Take the following steps to run NGINX Plus in a Docker container and test OIDC for Amazon Cognito integration.
Note: You could remotely test in your remote machine if you copy entire files there.
-
Edit
hostsfile in your laptop via if you want to locally test your app:$ sudo vi /etc/hosts 127.0.0.1 nginx.cognito.test
-
Download NGINX Plus license files, and copy them to
./docker/build-context/ssl/nginx-repo.crt nginx-repo.key
-
Start a Docker container:
$ make start
-
Check Docker container's status:
$ make watch
-
Run a Web Browser with
https://nginx.cognito.test, and enter anIdP application'sclient ID:
-
Login to click
Sign inbutton:Enter your name and password which are registered in Amazon Cognito.
When you login first time you will be prompted to update your password which you can update by entering below fields and clicking 'Send' button.
You will see the following screen once you are successfully signed-in.
-
Test a secured sample API with access token by clicking
Call a Sample Proxied API:Note:
Modify an URI if you want to test one of your API endpoints where access token is included in the header.
- An endpoint of sample API is defined in
oidc_frontend_backend.conf. You can add any API endpoint when you want to use an access token by referencing the following example:
location /v1/api/example { auth_jwt "" token=$id_token; auth_jwt_key_request /_jwks_uri; # Enable when using URL proxy_set_header Authorization "Bearer $access_token"; proxy_pass http://my_backend_app; access_log /var/log/nginx/access.log oidc_jwt; }
- An endpoint of sample API is defined in
-
Logout to click 'Sign out' button:
-
Stop Docker containers
$ make down
-
Remove Docker container images
$ make clean