Skip to content

Commit

Permalink
docs: complete getting started
Browse files Browse the repository at this point in the history
Signed-off-by: Pat Losoponkul <[email protected]>
  • Loading branch information
Pat Losoponkul committed Jun 12, 2024
1 parent 2b24b11 commit d86baf5
Showing 1 changed file with 16 additions and 15 deletions.
31 changes: 16 additions & 15 deletions README.md
Original file line number Diff line number Diff line change
Expand Up @@ -2,16 +2,15 @@

![CI](https://github.com/hyperledger/identus-keycloak-plugins/actions/workflows/unit-tests.yml/badge.svg)

## Overview
# Overview

This repository provides a Keycloak Plugin that extends Keycloak's functionality to handle Self-Sovereign Identity (SSI) tasks, including OpenID for verifiable credential issuance.
The plugin is designed to integrate with the Identus cloud agent, enabling a comprehensive SSI ecosystem.

## Getting started
# Getting started

### Using published docker image
## Using published docker image

__Default Keycloak plugin image__
### Default Keycloak plugin image

The plugin is available as a pre-bundled Docker image.
This image includes Keycloak and the plugin enabled for basic use cases.
Expand Down Expand Up @@ -39,7 +38,7 @@ services:
# Identus cloud agent and other services below
```

__Customized Keycloak plugin image__
### Customized Keycloak plugin image

In many cases, Keycloak customization is necessary for branding or to meet custom
authentication and authorization requirements. The default plugin image can be used
Expand All @@ -48,38 +47,40 @@ create a customized Keycloak image.

The image contains plugin JARs in `/opt/keycloak/providers` directory

For example
Example `Dockerfile`

```
FROM ghcr.io/hyperledger/identus-keycloak-plugins:0.1.0 AS dist
FROM quay.io/keycloak/keycloak:23.0.7
COPY --from=dist /opt/keycloak/providers/<PLUGIN_FILE>.jar /opt/keycloak/providers/<PLUGIN_FILE>.jar
# customized and copy assets / provideres
COPY ./
# more steps to customize assets / themes / providers
RUN /opt/keycloak/bin/kc.sh build
ENTRYPOINT [ "/opt/keycloak/bin/kc.sh" ]
```

Please refer to official [Keycloak documentation](https://www.keycloak.org/server/containers) for comprehensive image customization.

### Using published JAR

TODO
## Using published JAR

Each plugin is available individually on [Github maven packages](https://github.com/orgs/hyperledger/packages?repo_name=identus-keycloak-plugins),
enabling easy integration with your build process and fine-grained control over which plugins are included.

## Available Plugins

### `identus-keycloak-oid4vci`
# Available Plugins

## `identus-keycloak-oid4vci`

Extends Keycloak for integration with Identus cloud agent in [OID4VCI](https://openid.net/specs/openid-4-verifiable-credential-issuance-1_0.html) flow.
The Keycloak instance to use this is the Issuer Authorization Server where the plugin takes care of
the OpenID extension in the issuance flow.
The plugin supports the Authorization Endpoint and Token Endpoint according to the specification.
Additionally, the plugin communicates with the cloud agent during holder authorization to coordinate the issuance session.

#### Features
### Features

- [Authorization code flow](https://openid.net/specs/openid-4-verifiable-credential-issuance-1_0.html#name-authorization-code-flow)
- _AuthorizationRequest_ supported parameters
Expand All @@ -90,7 +91,7 @@ Additionally, the plugin communicates with the cloud agent during holder authori
- [Pre-authorized-code flow](https://openid.net/specs/openid-4-verifiable-credential-issuance-1_0.html#name-pre-authorized-code-flow)
- Not yet supported

#### Environment Variables
### Environment Variables

|Name|Description|
|-|-|
Expand Down

0 comments on commit d86baf5

Please sign in to comment.