Merge pull request #14456 from anuragkumawat/JAVA-18117

JAVA-18117 Update spring-boot-keycloak-adapters module
2023-07-26 20:23:45 +02:00 · 2023-07-26 20:23:45 +02:00 · 24396a71c2
parent fa88f6c181 53a1ef3168
commit 24396a71c2
9 changed files with 53 additions and 133 deletions
--- a/spring-boot-modules/spring-boot-keycloak-adapters/pom.xml
+++ b/spring-boot-modules/spring-boot-keycloak-adapters/pom.xml
@ -17,27 +17,12 @@
        <relativePath>../../parent-boot-2</relativePath>
    </parent>

-    <dependencyManagement>
-        <dependencies>
-            <dependency>
-                <groupId>org.keycloak.bom</groupId>
-                <artifactId>keycloak-adapter-bom</artifactId>
-                <version>${keycloak-adapter-bom.version}</version>
-                <type>pom</type>
-                <scope>import</scope>
-            </dependency>
-        </dependencies>
-    </dependencyManagement>
-
    <dependencies>
        <dependency>
            <groupId>org.springframework.boot</groupId>
            <artifactId>spring-boot-starter</artifactId>
        </dependency>
-        <dependency>
-            <groupId>org.keycloak</groupId>
-            <artifactId>keycloak-spring-boot-starter</artifactId>
-        </dependency>
+
        <dependency>
            <groupId>org.springframework.boot</groupId>
            <artifactId>spring-boot-starter-data-jpa</artifactId>
@ -59,6 +44,10 @@
            <groupId>org.springframework.boot</groupId>
            <artifactId>spring-boot-starter-web</artifactId>
        </dependency>
+        <dependency>
+            <groupId>org.springframework.boot</groupId>
+            <artifactId>spring-boot-starter-oauth2-resource-server</artifactId>
+        </dependency>
        <dependency>
            <groupId>org.hsqldb</groupId>
            <artifactId>hsqldb</artifactId>
@ -84,8 +73,4 @@
        </plugins>
    </build>

-    <properties>
-        <keycloak-adapter-bom.version>15.0.2</keycloak-adapter-bom.version>
-    </properties>
-
 </project>
--- a/spring-boot-modules/spring-boot-keycloak-adapters/src/main/java/com/baeldung/keycloak/CustomUserAttrController.java
+++ b/spring-boot-modules/spring-boot-keycloak-adapters/src/main/java/com/baeldung/keycloak/CustomUserAttrController.java
@ -1,13 +1,10 @@
 package com.baeldung.keycloak;

-import java.security.Principal;
 import java.util.Map;

-import org.keycloak.KeycloakPrincipal;
-import org.keycloak.KeycloakSecurityContext;
-import org.keycloak.adapters.springsecurity.token.KeycloakAuthenticationToken;
-import org.keycloak.representations.IDToken;
 import org.springframework.security.core.context.SecurityContextHolder;
+import org.springframework.security.oauth2.core.oidc.OidcIdToken;
+import org.springframework.security.oauth2.core.oidc.user.DefaultOidcUser;
 import org.springframework.stereotype.Controller;
 import org.springframework.ui.Model;
 import org.springframework.web.bind.annotation.GetMapping;
@ -18,34 +15,27 @@ public class CustomUserAttrController {
    @GetMapping(path = "/users")
    public String getUserInfo(Model model) {

-        KeycloakAuthenticationToken authentication = (KeycloakAuthenticationToken) SecurityContextHolder.getContext()
-            .getAuthentication();
-
-        final Principal principal = (Principal) authentication.getPrincipal();
+        final DefaultOidcUser user = (DefaultOidcUser) SecurityContextHolder.getContext()
+            .getAuthentication()
+            .getPrincipal();

        String dob = "";
-        String userIdByToken = "";
-        String userIdByMapper = "";
+        String userId = "";

-        if (principal instanceof KeycloakPrincipal) {
+        OidcIdToken token = user.getIdToken();

-            KeycloakPrincipal<KeycloakSecurityContext> kPrincipal = (KeycloakPrincipal<KeycloakSecurityContext>) principal;
-            IDToken token = kPrincipal.getKeycloakSecurityContext()
-                .getIdToken();
+        Map<String, Object> customClaims = token.getClaims();

