In this post we are deploying a custom Node.js web application in Oracle Kubernetes Engine (OKE).
What we want to show is how to configure the custom web application in order to have a unique Single Sing On experience.
First part
Follow this tutorial here explaining how to enable SSO to the web app running locally
Second part
Now we are making small changes to deploy on kubernetes
Create a Dockerfile in the nodejs folder of the cloned project with the following:
FROM oraclelinux:7-slim WORKDIR /app ADD . /app RUN curl --silent --location https://rpm.nodesource.com/setup_11.x | bash - RUN yum -y install nodejs npm --skip-broken EXPOSE 3000 CMD ["npm","start"]
Create K8s deployment file as follows:
apiVersion: v1 kind: Service metadata: name: idcsnodeapp spec: type: LoadBalancer selector: app: idcsnodeapp ports: - name: client protocol: TCP port: 3000
Deploy to k8s:
kubectl apply -f service.yaml
Grab the url of the new external load-balancer service created in k8s and modify the file auth.js with the appropriate values in your cloud environment
var ids = { oracle: { "ClientId": "client id of the IdCS app", "ClientSecret": "client secret of the IdCS app", "ClientTenant": "tenant id (idcs-xxxxxxxxxxxx)", "IDCSHost": "https://tenantid.identity.oraclecloud.com", "AudienceServiceUrl" : "https://tenantid.identity.oraclecloud.com", "TokenIssuer": "https://identity.oraclecloud.com/", "scope": "urn:opc:idm:t.user.me openid", "logoutSufix": "/oauth2/v1/userlogout", "redirectURL": "http://k8sloadbalancerip:3000/callback", "LogLevel":"warn", "ConsoleLog":"True" } };
Build the container and push to a repo you have write access to, such as:
docker build -t javiermugueta/idcsnodeapp . docker push javiermugueta/idcsnodeapp
Modify the IdCS application with the public IP of the k8s load-balancer service

Create k8s deployment file as follows:
apiVersion: apps/v1 kind: Deployment metadata: name: idcsnodeapp labels: app: idcsnodeapp spec: replicas: 1 selector: matchLabels: app: idcsnodeapp strategy: type: Recreate template: metadata: labels: app: idcsnodeapp spec: containers: - image: javiermugueta/idcsnodeapp name: idcsnodeapp ports: - containerPort: 3000 name: idcsnodeapp
Deploy to k8s
kubectl apply -f deployment.yaml
Test the app and verify SSO is working:
Hope it helps! 🙂