BAEL-5252-Disable-Keycloak-Security-in-Spring-Boot (#12218)

spring-boot-modules/spring-boot-keycloak/src/main/java/com/baeldung/disablingkeycloak/App.java

@@ -0,0 +1,13 @@
+package com.baeldung.disablingkeycloak;
+
+import org.springframework.boot.SpringApplication;
+import org.springframework.boot.autoconfigure.SpringBootApplication;
+
+@SpringBootApplication(scanBasePackages = { "com.baeldung.disablingkeycloak" })
+public class App {
+
+    public static void main(String[] args) {
+        SpringApplication.run(App.class, args);
+    }
+
+}

spring-boot-modules/spring-boot-keycloak/src/main/java/com/baeldung/disablingkeycloak/DisableSecurityConfiguration.java

@@ -0,0 +1,20 @@
+package com.baeldung.disablingkeycloak;
+
+import org.springframework.boot.autoconfigure.condition.ConditionalOnProperty;
+import org.springframework.context.annotation.Configuration;
+import org.springframework.security.config.annotation.web.builders.HttpSecurity;
+import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
+
+@Configuration
+@ConditionalOnProperty(name = "keycloak.enabled", havingValue = "false")
+public class DisableSecurityConfiguration extends WebSecurityConfigurerAdapter {
+
+    @Override
+    protected void configure(final HttpSecurity http) throws Exception {
+        http.csrf()
+            .disable()
+            .authorizeRequests()
+            .anyRequest()
+            .permitAll();
+    }
+}

spring-boot-modules/spring-boot-keycloak/src/main/java/com/baeldung/disablingkeycloak/KeycloakConfiguration.java

@@ -0,0 +1,14 @@
+package com.baeldung.disablingkeycloak;
+
+import org.keycloak.adapters.springboot.KeycloakSpringBootConfigResolver;
+import org.springframework.context.annotation.Bean;
+import org.springframework.context.annotation.Configuration;
+
+@Configuration
+public class KeycloakConfiguration {
+
+    @Bean
+    public KeycloakSpringBootConfigResolver keycloakConfigResolver() {
+        return new KeycloakSpringBootConfigResolver();
+    }
+}

spring-boot-modules/spring-boot-keycloak/src/main/java/com/baeldung/disablingkeycloak/KeycloakSecurityConfig.java

@@ -0,0 +1,38 @@
+package com.baeldung.disablingkeycloak;
+
+import org.keycloak.adapters.springsecurity.KeycloakConfiguration;
+import org.keycloak.adapters.springsecurity.config.KeycloakWebSecurityConfigurerAdapter;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.boot.autoconfigure.condition.ConditionalOnProperty;
+import org.springframework.context.annotation.Bean;
+import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
+import org.springframework.security.config.annotation.web.builders.HttpSecurity;
+import org.springframework.security.web.authentication.session.NullAuthenticatedSessionStrategy;
+import org.springframework.security.web.authentication.session.SessionAuthenticationStrategy;
+
+@KeycloakConfiguration
+@ConditionalOnProperty(name = "keycloak.enabled", havingValue = "true", matchIfMissing = true)
+public class KeycloakSecurityConfig extends KeycloakWebSecurityConfigurerAdapter {
+
+    @Autowired
+    public void configureGlobal(AuthenticationManagerBuilder auth) {
+        auth.authenticationProvider(keycloakAuthenticationProvider());
+    }
+
+    @Bean
+    @Override
+    protected SessionAuthenticationStrategy sessionAuthenticationStrategy() {
+        return new NullAuthenticatedSessionStrategy();
+    }
+
+    @Override
+    protected void configure(HttpSecurity http) throws Exception {
+        super.configure(http);
+
+        http.csrf()
+            .disable()
+            .authorizeRequests()
+            .anyRequest()
+            .authenticated();
+    }
+}

spring-boot-modules/spring-boot-keycloak/src/main/java/com/baeldung/disablingkeycloak/User.java

@@ -0,0 +1,40 @@
+package com.baeldung.disablingkeycloak;
+
+public class User {
+    private Long id;
+    private String firstname;
+    private String lastname;
+
+    public User() {
+    }
+
+    public User(Long id, String firstname, String lastname) {
+        this.id = id;
+        this.firstname = firstname;
+        this.lastname = lastname;
+    }
+
+    public Long getId() {
+        return id;
+    }
+
+    public void setId(Long id) {
+        this.id = id;
+    }
+
+    public String getFirstname() {
+        return firstname;
+    }
+
+    public void setFirstname(String firstname) {
+        this.firstname = firstname;
+    }
+
+    public String getLastname() {
+        return lastname;
+    }
+
+    public void setLastname(String lastname) {
+        this.lastname = lastname;
+    }
+}

spring-boot-modules/spring-boot-keycloak/src/main/java/com/baeldung/disablingkeycloak/UserController.java

@@ -0,0 +1,17 @@
+package com.baeldung.disablingkeycloak;
+
+import org.springframework.web.bind.annotation.GetMapping;
+import org.springframework.web.bind.annotation.PathVariable;
+import org.springframework.web.bind.annotation.RequestMapping;
+import org.springframework.web.bind.annotation.RestController;
+
+@RestController
+@RequestMapping("/users")
+public class UserController {
+
+    @GetMapping("/{userId}")
+    public User getCustomer(@PathVariable Long userId) {
+        return new User(userId, "John", "Doe");
+    }
+
+}

spring-boot-modules/spring-boot-keycloak/src/main/resources/application-disabling-keycloak.properties

@@ -0,0 +1,7 @@
+# Keycloak authentication is enabled for production.
+keycloak.enabled=true
+keycloak.realm=SpringBootKeycloak
+keycloak.auth-server-url=http://localhost:8180/auth
+keycloak.resource=login-app
+keycloak.bearer-only=true
+keycloak.ssl-required=external

spring-boot-modules/spring-boot-keycloak/src/test/java/com/baeldung/disablingkeycloak/DisablingKeycloakIntegrationTest.java

@@ -0,0 +1,33 @@
+package com.baeldung.disablingkeycloak;
+
+import static org.junit.Assert.assertEquals;
+import static org.junit.Assert.assertNotNull;
+
+import org.apache.http.HttpStatus;
+import org.junit.Test;
+import org.junit.runner.RunWith;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.boot.test.context.SpringBootTest;
+import org.springframework.boot.test.web.client.TestRestTemplate;
+import org.springframework.http.ResponseEntity;
+import org.springframework.test.context.ActiveProfiles;
+import org.springframework.test.context.junit4.SpringRunner;
+
+@SpringBootTest(classes = App.class, webEnvironment = SpringBootTest.WebEnvironment.RANDOM_PORT)
+@RunWith(SpringRunner.class)
+@ActiveProfiles("disablingkeycloak")
+public class DisablingKeycloakIntegrationTest {
+
+    @Autowired
+    private TestRestTemplate restTemplate;
+
+    @Test
+    public void givenUnauthenticated_whenGettingUser_shouldReturnUser() {
+        ResponseEntity<User> responseEntity = restTemplate.getForEntity("/users/1", User.class);
+
+        assertEquals(HttpStatus.SC_OK, responseEntity.getStatusCodeValue());
+        assertNotNull(responseEntity.getBody()
+            .getFirstname());
+    }
+
+}

spring-boot-modules/spring-boot-keycloak/src/test/resources/application-disablingkeycloak.properties

@@ -0,0 +1 @@
+keycloak.enabled=false