-            userIdByToken = token.getSubject();
-            userIdByMapper = token.getOtherClaims().get("user_id").toString();
-
-            Map<String, Object> customClaims = token.getOtherClaims();
+        if (customClaims.containsKey("user_id")) {
+            userId = String.valueOf(customClaims.get("user_id"));
+        }

        if (customClaims.containsKey("DOB")) {
            dob = String.valueOf(customClaims.get("DOB"));
        }
-        }

-        model.addAttribute("username", principal.getName());
-        model.addAttribute("userIDByToken", userIdByToken);
-        model.addAttribute("userIDByMapper", userIdByMapper);
+        model.addAttribute("username", user.getName());
+        model.addAttribute("userID", userId);
        model.addAttribute("dob", dob);
        return "userInfo";
    }
--- a/spring-boot-modules/spring-boot-keycloak-adapters/src/main/java/com/baeldung/keycloak/KeycloakConfig.java
+++ b/spring-boot-modules/spring-boot-keycloak-adapters/src/main/java/com/baeldung/keycloak/KeycloakConfig.java
@ -1,14 +0,0 @@
-package com.baeldung.keycloak;
-
-import org.keycloak.adapters.springboot.KeycloakSpringBootConfigResolver;
-import org.springframework.context.annotation.Bean;
-import org.springframework.context.annotation.Configuration;
-
-@Configuration
-public class KeycloakConfig {
-
-    @Bean
-    public KeycloakSpringBootConfigResolver keycloakConfigResolver() {
-        return new KeycloakSpringBootConfigResolver();
-    }
-}
--- a/spring-boot-modules/spring-boot-keycloak-adapters/src/main/java/com/baeldung/keycloak/SecurityConfig.java
+++ b/spring-boot-modules/spring-boot-keycloak-adapters/src/main/java/com/baeldung/keycloak/SecurityConfig.java
@ -2,8 +2,11 @@ package com.baeldung.keycloak;

 import org.springframework.context.annotation.Bean;
 import org.springframework.context.annotation.Configuration;
+import org.springframework.security.authentication.AuthenticationManager;
+import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
 import org.springframework.security.config.annotation.web.builders.HttpSecurity;
 import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
+import org.springframework.security.config.annotation.web.configurers.oauth2.server.resource.OAuth2ResourceServerConfigurer;
 import org.springframework.security.core.session.SessionRegistryImpl;
 import org.springframework.security.web.SecurityFilterChain;
 import org.springframework.security.web.authentication.session.RegisterSessionAuthenticationStrategy;
@ -36,6 +39,13 @@ class SecurityConfig {
            .logout()
            .addLogoutHandler(keycloakLogoutHandler)
            .logoutSuccessUrl("/");
+        http.oauth2ResourceServer(OAuth2ResourceServerConfigurer::jwt);
        return http.build();
    }
+
+    @Bean
+    public AuthenticationManager authenticationManager(HttpSecurity http) throws Exception {
+        return http.getSharedObject(AuthenticationManagerBuilder.class)
+            .build();
+    }
 }
--- a/spring-boot-modules/spring-boot-keycloak-adapters/src/main/resources/application-embedded.properties
+++ b/spring-boot-modules/spring-boot-keycloak-adapters/src/main/resources/application-embedded.properties
@ -1,9 +0,0 @@
-### server port
-server.port=8080
-
-#Keycloak Configuration
-keycloak.auth-server-url=http://localhost:8083/auth
-keycloak.realm=baeldung
-keycloak.resource=customerClient
-keycloak.public-client=true
-keycloak.principal-attribute=preferred_username
--- a/spring-boot-modules/spring-boot-keycloak-adapters/src/main/resources/application.properties
+++ b/spring-boot-modules/spring-boot-keycloak-adapters/src/main/resources/application.properties
@ -1,15 +1,10 @@
 ### server port
 server.port=8081

-#Keycloak Configuration
-keycloak.auth-server-url=http://localhost:8180/auth
-keycloak.realm=SpringBootKeycloak
-keycloak.resource=login-app
-keycloak.public-client=true
-keycloak.principal-attribute=preferred_username
-
 spring.security.oauth2.client.registration.keycloak.client-id=login-app
 spring.security.oauth2.client.registration.keycloak.authorization-grant-type=authorization_code
 spring.security.oauth2.client.registration.keycloak.scope=openid
-spring.security.oauth2.client.provider.keycloak.issuer-uri=http://localhost:8180/auth/realms/SpringBootKeycloak
+spring.security.oauth2.client.provider.keycloak.issuer-uri=http://localhost:8080/realms/SpringBootKeycloak
 spring.security.oauth2.client.provider.keycloak.user-name-attribute=preferred_username
+
+spring.security.oauth2.resourceserver.jwt.issuer-uri=http://localhost:8080/realms/SpringBootKeycloak
--- a/spring-boot-modules/spring-boot-keycloak-adapters/src/main/resources/templates/userInfo.html
+++ b/spring-boot-modules/spring-boot-keycloak-adapters/src/main/resources/templates/userInfo.html
@ -8,10 +8,7 @@
 			Hello, <span th:text="${username}">--name--</span>.
 		</h1>
 		<h1>
-			User ID By Token: <span th:text="${userIDByToken}">--userID--</span>.
-		</h1>
-		<h1>
-			User ID By Mapper: <span th:text="${userIDByMapper}">--userID--</span>.
+			User ID : <span th:text="${userID}">--userID--</span>.
 		</h1>
 		<h3>
 			Your Date of Birth as per our records is <span th:text="${dob}" />.
--- a/spring-boot-modules/spring-boot-keycloak-adapters/src/test/java/com/baeldung/keycloak/KeycloakConfigurationIntegrationTest.java
+++ b/spring-boot-modules/spring-boot-keycloak-adapters/src/test/java/com/baeldung/keycloak/KeycloakConfigurationIntegrationTest.java
@ -0,0 +1,17 @@
+package com.baeldung.keycloak;
+
+import org.junit.Test;
+import org.junit.jupiter.api.extension.ExtendWith;
+import org.springframework.boot.test.context.SpringBootTest;
+import org.springframework.test.context.junit.jupiter.SpringExtension;
+
+@ExtendWith(SpringExtension.class)
+@SpringBootTest(classes = { SpringBoot.class })
+public class KeycloakConfigurationIntegrationTest {
+
+    @Test
+    public void whenLoadApplication_thenSuccess() {
+
+    }
+
+}
--- a/spring-boot-modules/spring-boot-keycloak-adapters/src/test/java/com/baeldung/keycloak/KeycloakConfigurationLiveTest.java
+++ b/spring-boot-modules/spring-boot-keycloak-adapters/src/test/java/com/baeldung/keycloak/KeycloakConfigurationLiveTest.java
@ -1,51 +0,0 @@
-package com.baeldung.keycloak;
-
-import org.junit.Before;
-import org.junit.Test;
-import org.junit.runner.RunWith;
-import org.keycloak.KeycloakPrincipal;
-import org.keycloak.KeycloakSecurityContext;
-import org.keycloak.adapters.springboot.client.KeycloakSecurityContextClientRequestInterceptor;
-import org.mockito.Mock;
-import org.mockito.MockitoAnnotations;
-import org.mockito.Spy;
-import org.springframework.boot.test.context.SpringBootTest;
-import org.springframework.mock.web.MockHttpServletRequest;
-import org.springframework.test.context.junit4.SpringJUnit4ClassRunner;
-import org.springframework.web.context.request.RequestContextHolder;
-import org.springframework.web.context.request.ServletRequestAttributes;
-
-import static org.junit.Assert.assertNotNull;
-import static org.mockito.Mockito.when;
-
-@RunWith(SpringJUnit4ClassRunner.class)
-@SpringBootTest(classes = SpringBoot.class)
-//requires running Keycloak server and realm setup as shown in https://www.baeldung.com/spring-boot-keycloak
-public class KeycloakConfigurationLiveTest {
-
-    @Spy
-    private KeycloakSecurityContextClientRequestInterceptor factory;
-
-    private MockHttpServletRequest servletRequest;
-
-    @Mock
-    public KeycloakSecurityContext keycloakSecurityContext;
-
-    @Mock
-    private KeycloakPrincipal keycloakPrincipal;
-
-    @Before
-    public void setUp() {
-        MockitoAnnotations.initMocks(this);
-        servletRequest = new MockHttpServletRequest();
-        RequestContextHolder.setRequestAttributes(new ServletRequestAttributes(servletRequest));
-        servletRequest.setUserPrincipal(keycloakPrincipal);
-        when(keycloakPrincipal.getKeycloakSecurityContext()).thenReturn(keycloakSecurityContext);
-    }
-
-    @Test
-    public void testGetKeycloakSecurityContext() throws Exception {
-        assertNotNull(keycloakPrincipal.getKeycloakSecurityContext());
-    }
-
-}