git clone https://github.com/weni-ai/weni-engine.git
docker run -p 8080:8080 -e KEYCLOAK_USER=<USERNAME> -e KEYCLOAK_PASSWORD=<PASSWORD> jboss/keycloak
Keycloak will be running on http://localhost:8080
-
Create a new realm, not recommended to use master realm
-
Setup the clients
Each service uses a client
- Backend:
- Create a client for the back-end
- Set your access type to
confidential
- Standard Flow Enabled: On
- Service Account Enabled: On
- Service Account Roles --> Client Roles --> realm-management (user related roles)
- Frontend:
- Create a client for the front-end
- Access Type: public
- Standard Flow Enabled: on
- Direct Access Grants Enabled: On
OIDC_RP_CLIENT_ID
and OIDC_RP_CLIENT_SECRET
refers to backend client credentials
<KEYCLOAK-SERVER-URL>
could be https://<your-keycloak-host>/
or https://your-keycloak-host/auth/
depending on the keycloak version
You can get the OIDC_RP_*
variables at: https://your-keycloak-host/realms/<realm-name>/.well-known/openid-configuration
Ex for keycloak 16.1:
http://127.0.0.1:8080/auth/realms/engine_realm/.well-known/openid-configuration
engine_realm as realm name
SECRET_KEY=<SECRET_KEY>
OIDC_RP_REALM_NAME=<KEYCLOAK-REALM-NAME>
OIDC_RP_CLIENT_ID=<KEYCLOAK-CLIENT-ID>
OIDC_RP_CLIENT_SECRET=<KEYCLOAK-CLIENT-SECRET>
OIDC_OP_LOGOUT_ENDPOINT=<KEYCLOAK-SERVER-URL>/realms/<KEYCLOAK-REALM-NAME>/protocol/openid-connect/logout
OIDC_OP_TOKEN_ENDPOINT=<KEYCLOAK-SERVER-URL>/auth/realms/<KEYCLOAK-REALM-NAME>/protocol/openid-connect/token
OIDC_RP_SCOPES=email profile openid offline_access
OIDC_OP_AUTHORIZATION_ENDPOINT=<KEYCLOAK-SERVER-URL>/realms/<KEYCLOAK-REALM-NAME>/protocol/openid-connect/auth
OIDC_RP_SIGN_ALGO= Sets the algorithm the IdP uses to sign ID tokens.
OIDC_RP_SERVER_URL=<KEYCLOAK-SERVER-URL>
OIDC_OP_USER_ENDPOINT=<KEYCLOAK-SERVER-URL>/auth/realms/<KEYCLOAK-REALM-NAME>/protocol/openid-connect/userinfo
OIDC_OP_JWKS_ENDPOINT=<KEYCLOAK-SERVER-URL>/auth/realms/<KEYCLOAK-REALM-NAME>/protocol/openid-connect/certs
You can set environment variables in your OS, write on .env
file or pass via Docker config.
Variable | Type | Default | Description |
---|---|---|---|
SECRET_KEY | string |
None |
A secret key for a particular Django installation. This is used to provide cryptographic signing, and should be set to a unique, unpredictable value. |
DEBUG | boolean |
False |
A boolean that turns on/off debug mode. |
BASE_URL | string |
https://api.weni.ai |
URL Base Weni Engine Backend. |
WEBAPP_BASE_URL | string |
https://dash.weni.ai |
URL Base Weni Webapp. |
ALLOWED_HOSTS | string |
* |
A list of strings representing the host/domain names that this Django site can serve. |
DEFAULT_DATABASE | string |
sqlite:///db.sqlite3 |
Read django-environ to configure the database connection. |
LANGUAGE_CODE | string |
en-us |
A string representing the language code for this installation.This should be in standard language ID format. |
TIME_ZONE | string |
UTC |
A string representing the time zone for this installation. See the list of time zones. |
STATIC_URL | string |
/static/ |
URL to use when referring to static files located in STATIC_ROOT . |
CSRF_COOKIE_DOMAIN | string |
None |
The domain to be used when setting the CSRF cookie. |
CSRF_COOKIE_SECURE | boolean |
False |
Whether to use a secure cookie for the CSRF cookie. |
OIDC_RP_SERVER_URL | string |
None |
Open ID Connect Server URL, example: https://accounts.weni.ai/auth/. |
OIDC_RP_REALM_NAME | string |
None |
Open ID Connect Realm Name. |
OIDC_RP_CLIENT_ID | string |
None |
OpenID Connect client ID provided by your OP. |
OIDC_RP_CLIENT_SECRET | string |
None |
OpenID Connect client secret provided by your OP. |
OIDC_OP_AUTHORIZATION_ENDPOINT | string |
None |
URL of your OpenID Connect provider authorization endpoint. |
OIDC_OP_TOKEN_ENDPOINT | string |
None |
URL of your OpenID Connect provider token endpoint. |
OIDC_OP_USER_ENDPOINT | string |
None |
URL of your OpenID Connect provider userinfo endpoint. |
OIDC_OP_JWKS_ENDPOINT | string |
None |
URL of your OpenID Connect provider JWKS endpoint. |
OIDC_RP_SIGN_ALGO | string |
RS256 |
Sets the algorithm the IdP uses to sign ID tokens. |
OIDC_DRF_AUTH_BACKEND | string |
