Add Keycloak component

Aspire.sln

@@ -518,6 +518,22 @@ Project("{9A19103F-16F7-4668-BE54-9A1E7A4F7556}") = "Aspire.Hosting.Python.Tests
 EndProject
 Project("{9A19103F-16F7-4668-BE54-9A1E7A4F7556}") = "Aspire.Hosting.Valkey.Tests", "tests\Aspire.Hosting.Valkey.Tests\Aspire.Hosting.Valkey.Tests.csproj", "{1C16DC2D-3B79-4081-AC1E-F3F965C61216}"
 EndProject
+Project("{FAE04EC0-301F-11D3-BF4B-00C04F79EFBC}") = "Aspire.Keycloak.Authentication", "src\Components\Aspire.Keycloak.Authentication\Aspire.Keycloak.Authentication.csproj", "{C87D9F7D-300A-4880-A7E1-835772749912}"
+EndProject
+Project("{FAE04EC0-301F-11D3-BF4B-00C04F79EFBC}") = "Aspire.Hosting.Keycloak", "src\Aspire.Hosting.Keycloak\Aspire.Hosting.Keycloak.csproj", "{1F8D77E1-AF1B-4CCA-A2CB-12AB40282B40}"
+EndProject
+Project("{2150E333-8FDC-42A3-9474-1A3956D46DE8}") = "keycloak", "keycloak", "{EBC55A17-B0D6-4E0A-9DC2-7D264E96F631}"
+EndProject
+Project("{FAE04EC0-301F-11D3-BF4B-00C04F79EFBC}") = "Keycloak.ApiService", "playground\keycloak\Keycloak.ApiService\Keycloak.ApiService.csproj", "{14BA6E7B-1726-4F23-9C32-72B953BC392B}"
+EndProject
+Project("{FAE04EC0-301F-11D3-BF4B-00C04F79EFBC}") = "Keycloak.Web", "playground\keycloak\Keycloak.Web\Keycloak.Web.csproj", "{0BE14FA4-3F09-426D-BF5A-F9102D36DE33}"
+EndProject
+Project("{FAE04EC0-301F-11D3-BF4B-00C04F79EFBC}") = "Keycloak.AppHost", "playground\keycloak\Keycloak.AppHost\Keycloak.AppHost.csproj", "{C556D61C-7E11-43EC-9098-C8D170FEA905}"
+EndProject
+Project("{FAE04EC0-301F-11D3-BF4B-00C04F79EFBC}") = "Aspire.Hosting.Keycloak.Tests", "tests\Aspire.Hosting.Keycloak.Tests\Aspire.Hosting.Keycloak.Tests.csproj", "{5867BAF2-FEF0-4661-BFDE-9ADCDC2921CD}"
+EndProject
+Project("{FAE04EC0-301F-11D3-BF4B-00C04F79EFBC}") = "Aspire.Keycloak.Authentication.Tests", "tests\Aspire.Keycloak.Authentication.Tests\Aspire.Keycloak.Authentication.Tests.csproj", "{48FF09E9-7D33-4A3F-9FF2-4C43A219C7B7}"
+EndProject
 Global
 	GlobalSection(SolutionConfigurationPlatforms) = preSolution
 		Debug|Any CPU = Debug|Any CPU
@@ -1356,6 +1372,34 @@ Global
 		{1C16DC2D-3B79-4081-AC1E-F3F965C61216}.Debug|Any CPU.Build.0 = Debug|Any CPU
 		{1C16DC2D-3B79-4081-AC1E-F3F965C61216}.Release|Any CPU.ActiveCfg = Release|Any CPU
 		{1C16DC2D-3B79-4081-AC1E-F3F965C61216}.Release|Any CPU.Build.0 = Release|Any CPU
+		{C87D9F7D-300A-4880-A7E1-835772749912}.Debug|Any CPU.ActiveCfg = Debug|Any CPU
+		{C87D9F7D-300A-4880-A7E1-835772749912}.Debug|Any CPU.Build.0 = Debug|Any CPU
+		{C87D9F7D-300A-4880-A7E1-835772749912}.Release|Any CPU.ActiveCfg = Release|Any CPU
+		{C87D9F7D-300A-4880-A7E1-835772749912}.Release|Any CPU.Build.0 = Release|Any CPU
+		{1F8D77E1-AF1B-4CCA-A2CB-12AB40282B40}.Debug|Any CPU.ActiveCfg = Debug|Any CPU
+		{1F8D77E1-AF1B-4CCA-A2CB-12AB40282B40}.Debug|Any CPU.Build.0 = Debug|Any CPU
+		{1F8D77E1-AF1B-4CCA-A2CB-12AB40282B40}.Release|Any CPU.ActiveCfg = Release|Any CPU
