JAVA-14471 Update Keycloak articles - deprecated client adapters
This commit is contained in:
anuragkumawat
-53
@@ -1,53 +0,0 @@
|
||||
package com.baeldung.keycloak;
|
||||
|
||||
import java.security.Principal;
|
||||
import java.util.Map;
|
||||
|
||||
import org.keycloak.KeycloakPrincipal;
|
||||
import org.keycloak.KeycloakSecurityContext;
|
||||
import org.keycloak.adapters.springsecurity.token.KeycloakAuthenticationToken;
|
||||
import org.keycloak.representations.IDToken;
|
||||
import org.springframework.security.core.context.SecurityContextHolder;
|
||||
import org.springframework.stereotype.Controller;
|
||||
import org.springframework.ui.Model;
|
||||
import org.springframework.web.bind.annotation.GetMapping;
|
||||
|
||||
@Controller
|
||||
public class CustomUserAttrController {
|
||||
|
||||
@GetMapping(path = "/users")
|
||||
public String getUserInfo(Model model) {
|
||||
|
||||
KeycloakAuthenticationToken authentication = (KeycloakAuthenticationToken) SecurityContextHolder.getContext()
|
||||
.getAuthentication();
|
||||
|
||||
final Principal principal = (Principal) authentication.getPrincipal();
|
||||
|
||||
String dob = "";
|
||||
String userIdByToken = "";
|
||||
String userIdByMapper = "";
|
||||
|
||||
if (principal instanceof KeycloakPrincipal) {
|
||||
|
||||
KeycloakPrincipal<KeycloakSecurityContext> kPrincipal = (KeycloakPrincipal<KeycloakSecurityContext>) principal;
|
||||
IDToken token = kPrincipal.getKeycloakSecurityContext()
|
||||
.getIdToken();
|
||||
|
||||
userIdByToken = token.getSubject();
|
||||
userIdByMapper = token.getOtherClaims().get("user_id").toString();
|
||||
|
||||
Map<String, Object> customClaims = token.getOtherClaims();
|
||||
|
||||
if (customClaims.containsKey("DOB")) {
|
||||
dob = String.valueOf(customClaims.get("DOB"));
|
||||
}
|
||||
}
|
||||
|
||||
model.addAttribute("username", principal.getName());
|
||||
model.addAttribute("userIDByToken", userIdByToken);
|
||||
model.addAttribute("userIDByMapper", userIdByMapper);
|
||||
model.addAttribute("dob", dob);
|
||||
return "userInfo";
|
||||
}
|
||||
|
||||
}
|
||||
-14
@@ -1,14 +0,0 @@
|
||||
package com.baeldung.keycloak;
|
||||
|
||||
import org.keycloak.adapters.springboot.KeycloakSpringBootConfigResolver;
|
||||
import org.springframework.context.annotation.Bean;
|
||||
import org.springframework.context.annotation.Configuration;
|
||||
|
||||
@Configuration
|
||||
public class KeycloakConfig {
|
||||
|
||||
@Bean
|
||||
public KeycloakSpringBootConfigResolver keycloakConfigResolver() {
|
||||
return new KeycloakSpringBootConfigResolver();
|
||||
}
|
||||
}
|
||||
+10
@@ -2,8 +2,11 @@ package com.baeldung.keycloak;
|
||||
|
||||
import org.springframework.context.annotation.Bean;
|
||||
import org.springframework.context.annotation.Configuration;
|
||||
import org.springframework.security.authentication.AuthenticationManager;
|
||||
import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
|
||||
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
|
||||
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
|
||||
import org.springframework.security.config.annotation.web.configurers.oauth2.server.resource.OAuth2ResourceServerConfigurer;
|
||||
import org.springframework.security.core.session.SessionRegistryImpl;
|
||||
import org.springframework.security.web.SecurityFilterChain;
