Keycloak server embedded in a Spring Boot application with custom User Storage SPI

Getting advice
1

Hello,

I have managed to set up a Keycloak server embedded in a Spring Boot Application successfully, following this tutorial: Keycloak Embedded in a Spring Boot Application in order to avoid setting it up manually.

Since I am dealing with an old implementation that already has it’s own DB, I decided to use Keycloak’s User Storage SPI to connect to an external postgresql DB and use this for authentication instead of Keycloak DB.

To do this, I followed the tutorial on Keycloak documentation, but it envolves a standalone Keycloak server, creating a .jar with the custom provider and injecting it to <pathToKeycloak>/standalone/deployments/ .

I have created an implementation that works with a standalone Keycloak server, but now I want to include it to the embedded one. Is it possible to use a Keycloak server Embedded in a Spring Boot Application and also have an embedded custom User Storage Provider, to avoid setting up manually?

1 Like
2

I’m looking for the same… Please do let me know if there is anything you found regarding this…

Also, I guess the spring data source configuration might do the job… Have you tried that?

3

Hello, I’m looking for a similar implementation. Could really use some feedback from your experience. Thanks

4

A little late, but since I got to the same topic and found a solution:
Yes, it is possible. You just have to “merge” the spi code with the embedded Keycloak code. For example,
following the tutorial, you will have the following files:

--> src
  --> main
    --> java
      --> com...
        --> AuthorizationServerApp.java
        --> config
          --> EmbeddedKeycloakApplication.java
          --> EmbeddedKeycloakConfig.java
          --> EmbeddedKeycloakRequestFilter.java
          --> KeycloakServerProperties.java
          --> RegularJsonConfigProviderFactory.java
          --> Resteasy3Provider.java
          --> SimplePlatformProvider.java
    --> resources
      --> application.yml
      --> bealdung-realm.json
        --> META-INF
          --> keycloak-server.json
          --> services
            --> org.keycloak.common.util.ResteasyProvider
            --> org.keycloak.platform.PlatformProvider

(See spring-security-oauth/oauth-rest/oauth-authorization-server/src/main/java/com/baeldung/auth/config at master · Baeldung/spring-security-oauth · GitHub)

And following this tutorial: https://www.baeldung.com/java-keycloak-custom-user-providers you would have these files for your spi:

--> src
  --> main
    --> java
      --> com...
        --> CustomUser.java
        --> CustomUserStorageProvider.java
        --> CustomUserStorageProviderConstants.java
        --> CustomUserStorageProviderFactory.java
        --> DbUtil.java
    --> resources
     --> META-INF
       --> services
         --> org.keycloak.storage.UserStorageProviderFactory

The result merging them would be:

--> src
  --> main
    --> java
      --> com...
        --> AuthorizationServerApp.java
        --> spi
          --> CustomUser.java
          --> CustomUserStorageProvider.java
          --> CustomUserStorageProviderConstants.java
          --> CustomUserStorageProviderFactory.java
          --> DbUtil.java
        --> config
          --> EmbeddedKeycloakApplication.java
          --> EmbeddedKeycloakConfig.java
          --> EmbeddedKeycloakRequestFilter.java
          --> KeycloakServerProperties.java
          --> RegularJsonConfigProviderFactory.java
          --> Resteasy3Provider.java
          --> SimplePlatformProvider.java
    --> resources
      --> application.yml
      --> bealdung-realm.json
        --> META-INF
          --> keycloak-server.json
          --> services
            --> org.keycloak.common.util.ResteasyProvider
            --> org.keycloak.platform.PlatformProvider
            --> org.keycloak.storage.UserStorageProviderFactory

That’s all. Just add the spi files to the embedded keycloak code and you are done.

5

You can use this GitHub - suchorski/springboot-keycloak-server: Embeded Keycloak on Spring Boot Server and configure your jpa connection on properties file and keycloak-server.json