Skip to content

Enhances Keycloak authentication flow #95

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
fboucher merged 14 commits into from
Feb 17, 2026
Merged

Enhances Keycloak authentication flow #95

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
14 commits
Select commit Hold shift + click to select a range
8f76e81
feat: Add Keycloak authentication and authorization
fboucher Feb 16, 2026
41b0670
feat: Implements Keycloak authentication
fboucher Feb 16, 2026
766a902
feat: Enables Keycloak authentication
fboucher Feb 16, 2026
b5551cb
feat: Adds Keycloak authentication to BlazorApp
fboucher Feb 16, 2026
57b1477
Fix(keycloak): Handles asynchronous sign out redirect
fboucher Feb 16, 2026
65e2f6e
docs(ai-team): Docker-compose deployment documentation
fboucher Feb 16, 2026
ef0b58a
Adds Keycloak authentication support
fboucher Feb 16, 2026
d11f6fb
Docs: Updates Docker Compose deployment guide
fboucher Feb 16, 2026
6b999e5
docs: Updates deployment instructions
fboucher Feb 17, 2026
e206306
clean-up
fboucher Feb 17, 2026
1396ee9
docs: Updates .NET version and doc link
fboucher Feb 17, 2026
3cd4194
Apply suggestion from @Copilot
fboucher Feb 17, 2026
99c915d
Apply suggestion from @Copilot
fboucher Feb 17, 2026
b400740
Apply suggestions from code review
fboucher Feb 17, 2026
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
22 changes: 22 additions & 0 deletions .env-sample
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,22 @@
# NoteBookmark Docker Compose Environment Variables
# Copy this file to .env and replace all placeholder values with your actual configuration

# Keycloak Admin Credentials
KEYCLOAK_ADMIN_PASSWORD=your-secure-admin-password

# Keycloak Client Configuration
KEYCLOAK_AUTHORITY=http://localhost:8080/realms/notebookmark
KEYCLOAK_CLIENT_ID=notebookmark
KEYCLOAK_CLIENT_SECRET=your-keycloak-client-secret

# Azure Storage - Table Storage Connection
NB_STORAGE_OUTPUTS_TABLEENDPOINT=https://your-storage-account.table.core.windows.net/

# Azure Storage - Blob Storage Connection
NB_STORAGE_OUTPUTS_BLOBENDPOINT=https://your-storage-account.blob.core.windows.net/

# Notes:
# - Never commit the .env file to version control
# - Keep credentials secure and rotate them regularly
# - For local development, you can use "admin" as KEYCLOAK_ADMIN_PASSWORD
# - For production, use strong passwords and proper Azure Storage connection strings
5 changes: 5 additions & 0 deletions .gitattributes
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,5 @@
# Squad: union merge for append-only team state files
.ai-team/decisions.md merge=union
.ai-team/agents/*/history.md merge=union
.ai-team/log/** merge=union
.ai-team/orchestration-log/** merge=union
12 changes: 11 additions & 1 deletion .gitignore
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -490,6 +490,7 @@ NoteBookmark.Api/obj/
NoteBookmark.Api/appsettings.Development.json

NoteBookmark.BlazorApp/appsettings.Development.json
src/NoteBookmark.BlazorApp/appsettings.Development.json
.azure

NoteBookmark.AppHost/appsettings.Development.json
Expand All @@ -502,4 +503,13 @@ src/NoteBookmark.AppHost/appsettings.json
todos/

# AI Team folder
.ai-team/
.ai-team/
.ai-team-templates/

# Copilot config
.copilot/

# Squad/Agent files
.github/agents/
# Squad (local AI team - not committed)
.ai-team/
99 changes: 48 additions & 51 deletions Directory.Packages.props
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,51 +1,48 @@
<Project>
<ItemGroup>
<!-- Aspire packages -->
<PackageVersion Include="Aspire.Hosting.AppHost" Version="13.0.2" />
<PackageVersion Include="Aspire.Hosting.Azure.Storage" Version="13.0.2" />
<PackageVersion Include="Aspire.Hosting.Docker" Version="13.0.2-preview.1.25603.5" />
<PackageVersion Include="Aspire.Azure.Data.Tables" Version="13.0.2" />
<PackageVersion Include="Aspire.Azure.Storage.Blobs" Version="13.0.2" />

