I have the following environment:
So, backend app has env KEYCLOAK_URL and it uses for both apps (front and back), and this URL is not available on the host (in browser) because url has docker bridge internal ip
When user visits front app, front app makes getUser request to backend and it returns keyCloak auth URL for login from env KEYCLOAK_URL, but this Url is not accsessable from browser
Does anyone have experience or suggestion how to solve this problem?
docker-compose.yml
version: '3.7'
networks:
net:
driver: bridge
external: false
name: test-net
services:
postgres-db:
image: postgres:13.1
container_name: postgres-db
networks:
- net
ports:
- 5432:5432
volumes:
- ./init-postgresql.sql:/docker-entrypoint-initdb.d/1-init.sql:ro
- ./postgres-data:/var/lib/postgresql/data:rw
environment:
LC_ALL: 'C.UTF-8'
POSTGRES_USER: postgres
POSTGRES_PASSWORD: postgres
POSTGRES_HOST: postgres-db
POSTGRES_DB: postgres
PGDATA: /var/lib/postgresql/data
restart: unless-stopped
keycloak:
image: quay.io/keycloak/keycloak:11.0.2
container_name: keycloak
hostname: keycloak
command: -Dkeycloak.profile.feature.upload_scripts=enabled
networks:
- net
ports:
- 8180:8080
environment:
KEYCLOAK_USER: admin
KEYCLOAK_PASSWORD: admin
DB_VENDOR: POSTGRES
DB_ADDR: postgres-db
DB_USER: postgres
DB_PASSWORD: postgres
DB_DATABASE: keycloak
DB_SCHEMA: public
depends_on:
- postgres-db
restart: unless-stopped
app:
image: app
container_name: app
depends_on:
- keycloak
networks:
- net
ports:
- 8083:8083
environment:
KEYCLOAK_URL: http://keycloak:8080/auth
restart: unless-stopped
I tried another option with transferring the spring boot app to the docker host network and changing KEYCLOAK_URL to localhost:8180, but host networking is not supported in Windows Docker Desktop
There are two Options
1: make the keycloak url public and work with keycloaks internal login form and login flow
2: build your own login form in frontend and connect your backend with the keycloak rest api for login, tokens, roles, ...