+		{1F8D77E1-AF1B-4CCA-A2CB-12AB40282B40}.Release|Any CPU.Build.0 = Release|Any CPU
+		{14BA6E7B-1726-4F23-9C32-72B953BC392B}.Debug|Any CPU.ActiveCfg = Debug|Any CPU
+		{14BA6E7B-1726-4F23-9C32-72B953BC392B}.Debug|Any CPU.Build.0 = Debug|Any CPU
+		{14BA6E7B-1726-4F23-9C32-72B953BC392B}.Release|Any CPU.ActiveCfg = Release|Any CPU
+		{14BA6E7B-1726-4F23-9C32-72B953BC392B}.Release|Any CPU.Build.0 = Release|Any CPU
+		{0BE14FA4-3F09-426D-BF5A-F9102D36DE33}.Debug|Any CPU.ActiveCfg = Debug|Any CPU
+		{0BE14FA4-3F09-426D-BF5A-F9102D36DE33}.Debug|Any CPU.Build.0 = Debug|Any CPU
+		{0BE14FA4-3F09-426D-BF5A-F9102D36DE33}.Release|Any CPU.ActiveCfg = Release|Any CPU
+		{0BE14FA4-3F09-426D-BF5A-F9102D36DE33}.Release|Any CPU.Build.0 = Release|Any CPU
+		{C556D61C-7E11-43EC-9098-C8D170FEA905}.Debug|Any CPU.ActiveCfg = Debug|Any CPU
+		{C556D61C-7E11-43EC-9098-C8D170FEA905}.Debug|Any CPU.Build.0 = Debug|Any CPU
+		{C556D61C-7E11-43EC-9098-C8D170FEA905}.Release|Any CPU.ActiveCfg = Release|Any CPU
+		{C556D61C-7E11-43EC-9098-C8D170FEA905}.Release|Any CPU.Build.0 = Release|Any CPU
+		{5867BAF2-FEF0-4661-BFDE-9ADCDC2921CD}.Debug|Any CPU.ActiveCfg = Debug|Any CPU
+		{5867BAF2-FEF0-4661-BFDE-9ADCDC2921CD}.Debug|Any CPU.Build.0 = Debug|Any CPU
+		{5867BAF2-FEF0-4661-BFDE-9ADCDC2921CD}.Release|Any CPU.ActiveCfg = Release|Any CPU
+		{5867BAF2-FEF0-4661-BFDE-9ADCDC2921CD}.Release|Any CPU.Build.0 = Release|Any CPU
+		{48FF09E9-7D33-4A3F-9FF2-4C43A219C7B7}.Debug|Any CPU.ActiveCfg = Debug|Any CPU
+		{48FF09E9-7D33-4A3F-9FF2-4C43A219C7B7}.Debug|Any CPU.Build.0 = Debug|Any CPU
+		{48FF09E9-7D33-4A3F-9FF2-4C43A219C7B7}.Release|Any CPU.ActiveCfg = Release|Any CPU
+		{48FF09E9-7D33-4A3F-9FF2-4C43A219C7B7}.Release|Any CPU.Build.0 = Release|Any CPU
 	EndGlobalSection
 	GlobalSection(SolutionProperties) = preSolution
 		HideSolutionNode = FALSE
@@ -1604,6 +1648,14 @@ Global
 		{8E2AA85E-C351-47B4-AF91-58557FAD5840} = {830A89EC-4029-4753-B25A-068BAE37DEC7}
 		{0A83AA67-221E-44B4-9BA9-DC64DC17949E} = {830A89EC-4029-4753-B25A-068BAE37DEC7}
 		{1C16DC2D-3B79-4081-AC1E-F3F965C61216} = {830A89EC-4029-4753-B25A-068BAE37DEC7}
+		{C87D9F7D-300A-4880-A7E1-835772749912} = {27381127-6C45-4B4C-8F18-41FF48DFE4B2}
+		{1F8D77E1-AF1B-4CCA-A2CB-12AB40282B40} = {B80354C7-BE58-43F6-8928-9F3A74AB7F47}
+		{EBC55A17-B0D6-4E0A-9DC2-7D264E96F631} = {D173887B-AF42-4576-B9C1-96B9E9B3D9C0}
+		{14BA6E7B-1726-4F23-9C32-72B953BC392B} = {EBC55A17-B0D6-4E0A-9DC2-7D264E96F631}
+		{0BE14FA4-3F09-426D-BF5A-F9102D36DE33} = {EBC55A17-B0D6-4E0A-9DC2-7D264E96F631}
+		{C556D61C-7E11-43EC-9098-C8D170FEA905} = {EBC55A17-B0D6-4E0A-9DC2-7D264E96F631}
+		{5867BAF2-FEF0-4661-BFDE-9ADCDC2921CD} = {4981B3A5-4AFD-4191-BF7D-8692D9783D60}
+		{48FF09E9-7D33-4A3F-9FF2-4C43A219C7B7} = {C424395C-1235-41A4-BF55-07880A04368C}
 	EndGlobalSection
 	GlobalSection(ExtensibilityGlobals) = postSolution
 		SolutionGuid = {6DCEDFEC-988E-4CB3-B45B-191EB5086E0C}