<!-- Azure packages -->
<PackageVersion Include="Azure.Data.Tables" Version="12.11.0" />
<PackageVersion Include="Azure.Storage.Blobs" Version="12.26.0" />

<!-- Microsoft packages -->
<PackageVersion Include="Microsoft.AspNetCore.OpenApi" Version="9.0.10" />
<PackageVersion Include="Microsoft.AspNetCore.Mvc.Testing" Version="10.0.1" />
<PackageVersion Include="Microsoft.Extensions.Configuration" Version="10.0.1" />
<PackageVersion Include="Microsoft.Extensions.Configuration.Abstractions" Version="10.0.1" />
<PackageVersion Include="Microsoft.Extensions.DependencyInjection" Version="10.0.1" />
<PackageVersion Include="Microsoft.Extensions.Http.Resilience" Version="10.1.0" />
<PackageVersion Include="Microsoft.Extensions.Logging" Version="10.0.1" />
<PackageVersion Include="Microsoft.Extensions.Logging.Abstractions" Version="10.0.2" />
<PackageVersion Include="Microsoft.Extensions.ServiceDiscovery" Version="10.1.0" />
<PackageVersion Include="Microsoft.FluentUI.AspNetCore.Components" Version="4.13.2" />
<PackageVersion Include="Microsoft.FluentUI.AspNetCore.Components.Icons" Version="4.13.2" />
<PackageVersion Include="Microsoft.NET.Test.Sdk" Version="18.0.1" />

<!-- OpenTelemetry packages -->
<PackageVersion Include="OpenTelemetry.Exporter.OpenTelemetryProtocol" Version="1.14.0" />
<PackageVersion Include="OpenTelemetry.Extensions.Hosting" Version="1.14.0" />
<PackageVersion Include="OpenTelemetry.Instrumentation.AspNetCore" Version="1.14.0" />
<PackageVersion Include="OpenTelemetry.Instrumentation.Http" Version="1.14.0" />
<PackageVersion Include="OpenTelemetry.Instrumentation.Runtime" Version="1.14.0" />

<!-- Other packages -->
<PackageVersion Include="HtmlAgilityPack" Version="1.12.4" />
<PackageVersion Include="Markdig" Version="0.44.0" />
<PackageVersion Include="Microsoft.Agents.AI" Version="1.0.0-preview.260209.1" />
<PackageVersion Include="Microsoft.Extensions.AI.OpenAI" Version="10.1.1-preview.1.25612.2" />
<PackageVersion Include="Swashbuckle.AspNetCore" Version="9.0.6" />
<PackageVersion Include="System.Text.Json" Version="9.0.10" />

