We are using keycloak.js to authenticate the application, but it causes some undesired dependency. We should prefer to use protocol over service. In this case, it means that we should not be depending on the keycloak library, but implement the authentication using some OpenID library, so we can easily swap the authentication service behind the curtain.
Some interesting links:
Some Keycloak alternatives (for tests):
We are using
keycloak.jsto authenticate the application, but it causes some undesired dependency. We should prefer to use protocol over service. In this case, it means that we should not be depending on the keycloak library, but implement the authentication using some OpenID library, so we can easily swap the authentication service behind the curtain.Some interesting links:
Some Keycloak alternatives (for tests):