Directory.Packages.props

@@ -53,6 +53,7 @@
     <PackageVersion Include="Azure.Provisioning.WebPubSub" Version="0.1.0-beta.1" />
     <!-- ASP.NET Core dependencies -->
     <PackageVersion Include="Microsoft.AspNetCore.Authentication.Certificate" Version="$(MicrosoftAspNetCoreAuthenticationCertificatePackageVersion)" />
+    <PackageVersion Include="Microsoft.AspNetCore.Authentication.JwtBearer" Version="$(MicrosoftAspNetCoreAuthenticationJwtBearerPackageVersion)" />
     <PackageVersion Include="Microsoft.AspNetCore.Authentication.OpenIdConnect" Version="$(MicrosoftAspNetCoreAuthenticationOpenIdConnectPackageVersion)" />
     <PackageVersion Include="Microsoft.AspNetCore.OpenApi" Version="$(MicrosoftAspNetCoreOpenApiPackageVersion)" />
     <PackageVersion Include="Microsoft.AspNetCore.OutputCaching.StackExchangeRedis" Version="$(MicrosoftAspNetCoreOutputCachingStackExchangeRedisPackageVersion)" />

eng/Versions.props

@@ -45,6 +45,7 @@
     <MicrosoftExtensionsOptionsPackageVersion>8.0.2</MicrosoftExtensionsOptionsPackageVersion>
     <MicrosoftExtensionsPrimitivesPackageVersion>8.0.0</MicrosoftExtensionsPrimitivesPackageVersion>
     <MicrosoftAspNetCoreAuthenticationCertificatePackageVersion>8.0.6</MicrosoftAspNetCoreAuthenticationCertificatePackageVersion>
+    <MicrosoftAspNetCoreAuthenticationJwtBearerPackageVersion>8.0.6</MicrosoftAspNetCoreAuthenticationJwtBearerPackageVersion>
     <MicrosoftAspNetCoreAuthenticationOpenIdConnectPackageVersion>8.0.6</MicrosoftAspNetCoreAuthenticationOpenIdConnectPackageVersion>
     <MicrosoftAspNetCoreOpenApiPackageVersion>8.0.6</MicrosoftAspNetCoreOpenApiPackageVersion>
     <MicrosoftAspNetCoreOutputCachingStackExchangeRedisPackageVersion>8.0.6</MicrosoftAspNetCoreOutputCachingStackExchangeRedisPackageVersion>