<!-- Test packages -->
<PackageVersion Include="coverlet.collector" Version="6.0.4" />
<PackageVersion Include="FluentAssertions" Version="8.8.0" />
<PackageVersion Include="Moq" Version="4.20.72" />
<PackageVersion Include="Testcontainers.Azurite" Version="4.9.0" />
<PackageVersion Include="xunit" Version="2.9.3" />
<PackageVersion Include="xunit.runner.visualstudio" Version="3.1.5" />
</ItemGroup>
</Project>
<Project>
<ItemGroup>
<!-- Aspire packages -->
<PackageVersion Include="Aspire.Hosting.AppHost" Version="13.1.1" />
<PackageVersion Include="Aspire.Hosting.Azure.Storage" Version="13.1.1" />
<PackageVersion Include="Aspire.Hosting.Docker" Version="13.1.1-preview.1.26105.8" />
<PackageVersion Include="Aspire.Hosting.Keycloak" Version="13.1.1-preview.1.26105.8" />
<PackageVersion Include="Aspire.Azure.Data.Tables" Version="13.1.1" />
<PackageVersion Include="Aspire.Azure.Storage.Blobs" Version="13.1.1" />
<!-- Azure packages -->
<PackageVersion Include="Azure.Data.Tables" Version="12.11.0" />
<PackageVersion Include="Azure.Storage.Blobs" Version="12.26.0" />
<!-- Microsoft packages -->
<PackageVersion Include="Microsoft.AspNetCore.Authentication.OpenIdConnect" Version="10.0.3" />
<PackageVersion Include="Microsoft.AspNetCore.OpenApi" Version="9.0.10" />
<PackageVersion Include="Microsoft.AspNetCore.Mvc.Testing" Version="10.0.1" />
<PackageVersion Include="Microsoft.Extensions.Configuration" Version="10.0.1" />
<PackageVersion Include="Microsoft.Extensions.Configuration.Abstractions" Version="10.0.1" />
<PackageVersion Include="Microsoft.Extensions.DependencyInjection" Version="10.0.1" />
<PackageVersion Include="Microsoft.Extensions.Http.Resilience" Version="10.1.0" />
<PackageVersion Include="Microsoft.Extensions.Logging" Version="10.0.1" />
<PackageVersion Include="Microsoft.Extensions.Logging.Abstractions" Version="10.0.2" />
<PackageVersion Include="Microsoft.Extensions.ServiceDiscovery" Version="10.1.0" />
<PackageVersion Include="Microsoft.FluentUI.AspNetCore.Components" Version="4.13.2" />
<PackageVersion Include="Microsoft.FluentUI.AspNetCore.Components.Icons" Version="4.13.2" />
<PackageVersion Include="Microsoft.NET.Test.Sdk" Version="18.0.1" />
<!-- OpenTelemetry packages -->
<PackageVersion Include="OpenTelemetry.Exporter.OpenTelemetryProtocol" Version="1.14.0" />
<PackageVersion Include="OpenTelemetry.Extensions.Hosting" Version="1.14.0" />
<PackageVersion Include="OpenTelemetry.Instrumentation.AspNetCore" Version="1.14.0" />
<PackageVersion Include="OpenTelemetry.Instrumentation.Http" Version="1.14.0" />
<PackageVersion Include="OpenTelemetry.Instrumentation.Runtime" Version="1.14.0" />
<!-- Other packages -->
<PackageVersion Include="HtmlAgilityPack" Version="1.12.4" />
<PackageVersion Include="Markdig" Version="0.44.0" />
<PackageVersion Include="Microsoft.Agents.AI" Version="1.0.0-preview.260209.1" />
<PackageVersion Include="Microsoft.Extensions.AI.OpenAI" Version="10.1.1-preview.1.25612.2" />
<PackageVersion Include="Swashbuckle.AspNetCore" Version="9.0.6" />
<PackageVersion Include="System.Text.Json" Version="9.0.10" />
<!-- Test packages -->
<PackageVersion Include="coverlet.collector" Version="6.0.4" />
<PackageVersion Include="FluentAssertions" Version="8.8.0" />
<PackageVersion Include="Moq" Version="4.20.72" />
<PackageVersion Include="Testcontainers.Azurite" Version="4.9.0" />
<PackageVersion Include="xunit" Version="2.9.3" />
<PackageVersion Include="xunit.runner.visualstudio" Version="3.1.5" />
</ItemGroup>
</Project>
114 changes: 60 additions & 54 deletions README.md
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,54 +1,60 @@
# Note Bookmark

