Hi i am trying to secure a spring boot application with keycloak,
my configuration works on a blank springboot application,
however it doesn’t work with my spring boot application, the application is a service account.
Do you know where could be the problem?
WebSecurityConfig.kt
@Configuration
@EnableWebSecurity
class WebSecurityConfig : WebSecurityConfigurerAdapter() {
@Bean
fun passwordEncoder(): PasswordEncoder {
return BCryptPasswordEncoder()
}
override fun configure(http: HttpSecurity) {
http.authorizeRequests()
.antMatchers("/api/public").permitAll()
.antMatchers("/api/public").authenticated()
.anyRequest().authenticated().and()
.oauth2Login()
}
@Bean
fun clientRegistrationRepository(): ClientRegistrationRepository {
return InMemoryClientRegistrationRepository(keycloakClientRegistration())
}
private fun keycloakClientRegistration(): ClientRegistration {
return ClientRegistration.withRegistrationId("keycloak") // registration_id
.clientId("insite-app")
.clientSecret("98ee37d9-09f9-40f9-a965-947bc6ef0871")
.scope("openid")
.clientAuthenticationMethod(ClientAuthenticationMethod.BASIC)
.authorizationGrantType(AuthorizationGrantType.AUTHORIZATION_CODE) // {baseUrl}/login/oauth2/code/{registration_id}
.redirectUriTemplate("http://localhost:1337/login/oauth2/code/keycloak")
.authorizationUri("http://localhost:8086/auth/realms/Portico/protocol/openid-connect/auth")
.tokenUri("http://localhost:8086/auth/realms/Portico/protocol/openid-connect/token")
.userInfoUri("http://localhost:8086/auth/realms/Portico/protocol/openid-connect/userinfo")
.jwkSetUri("http://localhost:8086/auth/realms/Portico/protocol/openid-connect/certs")
.userNameAttributeName(IdTokenClaimNames.SUB)
.clientName("Insite")
.build()
}
}
in keycloak configuration i set the valid redirect uri to : http://localhost:1337/login/oauth2/code/keycloak