weni.oidc_authentication.WeniOIDCAuthenticationBackend |
Define the authentication middleware for the django rest framework. |
AWS_ACCESS_KEY_ID | string |
None |
Specify Access Key ID S3. |
AWS_SECRET_ACCESS_KEY | string |
None |
Specify Secret Access Key ID S3. |
AWS_STORAGE_BUCKET_NAME | string |
None |
Specify Bucket Name S3. |
AWS_S3_REGION_NAME | string |
None |
Specify the Bucket S3 region. |
EMAIL_HOST | string |
None |
The host to use for sending email. When setted to None or empty string, the EMAIL_BACKEND setting is setted to django.core.mail.backends.console.EmailBackend |
EMAIL_PORT | int |
25 |
Port to use for the SMTP server defined in EMAIL_HOST . |
DEFAULT_FROM_EMAIL | string |
webmaster@localhost |
Default email address to use for various automated correspondence from the site manager(s). |
SERVER_EMAIL | string |
root@localhost |
The email address that error messages come from, such as those sent to ADMINS and MANAGERS . |
EMAIL_HOST_USER | string |
'' |
Username to use for the SMTP server defined in EMAIL_HOST . |
EMAIL_HOST_PASSWORD | string |
'' |
Password to use for the SMTP server defined in EMAIL_HOST . |
EMAIL_USE_SSL | boolean |
False |
Whether to use an implicit TLS (secure) connection when talking to the SMTP server. |
EMAIL_USE_TLS | boolean |
False |
Whether to use a TLS (secure) connection when talking to the SMTP server. |
SEND_EMAILS | boolean |
True |
Send emails flag. |
INTELIGENCE_URL | string |
https://bothub.it/ |
Specify the URL of the intelligence service. |
FLOWS_URL | string |
https://new.push.al/ |
Specify the URL of the flows service. |
INTEGRATIONS_URL | string |
None |
Specify the URL of the integration service. |
USE_SENTRY | bool |
False |
Enable Support Sentry |
SENTRY_URL | string |
None |
URL Sentry |
APM_DISABLE_SEND | bool |
False |
Disable sending Elastic APM |
APM_SERVICE_DEBUG | bool |
False |
Enable APM debug mode |
APM_SERVICE_NAME | string |
'' |
APM Service Name |
APM_SECRET_TOKEN | string |
'' |
APM Secret Token |
APM_SERVER_URL | string |
'' |
APM URL |
FLOW_GRPC_ENDPOINT | string |
'localhost:8002' |
gRPC Endpoint URL |
INTELIGENCE_GRPC_ENDPOINT | string |
'localhost:8003' |
gRPC Endpoint URL |
INTEGRATIONS_GRPC_ENDPOINT | string |
'localhost:8004' |
gRPC Endpoint URL |
SYNC_ORGANIZATION_INTELIGENCE | bool |
False |
Enable or Disable sync organization inteligences service |
INTELIGENCE_CERTIFICATE_GRPC_CRT | string |
None |
Absolute certificate path for secure grpc communication |
FLOW_CERTIFICATE_GRPC_CRT | string |
None |
Absolute certificate path for secure grpc communication |
INTEGRATIONS_CERTIFICATE_GRPC_CRT | string |
None |
Absolute certificate path for secure grpc communication |
SEND_REQUEST_FLOW | boolean |
False |
Enables or disables sending user information to flows |
FLOW_MARKETING_UUID | string |
None |
UUID Flow |
TOKEN_AUTHORIZATION_FLOW_MARKETING | string |
None |
Token Authorization API Flow |
BILLING_TEST_MODE | boolean |
False |
Configure Test mode Billing |
BILLING_SETTINGS | json |
{} |
Set configuration for gateways payment billing |
BILLING_COST_PER_WHATSAPP | float |
None |
Set cost for extra whatsapp |
TOKEN_EXTERNAL_AUTHENTICATION | string |
None |
Token External Authorization API |
ENVIRONMENT | string |
production |
Specify the environment you are going to run, it is also used for sentry |
Distributed under the MPL-2.0 License. See LICENSE
for more information.
Create an .env file in the project root and add the above environment variables
For authentication, we use Keycloak, you need to run it locally:
Execute docker-compose build
to build application
Execute docker-compose up
to up the server
Very good, your application is running 🚀
Contributions are what make the open source community such an amazing place to be learn, inspire, and create. Any contributions you make are greatly appreciated.
- Fork the Project
- Create your Feature Branch (
git checkout -b feature/AmazingFeature
) - Commit your Changes (
git commit -m 'Add some AmazingFeature'
) - Push to the Branch (
git push origin feature/AmazingFeature
) - Open a Pull Request
To see more go to the Weni Platform central repository.