![GitHub Release](https://img.shields.io/github/v/release/fboucher/NoteBookmark) ![.NET](https://img.shields.io/badge/9.0-512BD4?logo=dotnet&logoColor=fff) [![Unit Tests](https://github.com/FBoucher/NoteBookmark/actions/workflows/running-unit-tests.yml/badge.svg)](https://github.com/FBoucher/NoteBookmark/actions/workflows/running-unit-tests.yml) [![Reka AI](https://img.shields.io/badge/Power%20By-2E2F2F?style=flat&logo=data%3Aimage%2Fsvg%2Bxml%3Bbase64%2CPD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0iVVRGLTgiPz4KPHN2ZyBpZD0iTGF5ZXJfMSIgZGF0YS1uYW1lPSJMYXllciAxIiB4bWxucz0iaHR0cDovL3d3dy53My5vcmcvMjAwMC9zdmciIHZpZXdCb3g9IjAgMCA2NjYuOTQgNjgxLjI2Ij4KICA8ZGVmcz4KICAgIDxzdHlsZT4KICAgICAgLmNscy0xIHsKICAgICAgICBmaWxsOiBub25lOwogICAgICB9CgogICAgICAuY2xzLTIgewogICAgICAgIGZpbGw6ICNmMWVlZTc7CiAgICAgIH0KICAgIDwvc3R5bGU%2BCiAgPC9kZWZzPgogIDxyZWN0IGNsYXNzPSJjbHMtMSIgeD0iLS4yOSIgeT0iLS4xOSIgd2lkdGg9IjY2Ny4yMiIgaGVpZ2h0PSI2ODEuMzMiLz4KICA8Zz4KICAgIDxwYXRoIGNsYXNzPSJjbHMtMiIgZD0iTTMxOC4zNCwwTDgyLjY3LjE2QzM2Ljg1LjE5LS4yOSwzNy4zOC0uMjksODMuMjd2MjM1LjEyaDc0LjkzVjcxLjc1aDI0My43M1YwaC0uMDNaIi8%2BCiAgICA8cGF0aCBjbGFzcz0iY2xzLTIiIGQ9Ik03Mi45NywzNjIuOTdIMHYzMTguMTZoNzIuOTd2LTMxOC4xNloiLz4KICAgIDxwYXRoIGNsYXNzPSJjbHMtMiIgZD0iTTMxNS4zMywzNjIuODRoLTk5LjEzbC0xMDkuNSwxMDcuMjljLTEzLjk1LDEzLjY4LTIxLjgyLDMyLjM3LTIxLjgyLDUxLjkyczcuODYsMzguMjQsMjEuODIsNTEuOTJsMTA5LjUsMTA3LjI5aDEwMS42M2wtMTYyLjQ1LTE2MS43MiwxNTkuOTUtMTU2LjY3di0uMDNaIi8%2BCiAgICA8cGF0aCBjbGFzcz0iY2xzLTIiIGQ9Ik0zNDguNTksODIuOTJ2MTUyLjIzYzAsNDUuOTIsMzcuMTYsODMuMTEsODMuMDUsODMuMTFoMjMwLjI4di03MS43OGgtMjQwLjMzVjg1Ljg3YzAtNy43NCw2LjI4LTE0LjA2LDE0LjA1LTE0LjA2aDE0NC4zMmM3Ljc0LDAsMTQuMDUsNi4yOCwxNC4wNSwxNC4wNiwwLDUuOS0zLjcxLDExLjE3LTkuMjMsMTMuMmwtMTQ3LjQ1LDU2LjIzdjcwLjczbDE3NC41Ny02Mi4yYzMzLjA0LTExLjgsNTUuMTEtNDMuMTMsNTUuMTEtNzguMjZ2LTIuNjdDNjY3LDM3LDYyOS44LS4xOSw1ODMuOTUtLjE5aC0xNTIuMjdjLTQ1Ljg5LDAtODMuMDUsMzcuMTktODMuMDUsODMuMTFoLS4wM1oiLz4KICAgIDxwYXRoIGNsYXNzPSJjbHMtMiIgZD0iTTY2Ni45NCw1OTguMTJ2LTE1Mi4yM2MwLTQ1Ljg5LTM3LjE2LTgzLjExLTgzLjA1LTgzLjExaC0yMzAuMjh2NzEuNzhoMjQwLjMzdjE2MC42MWMwLDcuNzQtNi4yOCwxNC4wNi0xNC4wNSwxNC4wNmgtMTQ0LjMxYy03Ljc0LDAtMTQuMDUtNi4yOC0xNC4wNS0xNC4wNiwwLTUuOSwzLjcxLTExLjE3LDkuMjMtMTMuMmwxNDcuNDUtNTYuMjN2LTcwLjczbC0xNzQuNTcsNjIuMmMtMzMuMDQsMTEuOC01NS4xMSw0My4xMy01NS4xMSw3OC4yNnYyLjY3YzAsNDUuOTIsMzcuMTYsODMuMTEsODMuMDUsODMuMTFoMTUyLjI3YzQ1Ljg5LDAsODMuMDUtMzcuMTksODMuMDUtODMuMTFoLjAzWiIvPgogIDwvZz4KPC9zdmc%2B&logoSize=auto&labelColor=2E2F2F&color=F1EEE7)](https://reka.ai/)