playground/keycloak/Keycloak.ApiService/Keycloak.ApiService.csproj

@@ -0,0 +1,14 @@
+<Project Sdk="Microsoft.NET.Sdk.Web">
+
+  <PropertyGroup>
+    <TargetFramework>net8.0</TargetFramework>
+    <ImplicitUsings>enable</ImplicitUsings>
+    <Nullable>enable</Nullable>
+  </PropertyGroup>
+
+  <ItemGroup>
+    <ProjectReference Include="..\..\..\src\Components\Aspire.Keycloak.Authentication\Aspire.Keycloak.Authentication.csproj" />
+    <ProjectReference Include="..\..\Playground.ServiceDefaults\Playground.ServiceDefaults.csproj" />
+  </ItemGroup>
+
+</Project>

playground/keycloak/Keycloak.ApiService/Program.cs

@@ -0,0 +1,49 @@
+var builder = WebApplication.CreateBuilder(args);
+
+// Add service defaults & Aspire components.
+builder.AddServiceDefaults();
+
+// Add services to the container.
+builder.Services.AddProblemDetails();
+
+builder.Services.AddAuthentication()
+                .AddKeycloakJwtBearer("keycloak", realm: "WeatherShop", options =>
+                {
+                    options.RequireHttpsMetadata = false;
+                    options.Audience = "weather.api";
+                });
+
+builder.Services.AddAuthorizationBuilder();
+
+var app = builder.Build();
+
+// Configure the HTTP request pipeline.
+app.UseExceptionHandler();
+
+var summaries = new[]
+{
+    "Freezing", "Bracing", "Chilly", "Cool", "Mild", "Warm", "Balmy", "Hot", "Sweltering", "Scorching"
+};
+
+app.MapGet("/weatherforecast", () =>
+{
+    var forecast = Enumerable.Range(1, 5).Select(index =>
+        new WeatherForecast
+        (
+            DateOnly.FromDateTime(DateTime.Now.AddDays(index)),
+            Random.Shared.Next(-20, 55),
+            summaries[Random.Shared.Next(summaries.Length)]
+        ))
+        .ToArray();
+    return forecast;
+})
+.RequireAuthorization();
+
+app.MapDefaultEndpoints();
+
+app.Run();
+
+sealed record WeatherForecast(DateOnly Date, int TemperatureC, string? Summary)
+{
+    public int TemperatureF => 32 + (int)(TemperatureC / 0.5556);
+}

playground/keycloak/Keycloak.ApiService/Properties/launchSettings.json

@@ -0,0 +1,25 @@
+{
+  "$schema": "https://json.schemastore.org/launchsettings.json",
+  "profiles": {
+    "http": {
+      "commandName": "Project",
+      "dotnetRunMessages": true,
+      "launchBrowser": true,
+      "launchUrl": "weatherforecast",
+      "applicationUrl": "http://localhost:5502",
+      "environmentVariables": {
+        "ASPNETCORE_ENVIRONMENT": "Development"
+      }
+    },
+    "https": {
+      "commandName": "Project",
+      "dotnetRunMessages": true,
+      "launchBrowser": true,
+      "launchUrl": "weatherforecast",
+      "applicationUrl": "https://localhost:7492;http://localhost:5502",
+      "environmentVariables": {
+        "ASPNETCORE_ENVIRONMENT": "Development"
+      }
+    }
+  }
+}

playground/keycloak/Keycloak.ApiService/appsettings.Development.json

@@ -0,0 +1,8 @@
+{
+  "Logging": {
+    "LogLevel": {
+      "Default": "Information",
+      "Microsoft.AspNetCore": "Warning"
+    }
+  }
+}

playground/keycloak/Keycloak.ApiService/appsettings.json

@@ -0,0 +1,9 @@
+{
+  "Logging": {
+    "LogLevel": {
+      "Default": "Information",
+      "Microsoft.AspNetCore": "Warning"
+    }
+  },  
+  "AllowedHosts": "*"
+}

playground/keycloak/Keycloak.AppHost/Directory.Build.props

@@ -0,0 +1,8 @@
+<Project>
+
+  <Import Project="$([MSBuild]::GetPathOfFileAbove('Directory.Build.props', '$(MSBuildThisFileDirectory)../'))" />
+
+  <!-- NOTE: This line is only required because we are using P2P references, not NuGet. It will not exist in real apps. -->
+  <Import Project="../../../src/Aspire.Hosting.AppHost/build/Aspire.Hosting.AppHost.props" />
+
+</Project>

playground/keycloak/Keycloak.AppHost/Directory.Build.targets

@@ -0,0 +1,9 @@
+<Project>
+
+  <Import Project="$([MSBuild]::GetPathOfFileAbove('Directory.Build.targets', '$(MSBuildThisFileDirectory)../'))" />
+
+  <!-- NOTE: These lines are only required because we are using P2P references, not NuGet. They will not exist in real apps. -->
+  <Import Project="..\..\..\src\Aspire.Hosting.AppHost\build\Aspire.Hosting.AppHost.targets" />
+  <Import Project="..\..\..\src\Aspire.Hosting.Sdk\SDK\Sdk.targets" />
+
+</Project>

playground/keycloak/Keycloak.AppHost/Keycloak.AppHost.csproj

@@ -0,0 +1,19 @@
+<Project Sdk="Microsoft.NET.Sdk">
+
+  <PropertyGroup>
+    <OutputType>Exe</OutputType>
+    <TargetFramework>net8.0</TargetFramework>
+    <ImplicitUsings>enable</ImplicitUsings>
+    <Nullable>enable</Nullable>
+    <IsAspireHost>true</IsAspireHost>
+    <UserSecretsId>230093c1-93fe-469d-bcdb-9c8a3c1f699c</UserSecretsId>
+  </PropertyGroup>
+
+  <ItemGroup>
+    <ProjectReference Include="..\..\..\src\Aspire.Hosting.AppHost\Aspire.Hosting.AppHost.csproj" IsAspireProjectResource="False" />
+    <ProjectReference Include="..\..\..\src\Aspire.Hosting.Keycloak\Aspire.Hosting.Keycloak.csproj" IsAspireProjectResource="False" />
+    <ProjectReference Include="..\Keycloak.ApiService\Keycloak.ApiService.csproj" />
+    <ProjectReference Include="..\Keycloak.Web\Keycloak.Web.csproj" />
+  </ItemGroup>
+
+</Project>

playground/keycloak/Keycloak.AppHost/Program.cs

@@ -0,0 +1,15 @@
+var builder = DistributedApplication.CreateBuilder(args);
+
+var keycloak = builder.AddKeycloak("keycloak", 8080)
+                      .WithDataVolume()
+                      .WithRealmImport("../realms");
+
+var apiService = builder.AddProject<Projects.Keycloak_ApiService>("apiservice")
+                        .WithReference(keycloak);
+
+builder.AddProject<Projects.Keycloak_Web>("webfrontend")
+    .WithExternalHttpEndpoints()
+    .WithReference(keycloak)
+    .WithReference(apiService);
+
+builder.Build().Run();

playground/keycloak/Keycloak.AppHost/Properties/launchSettings.json

@@ -0,0 +1,29 @@
+{
+  "$schema": "https://json.schemastore.org/launchsettings.json",
+  "profiles": {
+    "https": {
+      "commandName": "Project",
+      "dotnetRunMessages": true,
+      "launchBrowser": true,
+      "applicationUrl": "https://localhost:17241;http://localhost:15079",
+      "environmentVariables": {
+        "ASPNETCORE_ENVIRONMENT": "Development",
+        "DOTNET_ENVIRONMENT": "Development",
+        "DOTNET_DASHBOARD_OTLP_ENDPOINT_URL": "https://localhost:21125",
+        "DOTNET_RESOURCE_SERVICE_ENDPOINT_URL": "https://localhost:22112"
+      }
+    },
+    "http": {
+      "commandName": "Project",
+      "dotnetRunMessages": true,
+      "launchBrowser": true,
+      "applicationUrl": "http://localhost:15079",
+      "environmentVariables": {
+        "ASPNETCORE_ENVIRONMENT": "Development",
+        "DOTNET_ENVIRONMENT": "Development",
+        "DOTNET_DASHBOARD_OTLP_ENDPOINT_URL": "http://localhost:19191",
+        "DOTNET_RESOURCE_SERVICE_ENDPOINT_URL": "http://localhost:20230"
+      }
+    }
+  }
+}

