Comment on page
Custom Keycloak Build
SunbirdRC uses a custom keycloak image which is configured to enable/disable NONCE validation. The required changes are made in this repository, https://github.com/Sunbird-RC/keycloak/tree/configurable-nonce-validation.
NONCE validation is default enabled in keycloak, to turn off the validation
VALIDATE_NONCE
should be set to "false".
This configuration is not provided by keycloak by default even in the latest version. We have configured this change, particularly for enabling Digilocker Meripehchaan SSO (Task: https://github.com/Sunbird-RC/community/issues/593).
- JAVA 11 (tested with 11.0.8)
- Maven
- Clone https://github.com/Sunbird-RC/keycloak/tree/configurable-nonce-validation the repository (Contains the source code)
- Run the below command to generate the distribution jar. Reference https://github.com/Sunbird-RC/keycloak/blob/configurable-nonce-validation/docs/building.md
mvn clean install -Pdistribution
- The above command should create
keycloak-14.0.0.tar.gz
indistribution/server-dist/target
directory
- Clone https://github.com/keycloak/keycloak-containers/tree/main/ the repository (Contains the build files)
git checkout 14.0.0
cd server
- Run a Python HTTP server in the keycloak repo to access the distributed jar file.
python -m http.server 8001
- Build the keycloak docker image,
docker build -t sunbirdrc/keycloak --build-arg KEYCLOAK_DIST=http://<YOUR_IP_ADDRESS>:8001/keycloak-14.0.0.tar.gz .
- Tag the new docker image and publish it to dockerhub / docker registry