These examples illustrate how to integrate OAuth into the different types of native clients.
Deploy the system on a computer running Linux, macOS or Windows (with Git bash).
First ensure that you have these tools installed:
- A Docker Engine, preferably configured to use 16GB of RAM
- KIND
- kubectl
- Helm
- OpenSSL 3 to create cookie encryption keys
- The envsubst tool, to update configuration dynamically
Create a cluster and run a load balancer to enable the API to be exposed on an external IP address.
On Windows, use a Run as administrator shell in order to run the load balancer:
./1-create-cluster.shThen run another shell to deploy an ingress controller to act as an API gateway.
On macOS accept the prompt to allow the load balancer to accept connections.
Note the external IP address that the script outputs:
./2-deploy-api-gateway.shUpdate your hosts file with the external IP address, similar to the following:
172.18.0.5 api.democluster.example login.democluster.example admin.democluster.example
Deploy the authorization server with some preconfigured clients and users.
This requires a license file for the particular authorization server we use:
export LICENSE_FILE_PATH='license.json'
./3-deploy-authorization-server.sh- Login to the Admin UI at
https://admin.democluster.example/adminwith credentialsadmin / Password1 - Locate OpenId Connect metadata at
https://login.democluster.example/oauth/v2/oauth-anonymous/.well-known/openid-configuration
The example API is called by native clients:
./4-deploy-api.shFollow the READMEs specific to each client:
- OAuth-Secured Console App
- OAuth-Secured Desktop App
- OAuth-Secured Android Mobile App
- OAuth-Secured iOS Mobile App
Run this command to free resources:
./5-delete-cluster.sh