|
||||
import org.springframework.security.web.authentication.session.RegisterSessionAuthenticationStrategy;
|
||||
@@ -36,6 +39,13 @@ class SecurityConfig {
|
||||
.logout()
|
||||
.addLogoutHandler(keycloakLogoutHandler)
|
||||
.logoutSuccessUrl("/");
|
||||
http.oauth2ResourceServer(OAuth2ResourceServerConfigurer::jwt);
|
||||
return http.build();
|
||||
}
|
||||
|
||||
@Bean
|
||||
public AuthenticationManager authenticationManager(HttpSecurity http) throws Exception {
|
||||
return http.getSharedObject(AuthenticationManagerBuilder.class)
|
||||
.build();
|
||||
}
|
||||
}
|
||||
|
||||
+14
-41
@@ -1,54 +1,27 @@
|
||||
package com.baeldung.keycloaksoap;
|
||||
|
||||
import org.keycloak.adapters.KeycloakConfigResolver;
|
||||
import org.keycloak.adapters.springboot.KeycloakSpringBootConfigResolver;
|
||||
import org.keycloak.adapters.springsecurity.KeycloakConfiguration;
|
||||
import org.keycloak.adapters.springsecurity.authentication.KeycloakAuthenticationProvider;
|
||||
import org.keycloak.adapters.springsecurity.config.KeycloakWebSecurityConfigurerAdapter;
|
||||
import org.springframework.beans.factory.annotation.Autowired;
|
||||
import org.springframework.boot.autoconfigure.condition.ConditionalOnProperty;
|
||||
import org.springframework.context.annotation.Bean;
|
||||
import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
|
||||
import org.springframework.context.annotation.Configuration;
|
||||
import org.springframework.security.config.annotation.method.configuration.EnableGlobalMethodSecurity;
|
||||
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
|
||||
import org.springframework.security.core.authority.mapping.SimpleAuthorityMapper;
|
||||
import org.springframework.security.core.session.SessionRegistryImpl;
|
||||
import org.springframework.security.web.authentication.session.RegisterSessionAuthenticationStrategy;
|
||||
import org.springframework.security.web.authentication.session.SessionAuthenticationStrategy;
|
||||
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
|
||||
import org.springframework.security.config.annotation.web.configurers.oauth2.server.resource.OAuth2ResourceServerConfigurer;
|
||||
import org.springframework.security.web.SecurityFilterChain;
|
||||
|
||||
@KeycloakConfiguration
|
||||
@Configuration
|
||||
@EnableWebSecurity
|
||||
@ConditionalOnProperty(name = "keycloak.enabled", havingValue = "true")
|
||||
@EnableGlobalMethodSecurity(jsr250Enabled = true)
|
||||
public class KeycloakSecurityConfig extends KeycloakWebSecurityConfigurerAdapter {
|
||||
@Override
|
||||
protected void configure(HttpSecurity http) throws Exception {
|
||||
super.configure(http);
|
||||
//@formatter:off
|
||||
http
|
||||
.csrf()
|
||||
.disable()
|
||||
.authorizeRequests()
|
||||
.anyRequest()
|
||||
.permitAll();
|
||||
//@formatter:on
|
||||
}
|
||||
|
||||
@Autowired
|
||||
public void configureGlobal(AuthenticationManagerBuilder auth) {
|
||||
KeycloakAuthenticationProvider keycloakAuthenticationProvider = keycloakAuthenticationProvider();
|
||||
keycloakAuthenticationProvider.setGrantedAuthoritiesMapper(new SimpleAuthorityMapper());
|
||||
auth.authenticationProvider(keycloakAuthenticationProvider);
|
||||
}
|
||||
public class KeycloakSecurityConfig {
|
||||
|
||||
@Bean
|
||||
@Override
|
||||
protected SessionAuthenticationStrategy sessionAuthenticationStrategy() {
|
||||
return new RegisterSessionAuthenticationStrategy(new SessionRegistryImpl());
|
||||
public SecurityFilterChain filterChain(HttpSecurity http) throws Exception {
|
||||
http.csrf()
|
||||
.disable()
|
||||
.authorizeHttpRequests(auth -> auth.anyRequest()
|
||||
.authenticated())
|
||||
.oauth2ResourceServer(OAuth2ResourceServerConfigurer::jwt);
|
||||
return http.build();
|
||||
}
|
||||
|
||||
@Bean
|
||||
public KeycloakConfigResolver keycloakSpringBootConfigResolver() {
|
||||
return new KeycloakSpringBootConfigResolver();
|
||||
}
|
||||
|
||||
}
|
||||
|
||||
-9
@@ -1,9 +0,0 @@
|
||||
### server port
|
||||
server.port=8080
|
||||
|
||||
#Keycloak Configuration
|
||||
keycloak.auth-server-url=http://localhost:8083/auth
|
||||
keycloak.realm=baeldung
|
||||
keycloak.resource=customerClient
|
||||
keycloak.public-client=true
|
||||
keycloak.principal-attribute=preferred_username
|
||||
+1
-7
@@ -1,14 +1,8 @@
|
||||
server.port=18080
|
||||
|
||||
keycloak.enabled=true
|
||||
keycloak.realm=baeldung-soap-services
|
||||
keycloak.auth-server-url=http://localhost:8080/auth
|
||||
keycloak.bearer-only=true
|
||||
keycloak.credentials.secret=14da6f9e-261f-489a-9bf0-1441e4a9ddc4
|
||||
keycloak.ssl-required=external
|
||||
keycloak.resource=baeldung-soap-services
|
||||
keycloak.use-resource-role-mappings=true
|
||||
|
||||
spring.security.oauth2.resourceserver.jwt.issuer-uri=http://localhost:8080/realms/baeldung-soap-services
|
||||
|
||||
# Custom properties begin here
|
||||
ws.api.path=/ws/api/v1/*
|
||||
|
||||
@@ -1,15 +1,10 @@
|
||||
### server port
|
||||
server.port=8081
|
||||
|
||||
#Keycloak Configuration
|
||||
keycloak.auth-server-url=http://localhost:8180/auth
|
||||
keycloak.realm=SpringBootKeycloak
|
||||
keycloak.resource=login-app
|
||||
keycloak.public-client=true
|
||||
keycloak.principal-attribute=preferred_username
|
||||
|
||||
spring.security.oauth2.client.registration.keycloak.client-id=login-app
|
||||
spring.security.oauth2.client.registration.keycloak.authorization-grant-type=authorization_code
|
||||
spring.security.oauth2.client.registration.keycloak.scope=openid
|
||||
spring.security.oauth2.client.provider.keycloak.issuer-uri=http://localhost:8180/auth/realms/SpringBootKeycloak
|
||||
spring.security.oauth2.client.provider.keycloak.user-name-attribute=preferred_username
|
||||
spring.security.oauth2.client.provider.keycloak.issuer-uri=http://localhost:8080/realms/SpringBootKeycloak
|
||||
spring.security.oauth2.client.provider.keycloak.user-name-attribute=preferred_username
|
||||
|
||||
spring.security.oauth2.resourceserver.jwt.issuer-uri=http://localhost:8080/realms/SpringBootKeycloak
|
||||
@@ -1,21 +0,0 @@
|
||||
<!DOCTYPE html>
|
||||
<html xmlns:th="http://www.thymeleaf.org">
|
||||
<head th:include="layout :: headerFragment">
|
||||
</head>
|
||||
<body>
|
||||
<div id="container">
|
||||
<h1>
|
||||
Hello, <span th:text="${username}">--name--</span>.
|
||||
</h1>
|
||||
<h1>
|
||||
User ID By Token: <span th:text="${userIDByToken}">--userID--</span>.
|
||||
</h1>
|
||||
<h1>
|
||||
User ID By Mapper: <span th:text="${userIDByMapper}">--userID--</span>.
|
||||
</h1>
|
||||
<h3>
|
||||
Your Date of Birth as per our records is <span th:text="${dob}" />.
|
||||
</h3>
|
||||
</div>
|
||||
</body>
|
||||
</html>
|
||||
-51
@@ -1,51 +0,0 @@
|
||||
package com.baeldung.keycloak;
|
||||
|
||||
import org.junit.Before;
|
||||
import org.junit.Test;
|
||||
import org.junit.runner.RunWith;
|
||||
import org.keycloak.KeycloakPrincipal;
|
||||
import org.keycloak.KeycloakSecurityContext;
|
||||
import org.keycloak.adapters.springboot.client.KeycloakSecurityContextClientRequestInterceptor;
|
||||
import org.mockito.Mock;
|
||||
import org.mockito.MockitoAnnotations;
|
||||
import org.mockito.Spy;
|
||||
import org.springframework.boot.test.context.SpringBootTest;
|
||||
import org.springframework.mock.web.MockHttpServletRequest;
|
||||
import org.springframework.test.context.junit4.SpringJUnit4ClassRunner;
|
||||
import org.springframework.web.context.request.RequestContextHolder;
|
||||
import org.springframework.web.context.request.ServletRequestAttributes;
|
||||
|
||||
import static org.junit.Assert.assertNotNull;
|
||||
import static org.mockito.Mockito.when;
|
||||
|
||||
@RunWith(SpringJUnit4ClassRunner.class)
|
||||
@SpringBootTest(classes = SpringBoot.class)
|
||||
//requires running Keycloak server and realm setup as shown in https://www.baeldung.com/spring-boot-keycloak
|
||||
public class KeycloakConfigurationLiveTest {
|
||||
|
||||
@Spy
|
||||
private KeycloakSecurityContextClientRequestInterceptor factory;
|
||||
|
||||
private MockHttpServletRequest servletRequest;
|
||||
|
||||
@Mock
|
||||
public KeycloakSecurityContext keycloakSecurityContext;
|
||||
|
||||
@Mock
|
||||
private KeycloakPrincipal keycloakPrincipal;
|
||||
|
||||
@Before
|
||||
public void setUp() {
|
||||
MockitoAnnotations.initMocks(this);
|
||||
servletRequest = new MockHttpServletRequest();
|
||||
RequestContextHolder.setRequestAttributes(new ServletRequestAttributes(servletRequest));
|
||||
servletRequest.setUserPrincipal(keycloakPrincipal);
|
||||
when(keycloakPrincipal.getKeycloakSecurityContext()).thenReturn(keycloakSecurityContext);
|
||||
}
|
||||
|
||||
@Test
|
||||
public void testGetKeycloakSecurityContext() throws Exception {
|
||||
assertNotNull(keycloakPrincipal.getKeycloakSecurityContext());
|
||||
}
|
||||
|
||||
}
|
||||
+18
@@ -0,0 +1,18 @@
|
||||
package com.baeldung.keycloak;
|
||||
|
||||
import org.junit.Test;
|
||||
import org.junit.jupiter.api.extension.ExtendWith;
|
||||
import org.springframework.boot.test.context.SpringBootTest;
|
||||
import org.springframework.test.context.junit.jupiter.SpringExtension;
|
||||
import com.baeldung.keycloak.SpringBoot;
|
||||
|
||||
@ExtendWith(SpringExtension.class)
|
||||
@SpringBootTest(classes = { SpringBoot.class })
|
||||
public class KeycloakContextIntegrationTest {
|
||||
|
||||
@Test
|
||||
public void whenLoadApplication_thenSuccess() {
|
||||
|
||||
}
|
||||
|
||||
}
|
||||
+1
-1
@@ -105,7 +105,7 @@ class KeycloakSoapLiveTest {
|
||||
void givenAccessToken_whenDeleteProduct_thenReturnSuccess() {
|
||||
HttpHeaders headers = new HttpHeaders();
|
||||
headers.set("content-type", "text/xml");
|
||||
headers.set("Authorization", "Bearer " + generateToken("jhondoe", "password"));
|
||||
headers.set("Authorization", "Bearer " + generateToken("johndoe", "password"));
|
||||
HttpEntity<String> request = new HttpEntity<>(Utility.getDeleteProductsRequest(), headers);
|
||||
ResponseEntity<String> responseEntity = restTemplate.postForEntity("http://localhost:" + port + "/ws/api/v1/", request, String.class);
|
||||
|
||||
|
||||
+4
-1
@@ -1,4 +1,7 @@
|
||||
grant.type=password
|
||||
client.id=baeldung-soap-services
|
||||
client.secret=d2ba7af8-f7d2-4c97-b4a5-3c88b59920ae
|
||||
url=http://localhost:8080/auth/realms/baeldung-soap-services/protocol/openid-connect/token
|
||||
url=http://localhost:8080/realms/baeldung-soap-services/protocol/openid-connect/token
|
||||
|
||||
keycloak.enabled=true
|
||||
spring.security.oauth2.resourceserver.jwt.issuer-uri=http://localhost:8080/realms/baeldung-soap-services
|
||||
|
||||
Reference in New Issue
Block a user