Test Setup on Red Hat OpenShift

Setup a Test Environment

  1. Register an account and download from Red Hat OpenShift Portal

  2. As on 13-November-2023 you can also use the developer sandbox, since all components are not directly needed to run (example: Kafka / AMQ operator is not available on Sandbox)

  3. Please follow below steps in order

Login to your cluster

oc login -u <USERNAME> <URL> 

If running on your local machine then you can also (Setup a new project dedicated for Co-Auth) below

oc new-project coauth
oc project coauth

Postgres Setup

This is where your persistent data resides

  1. Login to OpenShift console and navigate to developer -> +Add->Database->postgres (persistent)

Configure as below

Service name: postgresql

Creating the database

  1. Once started head over to terminal in the pod and execute the following

oc get pods
\c coauth 

Copy the script from https://github.com/coauth/coauth-core/blob/main/scripts/init.sql and paste to execute in this terminal

#Verify if the script was successful
#this is display 7 rows
select * from core_app_auth_mstr;
#This will display 1 row
#Now Quit psql
#Now exit terminal of pod

This activity will create the necessary database structure, along with a dummy test application "Co-Auth Test app" and a corresponding key 11111111-1111-1111-1111-111111111111

Your database is now setup

Data-Grid / Infinispan Setup

This component is used to reduce load on the database calls. With Infinispan you have in-memory data across your pods as they scale up and down with request traffic.

For data grid setup follow OpenShift documentation

For manual setup from web console follow below steps

  1. Login to OpenShift web console

  2. Go to developer -> +Add -> Container Images

Container image: quay.io/infinispan/server:14.0
Application name: infinispan-db
Name: infinispan-db
Port: 1122
Environment variable: USER: admin
Environment variable: PASS: password

OR for running using OC CLI

oc new-app --image=quay.io/infinispan/server:14.0 \
--name=infinispan-db \
--env=USER=admin \

Your Infinispan Setup is now complete

Kafka / OpenShift AMQ

In current development stage not needed

Mock Co-Auth Management UI

This microservice demonstrates an example features and configuration that would be available Co-Auth ecosystem.

oc new-app --image=godwinpinto/coauth-management-ui:1.0.0-SNAPSHOT \
oc expose service/coauth-management-ui

API Gateway

Responsible for routing of all requests. Injecting App details into request body retrieved from the auth guard microservice

oc new-app --image=docker.io/godwinpinto/coauth-core-api-gateway:0.0.1-SNAPSHOT \
--name=coauth-core-api-gateway \
--env=MODULE_REGISTRY_SERVICE=http://coauth-core-module-registry:8080 \
--env=AUTH_GUARD_SERVICE=http://coauth-core-auth-guard:8080/core/auth-guard  \
--env=MODULE_TOTP_SERVICE=http://coauth-module-totp:8080 \
--env=MODULE_RECONFIRM_SERVICE=http://coauth-module-reconfirm:8080 \
--env=UI_PLUGIN_SERVICE=http://coauth-plugin-web:8080 \

Now expose your API gateway, so that you have a URL to access

oc expose service/coauth-core-api-gateway

Auth Guard

Responsible for validating the register and verify endpoints with API-KEY for requests that include generate and status

oc new-app --name=coauth-core-auth-guard \
--image=godwinpinto/coauth-core-auth-guard:1.0.0-SNAPSHOT \
--env=POSTGRESQL_USER=postgres \

Module Registry

This microservice hold the meta data if the user is registered for a module against a registered application

oc new-app --image=docker.io/godwinpinto/coauth-core-module-registry:1.0.0-SNAPSHOT \
--name=coauth-core-module-registry \
--env=POSTGRESQL_USER=postgres \
--env=POSTGRESQL_PASSWORD=postgres \
--env=INFINISPAN_USER=admin \
--env=INFINISPAN_PASSWORD=password \
--env=COAUTH_MODULE_TOTP=http://coauth-module-totp:8080 \

Module TOTP

Microservice responsible to store, verify secrets related to TOTP

Modify the Kafka values below

oc new-app --image=docker.io/godwinpinto/coauth-module-totp:1.0.0-SNAPSHOT \
--name=coauth-module-totp \
--env=POSTGRESQL_USER=postgres \
--env=POSTGRESQL_PASSWORD=postgres \
--env=INFINISPAN_USER=admin \
--env=INFINISPAN_PASSWORD=password \

Module Reconfirm

Microservice to verify the text re-entered by user

Modify the Kafka values below

oc new-app --image=docker.io/godwinpinto/coauth-module-reconfirm:1.0.0-SNAPSHOT \
--name=coauth-module-reconfirm \
--env=POSTGRESQL_USER=postgres \
--env=POSTGRESQL_PASSWORD=postgres \
--env=INFINISPAN_USER=admin \
--env=INFINISPAN_PASSWORD=password \

Web Plugin

Responsible for UI of the embeded IFrame which example app will call

oc new-app --image=docker.io/godwinpinto/coauth-plugin-web:1.0.0-SNAPSHOT \

Example App

A sample application developed in Quarkus and Vuejs to demonstrate how to integrate Co-Auth with third party applications

For demonstration purpose, the example app resides behind api gateway. However, in real world scenarios the example app would reside outside with the example app configuring the URLs of Co-Auth


oc new-app \
--image=docker.io/godwinpinto/coauth-example-quarkus-vue:1.0.0-SNAPSHOT \
--name=coauth-example-quarkus-vue \


Now from web console, navigate to the route URL provided at API gateway

Example application


You shall see a registration page, followed by TOTP which can be scanned with any authenticator mobile app.

  1. Later a transfer page to revalidate the TOTP

  2. Also, a delete payee to test reconfirm module

Example Mock Administration UI

You can access the mock UI of how one can expect the administration panel will be available at


Last updated