playground/keycloak/Keycloak.AppHost/appsettings.Development.json

@@ -0,0 +1,8 @@
+{
+  "Logging": {
+    "LogLevel": {
+      "Default": "Information",
+      "Microsoft.AspNetCore": "Warning"
+    }
+  }
+}

playground/keycloak/Keycloak.AppHost/appsettings.json

@@ -0,0 +1,9 @@
+{
+  "Logging": {
+    "LogLevel": {
+      "Default": "Information",
+      "Microsoft.AspNetCore": "Warning",
+      "Aspire.Hosting.Dcp": "Warning"
+    }
+  }
+}

playground/keycloak/Keycloak.Web/AuthorizationHandler.cs

@@ -0,0 +1,22 @@
+using System.Net.Http.Headers;
+using Microsoft.AspNetCore.Authentication;
+
+namespace Keycloak.Web;
+
+public class AuthorizationHandler(IHttpContextAccessor httpContextAccessor) : DelegatingHandler
+{
+    protected override async Task<HttpResponseMessage> SendAsync(HttpRequestMessage request, CancellationToken cancellationToken)
+    {
+        var httpContext = httpContextAccessor.HttpContext ??
+            throw new InvalidOperationException("No HttpContext available from the IHttpContextAccessor!");
+
+        var accessToken = await httpContext.GetTokenAsync("access_token");
+
+        if (!string.IsNullOrEmpty(accessToken))
+        {
+            request.Headers.Authorization = new AuthenticationHeaderValue("Bearer", accessToken);
+        }
+
+        return await base.SendAsync(request, cancellationToken);
+    }
+}

playground/keycloak/Keycloak.Web/Components/App.razor

@@ -0,0 +1,20 @@
+<!DOCTYPE html>
+<html lang="en">
+
+<head>
+    <meta charset="utf-8" />
+    <meta name="viewport" content="width=device-width, initial-scale=1.0" />
+    <base href="/" />
+    <link rel="stylesheet" href="bootstrap/bootstrap.min.css" />
+    <link rel="stylesheet" href="app.css" />
+    <link rel="stylesheet" href="Keycloak.Web.styles.css" />
+    <link rel="icon" type="image/png" href="favicon.png" />
+    <HeadOutlet />
+</head>
+
+<body>
+    <Routes />
+    <script src="_framework/blazor.web.js"></script>
+</body>
+
+</html>

playground/keycloak/Keycloak.Web/Components/Layout/LoginDisplay.razor

@@ -0,0 +1,21 @@
+@using Microsoft.AspNetCore.Components.Authorization
+@using System.Security.Claims;
+@using System.Security.Principal;
+@using System.Security.Cryptography
+@using System.Text
+@using System.IdentityModel.Tokens.Jwt
+
+<AuthorizeView>
+    <Authorized>
+        <div>
+            <span>Welcome @context.User.Identity?.Name!</span>
+            <form method="post" action="authentication/logout" style="display:inline;">
+                <AntiforgeryToken />
+                <button type="submit" class="btn btn-link">Logout</button>
+            </form>
+        </div>
+    </Authorized>
+    <NotAuthorized>
+        <a href="authentication/login" class="btn btn-primary">Login</a>
+    </NotAuthorized>
+</AuthorizeView>

playground/keycloak/Keycloak.Web/Components/Layout/MainLayout.razor

@@ -0,0 +1,23 @@
+@inherits LayoutComponentBase
+
+<div class="page">
+    <div class="sidebar">
+        <NavMenu />
+    </div>
+
+    <main>
+        <div class="top-row px-4">
+            <LoginDisplay />
+        </div>
+
+        <article class="content px-4">
+            @Body
+        </article>
+    </main>
+</div>
+
+<div id="blazor-error-ui">
+    An unhandled error has occurred.
+    <a href="" class="reload">Reload</a>
+    <a class="dismiss">🗙</a>
+</div>