Demonstrate how to use OIDC with PKCE with keycloak, fastapi and angular.
Install miniconda and install the environment with conda env create -f environment.yml.
Update with conda env update -f environment.yml.
Install pre-commit hooks: pre-commit install.
Start keycloak.
Start the python api server with python -m fastapi_oidc.main. Documentation on using
SwaggerUI can be found in fastapi oidc.
Then start the angular app.
See keycloak.
OpenID Connect Provider (Authentication Server, supports PKCE):
OpenID Connect Relying Party (Client, e.g.Webapp, supports PKCE):
Angular OIDC Client (supports PKCE):
React OIDC (based upon certified oidc-client-js):
OpenID Connect:
- OpenID Connect Documentation
- Certified OpenID Connect Implementations
- OAuth 2.0 and OpenID Connect Overview (Okta)
- An Illustrated Guide to OAuth and OpenID Connect (Okta)
- Implement the OAuth 2.0 Authorization Code with PKCE Flow (Okta)
Validation of the Access Token
- Validating Access Tokens (Auth0)
- Token Introspection Endpoint (Okta)
- mircoprofile-jwt for Interoperability between Identity and Service Providers
Keycloak:
JWT: