https://github.com/razorcd/spring-keycloak-app

Spring REST API secured with Keycloak and Spring Security
https://github.com/razorcd/spring-keycloak-app

Last synced: 8 months ago
JSON representation

Spring REST API secured with Keycloak and Spring Security

• Host: GitHub
• URL: https://github.com/razorcd/spring-keycloak-app
• Owner: razorcd
• License: mit
• Created: 2018-08-04T21:45:47.000Z (almost 8 years ago)
• Default Branch: api
• Last Pushed: 2018-08-05T20:19:32.000Z (almost 8 years ago)
• Last Synced: 2025-10-06T02:41:52.521Z (8 months ago)
• Language: Java
• Homepage:
• Size: 73.2 KB
• Stars: 0
• Watchers: 1
• Forks: 0
• Open Issues: 0
• Metadata Files:
  • Readme: README.md
  • License: LICENSE

Awesome Lists containing this project

README

          
For Spring Server Rendering App secured with Keycloak and Spring Security visit the `server_render_app` branch:

https://github.com/razorcd/spring-keycloak-app/tree/server_render_app

# Spring REST API secured with Keycloak and Spring Security

### Start Keycloak manually with Docker Compose

- run `docker-compose up`

### Start Keycloak manually with Docker

- create docker network:

` docker network create keycloak-network`

- start separate mysql server:

`docker run --name mysql -d --net keycloak-network -e MYSQL_DATABASE=keycloak -e MYSQL_USER=keycloak -e MYSQL_PASSWORD=password -e MYSQL_ROOT_PASSWORD=root_password mysql`

- start keycloak server in same network:

`docker run --name mysql -d --net keycloak-network -e MYSQL_DATABASE=keycloak -e MYSQL_USER=keycloak -e MYSQL_PASSWORD=password -e MYSQL_ROOT_PASSWORD=root_password mysql`

### Setup Keycloak with client and users

- open Keycloak in browser at `localhost:8080`

- login with `admin`:`admin` credentials.

- first add a client by clicking `Clients` and importing the file: `keycloak-configs/springdemoapi.json`

- go to `Users` and create at least one user

### Start application Spring application and authenticate

- run `mvn clean install` to install dependencies

- start spring app by running `mvn spring-boot:run`

### Keycloak API

- authenticate with `password` grant and `credentials`:

```

curl -X POST \

  http://localhost:8080/auth/realms/master/protocol/openid-connect/token \

  -H 'content-type: application/x-www-form-urlencoded' \

  -d 'grant_type=password&username=user1&password=password&client_id=springdemoapi&client_secret=2ff43352-5479-41a0-845c-683ed9343493'

```

- authenticate with `refresh_token` grant

```

curl -X POST \

  http://localhost:8080/auth/realms/master/protocol/openid-connect/token \

  -H 'content-type: application/x-www-form-urlencoded' \

  -d 'grant_type=refresh_token&client_id=springdemoapi&client_secret=2ff43352-5479-41a0-845c-683ed9343493&refresh_token=eyJhbGci....'

```

- get userinfo from Keycloak

```

curl -X GET \

  http://localhost:8080/auth/realms/master/protocol/openid-connect/userinfo \

  -H 'authorization: Bearer eyJhbGciO....'

```

- get `Principal` from Spring API

```

curl -X GET \

  http://localhost:8888/api/principal \

  -H 'authorization: Bearer eyJhbGciO.....' \

  -H 'content-type: application/json'

```