I use this project mostly everyday. I build it to help me collecting my thoughts about articles, and blob posts I read during the week and then aggregate them in a #ReadingNotes blog post. You can find those post on my blog [here](https://frankysnotes.com).

NoteBookmark is composed of three main sections:

- **Post**: where you can manage a posts "to read", and add notes to them.
- **Generate Summary**: where you can generate a summary of the posts you read.
- **Summaries**: where you can see all the summaries you generated.

![Slide show of all NoteBookmark Screens](gh/images/NoteBookmark-Tour_hd.gif)

## How to deploy Your own NoteBookmark

### Get the code on your machine

- Fork this repository to your account.
- Clone the repository to your local machine.


### Deploy the solution (5 mins)

Using Azure Developer CLI let's initialize your environment. In a terminal, at the root of the project, run the following command. When ask give it a name (ex: NoteBookmark-dev).

```bash
azd init
```

Now let's deploy the solution. Run the following command in the terminal. You will have to select your Azure subscription where you want to deploy the solution, and a location (ex: eastus).

```bash
azd up
```

It should take around five minutes to deploy the solution. Once it's done, you will see the URL for **Deploying service blazor-app**.

### Secure the App in a few clicks

The app is now deployed, but it's not secure. Navigate to the Azure Portal, and find the Resource Group you just deployed (ex: rg-notebookmark-dev). In this resource group, open the Container App **Container App**. From the left menu, select **Authentication** and click the **Add identity provider**.

You can choose between multiple providers, I like to use Microsoft since it's deploy in Azure and I'm already logged in. If Microsoft is choose, select the recomended **Client secret expiration** (ex: 180 days). You can keep all the other default settings. Click **Add**.

Next time you will navigate to the app, you will be prompt a to login with your Microsoft account. The first time you will have a **Permissions requested** screen, click **Accept**.

Voila! Your app is now secure.

## Contributing

Your contributions are welcome! Take a look at [CONTRIBUTING](/CONTRIBUTING.md) for details.
# Note Bookmark

