My application based on microservices were working fine working on just localhost untill trying to set it up on docker-compose.
I’ve got issue on API Gateway side. I’ve figured that authorization-uri has to be on localhost since it goes from outside of docker network.
token-uri and user-info-uri are going from gateway to keycloak and need to call keycloak by its dns name. clientId and userId null in the error. I’ve tried to change user-id to user_Id, but doesnt change anything.
Any ideas what could be wrong? Any help would be appreciated.
19:09:20,616 WARN [org.keycloak.events] (default task-2) type=USER_INFO_REQUEST_ERROR, realmId=cinema, clientId=null, userId=null, ipAddress=172.21.0.9, error=invalid_token, auth_method=validate_access_token
spring:
application:
name: Gateway
config:
import: optional:configserver:http://${ConfigService:configserver}:8888
cloud:
gateway:
discovery:
locator:
enabled: true
default-filters:
- TokenRelay
security:
oauth2:
client:
provider:
keycloak-spring-gateway-client:
token-uri: http://${KEYCLOAK:localhost}:8080/auth/realms/${app.config.keycloak.realm}/protocol/openid-connect/token
authorization-uri: http://localhost:28080/auth/realms/${app.config.keycloak.realm}/protocol/openid-connect/auth
user-name-attribute: preferred_username
user-info-uri: http://${KEYCLOAK:localhost}:8080/auth/realms/${app.config.keycloak.realm}/protocol/openid-connect/userinfo
jwk-set-uri: http://${KEYCLOAK:localhost}:8080/auth/realms/${app.config.keycloak.realm}/protocol/openid-connect/certs
user-info-authentication-method: header
registration:
keycloak-spring-gateway-client:
provider: keycloak-spring-gateway-client
client-id: gateway
client-secret: ${GATEWAY_SECRET:PxY64IIOcSCUgZDWRdt2rHf8SL41xdX5}
authorization-grant-type: authorization_code
redirect-uri: http://localhost:8890/login/oauth2/code/keycloak
scope: openid
resourceserver:
jwt:
jwk-set-uri: ${app.config.keycloak.url}/realms/${app.config.keycloak.realm}/protocol/openid-connect/certs