Hello, I am currently developing a spring app that integrates keycloak for user authentication. I have set up a realm along with a client so that the authentication runs successfully when manually fetching token via postman and then using it to access endpoints. However, when I try to login via browser I get [authorization_request_not_found] after the login page.
This is my application.properties setup:
spring.main.banner-mode=off
spring.datasource.url=${DATASOURCE_URL}
spring.datasource.username=${POSTGRES_USER}
spring.datasource.password=${POSTGRES_PASSWORD}
spring.jpa.properties.hibernate.default_schema=public
spring.jpa.show-sql=false
spring.jpa.hibernate.ddl-auto=none
spring.data.rest.base-path=api/
spring.liquibase.change-log=classpath:changelog-master.xml
spring.thymeleaf.prefix=classpath:/templates/
spring.thymeleaf.suffix=.html
spring.thymeleaf.cache=false
spring.security.oauth2.resourceserver.jwt.jwk-set-uri=${KEYCLOAK_URL}/realms/${KEYCLOAK_REALM}/protocol/openid-connect/certs
jwt.auth.converter.resource-id=${KEYCLOAK_RESOURCE}
jwt.auth.converter.principal-attribute=preferred_username
spring.security.oauth2.client.registration.keycloak.client-id=${KEYCLOAK_RESOURCE}
spring.security.oauth2.client.registration.keycloak.client-secret=${KEYCLOAK_SECRET}
spring.security.oauth2.client.registration.keycloak.scope=openid,profile,email
spring.security.oauth2.client.registration.keycloak.authorization-grant-type=authorization_code
spring.security.oauth2.client.registration.keycloak.redirect-uri={baseUrl}/login/oauth2/code/{registrationId}
spring.security.oauth2.client.registration.keycloak.provider=keycloak
spring.security.oauth2.client.provider.keycloak.token-uri=${KEYCLOAK_URL}/realms/${KEYCLOAK_REALM}/protocol/openid-connect/token
spring.security.oauth2.client.provider.keycloak.authorization-uri=${KEYCLOAK_URL}/realms/${KEYCLOAK_REALM}/protocol/openid-connect/auth
spring.security.oauth2.client.provider.keycloak.user-info-uri=${KEYCLOAK_URL}/realms/${KEYCLOAK_REALM}/protocol/openid-connect/userinfo
spring.security.oauth2.client.provider.keycloak.jwk-set-uri=${KEYCLOAK_URL}/realms/${KEYCLOAK_REALM}/protocol/openid-connect/certs
spring.security.oauth2.client.provider.keycloak.user-name-attribute=preferred_username
And my Spring security config:
@Configuration
@EnableWebSecurity
@RequiredArgsConstructor
@Slf4j
public class SecurityConfig {
private static final String PROFILE_FORM_URL = "/profile_form";
private static final String VIEW_JOBS_URL = "/view_jobs";
private final JwtConverter jwtConverter;
@Bean
public SecurityFilterChain securityFilterChain(HttpSecurity http) throws Exception {
http.authorizeHttpRequests((authorize) -> authorize
.requestMatchers(HttpMethod.GET, PROFILE_FORM_URL).permitAll()
.requestMatchers(HttpMethod.POST, PROFILE_FORM_URL).permitAll()
.requestMatchers(HttpMethod.GET, VIEW_JOBS_URL).hasRole(Role.ADMIN.getName())
.anyRequest().authenticated()
);
http.oauth2Login(Customizer.withDefaults());
http.oauth2ResourceServer(oauth2 -> oauth2.jwt(jwt -> jwt.jwtAuthenticationConverter(jwtConverter)));
return http.build();
}
}
Do you have any ideas what might be causing the problem? Thank you!