![GitHub Release](https://img.shields.io/github/v/release/fboucher/NoteBookmark) ![.NET](https://img.shields.io/badge/10.0-512BD4?logo=dotnet&logoColor=fff) [![Unit Tests](https://github.com/FBoucher/NoteBookmark/actions/workflows/running-unit-tests.yml/badge.svg)](https://github.com/FBoucher/NoteBookmark/actions/workflows/running-unit-tests.yml) [![Reka AI](https://img.shields.io/badge/Power%20By-2E2F2F?style=flat&logo=data%3Aimage%2Fsvg%2Bxml%3Bbase64%2CPD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0iVVRGLTgiPz4KPHN2ZyBpZD0iTGF5ZXJfMSIgZGF0YS1uYW1lPSJMYXllciAxIiB4bWxucz0iaHR0cDovL3d3dy53My5vcmcvMjAwMC9zdmciIHZpZXdCb3g9IjAgMCA2NjYuOTQgNjgxLjI2Ij4KICA8ZGVmcz4KICAgIDxzdHlsZT4KICAgICAgLmNscy0xIHsKICAgICAgICBmaWxsOiBub25lOwogICAgICB9CgogICAgICAuY2xzLTIgewogICAgICAgIGZpbGw6ICNmMWVlZTc7CiAgICAgIH0KICAgIDwvc3R5bGU%2BCiAgPC9kZWZzPgogIDxyZWN0IGNsYXNzPSJjbHMtMSIgeD0iLS4yOSIgeT0iLS4xOSIgd2lkdGg9IjY2Ny4yMiIgaGVpZ2h0PSI2ODEuMzMiLz4KICA8Zz4KICAgIDxwYXRoIGNsYXNzPSJjbHMtMiIgZD0iTTMxOC4zNCwwTDgyLjY3LjE2QzM2Ljg1LjE5LS4yOSwzNy4zOC0uMjksODMuMjd2MjM1LjEyaDc0LjkzVjcxLjc1aDI0My43M1YwaC0uMDNaIi8%2BCiAgICA8cGF0aCBjbGFzcz0iY2xzLTIiIGQ9Ik03Mi45NywzNjIuOTdIMHYzMTguMTZoNzIuOTd2LTMxOC4xNloiLz4KICAgIDxwYXRoIGNsYXNzPSJjbHMtMiIgZD0iTTMxNS4zMywzNjIuODRoLTk5LjEzbC0xMDkuNSwxMDcuMjljLTEzLjk1LDEzLjY4LTIxLjgyLDMyLjM3LTIxLjgyLDUxLjkyczcuODYsMzguMjQsMjEuODIsNTEuOTJsMTA5LjUsMTA3LjI5aDEwMS42M2wtMTYyLjQ1LTE2MS43MiwxNTkuOTUtMTU2LjY3di0uMDNaIi8%2BCiAgICA8cGF0aCBjbGFzcz0iY2xzLTIiIGQ9Ik0zNDguNTksODIuOTJ2MTUyLjIzYzAsNDUuOTIsMzcuMTYsODMuMTEsODMuMDUsODMuMTFoMjMwLjI4di03MS43OGgtMjQwLjMzVjg1Ljg3YzAtNy43NCw2LjI4LTE0LjA2LDE0LjA1LTE0LjA2aDE0NC4zMmM3Ljc0LDAsMTQuMDUsNi4yOCwxNC4wNSwxNC4wNiwwLDUuOS0zLjcxLDExLjE3LTkuMjMsMTMuMmwtMTQ3LjQ1LDU2LjIzdjcwLjczbDE3NC41Ny02Mi4yYzMzLjA0LTExLjgsNTUuMTEtNDMuMTMsNTUuMTEtNzguMjZ2LTIuNjdDNjY3LDM3LDYyOS44LS4xOSw1ODMuOTUtLjE5aC0xNTIuMjdjLTQ1Ljg5LDAtODMuMDUsMzcuMTktODMuMDUsODMuMTFoLS4wM1oiLz4KICAgIDxwYXRoIGNsYXNzPSJjbHMtMiIgZD0iTTY2Ni45NCw1OTguMTJ2LTE1Mi4yM2MwLTQ1Ljg5LTM3LjE2LTgzLjExLTgzLjA1LTgzLjExaC0yMzAuMjh2NzEuNzhoMjQwLjMzdjE2MC42MWMwLDcuNzQtNi4yOCwxNC4wNi0xNC4wNSwxNC4wNmgtMTQ0LjMxYy03Ljc0LDAtMTQuMDUtNi4yOC0xNC4wNS0xNC4wNiwwLTUuOSwzLjcxLTExLjE3LDkuMjMtMTMuMmwxNDcuNDUtNTYuMjN2LTcwLjczbC0xNzQuNTcsNjIuMmMtMzMuMDQsMTEuOC01NS4xMSw0My4xMy01NS4xMSw3OC4yNnYyLjY3YzAsNDUuOTIsMzcuMTYsODMuMTEsODMuMDUsODMuMTFoMTUyLjI3YzQ1Ljg5LDAsODMuMDUtMzcuMTksODMuMDUtODMuMTFoLjAzWiIvPgogIDwvZz4KPC9zdmc%2B&logoSize=auto&labelColor=2E2F2F&color=F1EEE7)](https://reka.ai/)




I use this project mostly everyday. I build it to help me collecting my thoughts about articles, and blob posts I read during the week and then aggregate them in a #ReadingNotes blog post. You can find those post on my blog [here](https://frankysnotes.com).

NoteBookmark is composed of three main sections:

- **Post**: where you can manage a posts "to read", and add notes to them.
- **Generate Summary**: where you can generate a summary of the posts you read.
- **Summaries**: where you can see all the summaries you generated.

