doc: readme for example

HarryMWinters · Dec 4, 2021 · 927ed51 · 927ed51
1 parent 5e322d4
commit 927ed51
Show file tree

Hide file tree

Showing 11 changed files with 108 additions and 1,930 deletions.
diff --git a/.github/workflows/publish.yaml b/.github/workflows/publish.yaml
@@ -17,7 +17,7 @@ jobs:
         uses: actions/setup-python@v1
         with:
           python-version: ${{ matrix.python-version }}
-      
+
       - name: Install Task
         uses: arduino/setup-task@v1
 
@@ -38,9 +38,6 @@ jobs:
         if: steps.cached-poetry-dependencies.outputs.cache-hit != 'true'
         run: poetry install --no-interaction --no-root
 
-      - name: Install library
-        run: poetry install --no-interaction
-
       - name: Run CI
         run: task ci
 

diff --git a/.readthedocs.yml b/.readthedocs.yml
@@ -0,0 +1,12 @@
+version: 2
+
+sphinx:
+  configuration: docs/conf.py
+
+python:
+  version: 3.8
+  install:
+    - method: pip
+      path: .
+      extra_requirements:
+        - docs
diff --git a/example/.python-version b/example/.python-version
@@ -0,0 +1 @@
+3.8.8
diff --git a/example/Dockerfile b/example/Dockerfile
@@ -0,0 +1,25 @@
+# syntax=docker/dockerfile:experimental
+FROM python:3.8.8
+
+RUN apt-get update \
+    && apt-get install -y \
+        gcc \
+        ffmpeg \
+        libsm6 \
+        libxext6 \
+        git \
+        curl
+
+RUN curl -sSL https://raw.githubusercontent.com/python-poetry/poetry/master/get-poetry.py | python -
+
+WORKDIR /app
+COPY pyproject.toml .
+COPY poetry.lock .
+
+RUN ~/.poetry/bin/poetry install
+
+COPY app app
+
+EXPOSE 8000
+
+CMD ["/root/.poetry/bin/poetry", "run", "python", "-m", "app.main", "--host", "0.0.0.0", "--port", "8000", "--workers", "1"]
diff --git a/example/README.md b/example/README.md
@@ -0,0 +1,17 @@
+# Example with keycloak
+
+## Setup your realm
+
+1. Start up keycloak with `docker-compose up` (the fastapi app will crash since
+   we do not have a realm yet).
+2. Log into keycloak at http://localhost:8080 with username/password `admin/admin`.
+3. Create a realm `my-realm`. This will set your `openid_connect_url` to `http://localhost:8080/auth/realms/my-realm/.well-known/openid-configuration`
+   and your issuer to `http://localhost:8080/auth/realms/my-realm`.
+4. Allow implicit flow (in order for login in interactive docs to work).
+5. Create a user and add credentials (password).
+
+## Login into docs with your credentials
+
+1. Kill app and then restart with `docker-compose up`.
+2. Go to `http://localhost:8000/docs` and login with your credentials by
+   clicking `authorize` in the top right corner.
diff --git a/example/app/config.py b/example/app/config.py
@@ -0,0 +1,11 @@
+from pydantic import BaseSettings
+from pydantic import Field
+
+
+class Config(BaseSettings):
+    openid_connect_url: str = Field(..., env="AUTH_OPENID_CONNECT_URL")
+    issuer: str = Field(..., env="AUTH_ISSUER")
+    client_id: str = Field(..., env="AUTH_CLIENT_ID")
+
+
+config = Config()
diff --git a/example/app/main.py b/example/app/main.py
@@ -1,6 +1,7 @@
 from typing import Optional
 
 import uvicorn
+from app.config import config
 from fastapi import Depends
 from fastapi import FastAPI
 from fastapi import Security
@@ -12,9 +13,9 @@
 from fastapi_oidc import KeycloakIDToken
 
 auth = Auth(
-    openid_connect_url="http://localhost:8080/auth/realms/my-realm/.well-known/openid-configuration",
-    issuer="http://localhost:8080/auth/realms/my-realm",  # optional, verification only
-    client_id="my-client",  # optional, verification only
+    openid_connect_url=config.openid_connect_url,
+    issuer=config.issuer,  # optional, verification only
+    client_id=config.client_id,  # optional, verification only
     scopes=["email"],  # optional, verification only
     idtoken_model=KeycloakIDToken,  # optional, verification only
 )

diff --git a/example/docker-compose.yml b/example/docker-compose.yml
@@ -1,17 +1,14 @@
-version: '3'
+version: "3"
 
 services:
-
-#   test-fastapi-keycloak:
-#     build:
-#       context: .
-#       dockerfile: Dockerfile
-#     restart: always
-#     depends_on:
-#       - keycloak
-#       # keycloak:
-#       #   condition: service_healthy
-#     network_mode: host
+  test-fastapi-keycloak:
+    build:
+      context: .
+      dockerfile: Dockerfile
+    depends_on:
+      keycloak:
+        condition: service_healthy
+    network_mode: host
 
   keycloak:
     image: jboss/keycloak:15.0.2
@@ -26,16 +23,20 @@ services:
       - DB_PASSWORD=password
       - KEYCLOAK_USER=admin
       - KEYCLOAK_PASSWORD=admin
-      - KEYCLOAK_IMPORT=/tmp/my-realm-export.json
     ports:
       - 8080:8080
     depends_on:
       - keycloak-postgres
-    # healthcheck:
-    #   test: ["CMD", "curl", "-f", "http://keycloak:8080"]
-    #   interval: 10s
-    #   timeout: 10s
-    #   retries: 2
+    environment:
+      - AUTH_OPENID_CONNECT_URL=http://localhost:8080/auth/realms/my-realm/.well-known/openid-configuration
+      - AUTH_ISSUER=http://localhost:8080/auth/realms/my-realm
+      - AUTH_CLIENT_ID=my-client
+    healthcheck:
+      test: "curl http://localhost:8080"
+      interval: 30s
+      timeout: 30s
+      retries: 3
+      start_period: 2m
 
   keycloak-postgres:
     image: postgres:13.4-alpine3.14