[WIP] nginx-oauth2

Reference Implementation for Validating OAuth 2.0 Access Tokens with NGINX, NGINX Plus and Keycloak.

Note: We are going to add OAuth2.0 access token introspection module and examples here on top of OIDC framework for maintainability and reusability as OIDC is added authentication on top of OAuth2.0.

This repo provides the information of how to set up Keycloak, integrate with NGINX and NGINX Plus, and locally test using a containerized NGINX Plus app, a frontend simulation tool, and a NGINX API Connectivity Management.

• Getting Started
• Troubleshooting
• References

🏠 Getting Started

Set up an identity provider (IdP)

• Create and configure an app in Keycloak

Option 1. Set up and Test a Access Token Validation via NGINX Plus

• Configure NGINX Plus OIDC
• Locally Test an SSO app in a container

Option 2. Set up and Test a Access Token Validation via NGINX ACM

• Install, configure, and test OIDC via NGINX ACM

🔧 Troubleshooting

• Common Troubleshooting for NGINX OAuth2
• Troubleshooting for NGINX OAuth2 and Keycloak

📚 References

• NGINX OIDC Core v1.0: Forked from NGINX GitHub
• NGINX OIDC Core v2.0: Forked from NGINX GitHub
• NGINX Plus: Single Sign-On With Keycloak
• NGINX Management Suite
• NGINX API Connectivity Manager
• https://www.nginx.com/blog/validating-oauth-2-0-access-tokens-nginx/