![Slide show of all NoteBookmark Screens](gh/images/NoteBookmark-Tour_hd.gif)

## How to deploy Your own NoteBookmark

### Get the code on your machine

- Fork this repository to your account.
- Clone the repository to your local machine.


### Deploy the solution (5 mins)

Using Azure Developer CLI let's initialize your environment. In a terminal, at the root of the project, run the following command. When ask give it a name (ex: NoteBookmark-dev).

```bash
azd init
```

Now let's deploy the solution. Run the following command in the terminal. You will have to select your Azure subscription where you want to deploy the solution, and a location (ex: eastus).

```bash
azd up
```

It should take around five minutes to deploy the solution. Once it's done, you will see the URL for **Deploying service blazor-app**.

### Secure the App in a few clicks

The app is now deployed, but it's not secure. Navigate to the Azure Portal, and find the Resource Group you just deployed (ex: rg-notebookmark-dev). In this resource group, open the Container App **Container App**. From the left menu, select **Authentication** and click the **Add identity provider**.

You can choose between multiple providers, I like to use Microsoft since it's deploy in Azure and I'm already logged in. If Microsoft is choose, select the recomended **Client secret expiration** (ex: 180 days). You can keep all the other default settings. Click **Add**.

Next time you will navigate to the app, you will be prompt a to login with your Microsoft account. The first time you will have a **Permissions requested** screen, click **Accept**.

Voila! Your app is now secure.

## Documentation

For detailed setup guides and configuration information:
- [Keycloak Authentication Setup](/docs/keycloak-setup.md) - Complete guide for setting up Keycloak authentication
- [Docker Compose Deployment](/docs/docker-compose-deployment.md) - Deploy with Docker Compose (generate from Aspire or use provided files)

## Contributing

Your contributions are welcome! Take a look at [CONTRIBUTING](/CONTRIBUTING.md) for details.
26 changes: 26 additions & 0 deletions docker-compose/docker-compose.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,6 +1,23 @@
name: note-bookmark

services:
keycloak:
image: "quay.io/keycloak/keycloak:26.1"
container_name: "notebookmark-keycloak"
command: ["start-dev"]
environment:
KEYCLOAK_ADMIN: "admin"
KEYCLOAK_ADMIN_PASSWORD: "${KEYCLOAK_ADMIN_PASSWORD:-admin}"
KC_HTTP_PORT: "8080"
KC_HOSTNAME_STRICT: "false"
KC_HOSTNAME_STRICT_HTTPS: "false"
KC_HTTP_ENABLED: "true"
Comment on lines +8 to +14
Copy link

Copilot AI Feb 17, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

KEYCLOAK_ADMIN_PASSWORD defaults to admin if the env var isn’t provided. That makes it easy to accidentally deploy an insecure Keycloak instance. Remove the default fallback or at least require an explicit value for non-development usage.

Copilot uses AI. Check for mistakes.
ports:
- "8080:8080"
volumes:
- keycloak-data:/opt/keycloak/data
networks:
- "aspire"
api:
image: "fboucher/notebookmark-api:latest"
container_name: "notebookmark-api"
Expand All @@ -27,14 +44,23 @@ services:
ASPNETCORE_FORWARDEDHEADERS_ENABLED: "true"
HTTP_PORTS: "8004"
services__api__http__0: "http://api:8000"
services__keycloak__http__0: "http://keycloak:8080"
Keycloak__Authority: "${KEYCLOAK_AUTHORITY:-http://keycloak:8080/realms/notebookmark}"
Keycloak__ClientId: "${KEYCLOAK_CLIENT_ID:-notebookmark}"
Keycloak__ClientSecret: "${KEYCLOAK_CLIENT_SECRET}"
ports:
- "8005:8004"
- "8007:8006"
depends_on:
api:
condition: "service_started"
keycloak:
condition: "service_started"
networks:
- "aspire"
volumes:
keycloak-data:
driver: "local"
networks:
aspire:
driver: "bridge"
Loading
Loading