- Added Keycloak audience protocol mapper to workclub-app client
- Maps 'workclub-api' to aud claim in access tokens
- Disabled issuer validation in API for local dev
- External clients use localhost:8080, internal use keycloak:8080
- Prevents validation mismatch in Docker network environment
This resolves 401 Unauthorized errors on all authenticated endpoints.
Ref: .sisyphus/evidence/final-f3-manual-qa.md lines 418-444
- Changed KEYCLOAK_ID → KEYCLOAK_CLIENT_ID
- Changed KEYCLOAK_SECRET → KEYCLOAK_CLIENT_SECRET
- Fixes 'ClientFetchError: The string did not match the expected pattern'
- Frontend now loads successfully at http://localhost:3000
- Updated project summary to document fix (Blocker #5 resolved)
Implements Task 22: Docker Compose Full Stack with Hot Reload
Services added:
- dotnet-api: Builds from backend/Dockerfile.dev
- Port 5000→8080, volume mount for hot reload
- Development environment with database + Keycloak config
- Depends on: postgres (healthy), keycloak (healthy)
- nextjs: Builds from frontend/Dockerfile.dev
- Port 3000, volume mount with node_modules exclusion
- API URLs, NextAuth, Keycloak config
- Depends on: dotnet-api
Dependency chain: postgres → keycloak → dotnet-api → nextjs
Features:
- Hot reload enabled via volume mounts with :cached flag (macOS)
- Backend runs migrations + seed on startup (Development mode)
- dotnet watch monitors backend changes
- bun run dev monitors frontend changes
- All services on app-network bridge
Environment variables configured for local development.
Note: Docker build/runtime verification skipped (Docker daemon unavailable).
- Add docker-compose.yml (v3.9) with postgres:16-alpine and keycloak:26.1 services
- Configure PostgreSQL with separate workclub and keycloak databases
- Setup Keycloak with database backend, admin user, and realm import capability
- Create PostgreSQL init script to provision development databases and users
- Add placeholder realm-export.json for Keycloak realm configuration
- Configure healthchecks and app-network bridge for service discovery
- Document configuration and patterns in learnings.md
