gin-oauth2-demo/README.md

# Go Gin OAuth2 Demo with Keycloak

This is a minimalist demo project illustrating the integration of [**OAuth2**](https://oauth.net/2/) (provided by a [**Keycloak**](https://www.keycloak.org/) server) into a [**Gin**](https://github.com/gin-gonic/gin)-based Go application. The implementation focuses on simplicity and separation of concerns, ensuring that the core view functions remain clean and free from authentication logic.

## Key Features

- **Middleware-Driven OAuth2 Handling**: Authentication and authorization are managed entirely through middleware, keeping the view functions decoupled from OAuth2 logic.
- **User Import from Keycloak**: Users are imported directly from Keycloak, leveraging its identity management capabilities.
- **Token Management**: Access tokens are stored in cookies and automatically refreshed before expiration to ensure seamless user sessions.
- **Protected Routes**: Sensitive URLs (e.g., for modifying or deleting data) can be marked as protected. When accessed, an **introspection** is performed to validate the user's permissions.

## Getting Started

1. **Prerequisites**:
   - Go >=1.23.6 installed.
   - A running Keycloak server with a configured realm and client.

2. **Installation**:
   ```sh
   git clone https://git.0x0001f346.de/andreas/gin-oauth2-demo.git
   cd gin-oauth2-demo
   go mod tidy
   ```

3. **Configuration**:
   - Update the `middleware.go` file with your domain and Keycloak server details (client ID, client secret, realm, etc.).

4. **Run the Application**:
   ```sh
   go run main.go
   ```

5. **Access the Application**:
   - Open your browser and navigate to `http://localhost:9000`.
   - Log in via Keycloak and explore the protected routes.

## License

This project is licensed under the MIT License. See the [LICENSE](LICENSE) file for details.
initial commit 2025-02-12 16:01:36 +01:00			`# Go Gin OAuth2 Demo with Keycloak`

			`This is a minimalist demo project illustrating the integration of [OAuth2](https://oauth.net/2/) (provided by a [Keycloak](https://www.keycloak.org/) server) into a [Gin](https://github.com/gin-gonic/gin)-based Go application. The implementation focuses on simplicity and separation of concerns, ensuring that the core view functions remain clean and free from authentication logic.`

			`## Key Features`

			`- Middleware-Driven OAuth2 Handling: Authentication and authorization are managed entirely through middleware, keeping the view functions decoupled from OAuth2 logic.`
			`- User Import from Keycloak: Users are imported directly from Keycloak, leveraging its identity management capabilities.`
			`- Token Management: Access tokens are stored in cookies and automatically refreshed before expiration to ensure seamless user sessions.`
			`- Protected Routes: Sensitive URLs (e.g., for modifying or deleting data) can be marked as protected. When accessed, an introspection is performed to validate the user's permissions.`

			`## Getting Started`

			`1. Prerequisites:`
			`- Go >=1.23.6 installed.`
			`- A running Keycloak server with a configured realm and client.`

			`2. Installation:`
			```sh
			`git clone https://git.0x0001f346.de/andreas/gin-oauth2-demo.git`
			`cd gin-oauth2-demo`
			`go mod tidy`
			```

			`3. Configuration:`
			- Update the `middleware.go` file with your domain and Keycloak server details (client ID, client secret, realm, etc.).

			`4. Run the Application:`
			```sh
			`go run main.go`
			```

			`5. Access the Application:`
			- Open your browser and navigate to `http://localhost:9000`.
			`- Log in via Keycloak and explore the protected routes.`

			`## License`

			`This project is licensed under the MIT License. See the [LICENSE](LICENSE) file for details.`