost". Maybe someone will find this helpful, someday. Greetings from germany |
Beta Was this translation helpful? Give feedback.
0 replies
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
-
Hi everyone,
I have scrolled some pages about how to do the config, but I'm not even near to a solution.
Let's begin at the Start, so that everyone should be able to recreate this (hopefully):
Remarks: I tried to use an environment-file, but it does not work, so I put in the "password" as plaintext.
5) In Docker Desktop I start the KeyCloak and the Wiki.js from the Terminal with:
D:
cd D:\Docker\Wiki
docker compose up -d
cd D:\Docker\KeyCloak
docker compose up -d
6) Now I can login to KeyCloak on "http://localhost:8080/" with "admin" and "password".
7) Next I create a Realm and name it "MyRealm".
8) In this realm I create a Client "wikijs".
9) Now one more tab for Wiki.js. It is accessable from "http://localhost". I create a Admin-Account and change the site-url to "http://localhost".
10) I go back to KeyCloak and set "Client authentication" in the "Capability Config"-Page to "On". Also I uncheck "Direct access grant".
11) In the "Login settings"-page for the wikijs-Client in the KeyCloak-Administration I fill the Root-URL with "http://localhost/" for the Wiki.
12) Back in the Wiki.js I installed the German Language-Pack.
13) I go to the authentification-page and add the strategy "Keycloak".
14) In KeyCloak where I create the Client I fill in the "Callback URL / Redirect URI" from the Wiki.js-Config-Page in the "Valid redirect URIs".
15) I saved the Client in KeyCloak and copy the "Client Secret" from KeyCloak to fill it in Wiki.js.
16) In the Keycloak-strategy-page of Wiki.js I fill in the following:
Host: http://localhost:8080
Realm: MyRealm
Client ID: wikijs
Client Secret: <<The value I copy in step 15>>
17) In KeyCloak I go to "Realm settings" and click on the "OpenID Endpoint Configuration"-Link.
Here I found some values I have to copy to Wiki.js:
The strcuture is: Config-file -> Wiki.js-Field (value)
authorization_endpoint -> Authorization Endpoint URL (http://localhost:8080/realms/MyRealm/protocol/openid-connect/auth)
token_endpoint -> Token Endpoint URL (http://localhost:8080/realms/MyRealm/protocol/openid-connect/token)
userinfo_endpoint -> User Info Endpoint URL (http://localhost:8080/realms/MyRealm/protocol/openid-connect/userinfo)
18) In Wiki.js I fill in the values from step 17 and save it.
19) As the next step I create a user "wikiuser" in KeyCloak, fill in an E-Mail, "First name", "Last name" and check the "Email verified".
20) I set the password and set "Temporary" to false.
21) I add the group "WikiGroup" and add the user "wikiuser"
22) In KeyCloak I add the role "RoleWiki" to the Client and then to the user "wikiuser".
When I now logout from Wiki.js and try to login with KeyCloak (instead of "Local"), it shows the Login for KeyCloak, but when enter the login for "wikiuser" I got "Failed to obtain access token".
And there I got stuck. I tried some other comfigurations, but this is the best solution I got.
I hope there is someone out there who have done this thousend times and easily found a solution on this one.
Maybe the description of the problem is a bit long, but I hope someone is able to reproduce my problem this way.
Greetings from germany
Gerit
Beta Was this translation helpful? Give feedback.
All reactions