https://github.com/snowdrop/secured-example

Quickstart to expose a REST Greeting endpoint using Spring Boot & Secured by Red Hat SSO
https://github.com/snowdrop/secured-example

booster example keycloak kubernetes openshift rhoar spring-boot sso

Last synced: about 3 hours ago
JSON representation

Quickstart to expose a REST Greeting endpoint using Spring Boot & Secured by Red Hat SSO

• Host: GitHub
• URL: https://github.com/snowdrop/secured-example
• Owner: snowdrop
• License: apache-2.0
• Created: 2016-11-29T16:59:56.000Z (almost 8 years ago)
• Default Branch: sb-2.7.x
• Last Pushed: 2022-10-19T13:15:52.000Z (about 2 years ago)
• Last Synced: 2024-04-17T09:33:09.875Z (7 months ago)
• Topics: booster, example, keycloak, kubernetes, openshift, rhoar, spring-boot, sso
• Language: Java
• Homepage:
• Size: 17.7 MB
• Stars: 5
• Watchers: 7
• Forks: 19
• Open Issues: 0
• Metadata Files:
  • Readme: README.md
  • License: LICENSE

Awesome Lists containing this project

README

        
# Secured Spring Boot Example

https://appdev.openshift.io/docs/spring-boot-runtime.html#mission-secured-spring-boot

## Table of Contents

* [Secured Spring Boot Example](#secured-spring-boot-example)

    * [Prerequisites](#prerequisites)

    * [How to play with the SSO Example locally](#how-to-play-with-the-sso-example-locally)

    * [How to run the SSO Example on OpenShift](#how-to-run-the-sso-example-on-openshift)

    * [Deploying application on OpenShift using Helm](#deploying-application-on-openshift-using-helm)

    * [Running Tests on OpenShift using Dekorate](#running-tests-on-openshift-using-dekorate)

    * [Running Tests on OpenShift using S2i from Source](#running-tests-on-openshift-using-s2i-from-source)

    * [Running Tests on OpenShift using Helm](#running-tests-on-openshift-using-helm)

## Prerequisites

- JDK 11+ installed with JAVA_HOME configured appropriately

## How to play with the SSO Example locally

- Deploy Keycloak on Openshift

```

oc new-project sso

oc create -f .openshiftio/sso.yaml

```

- Get Keycloak Auth Endpoint

```

SSO_URL=$(oc get route sso -o jsonpath='http://{.spec.host}/auth')

```

- Start the application. Provide the Keycloak URL in a `SSO_AUTH_SERVER_URL` parameter. 

```

mvn spring-boot:run -DSSO_AUTH_SERVER_URL=${SSO_URL}

```

- Use curl to access the endpoint without authentication (you will receive an unauthorized error)

```

curl -v http://localhost:8080/api/greeting

```

- Open the application webpage in your browser `http://localhost:8080` and log in with one of the user credentials.

| Username | Password | Expected status code |

| -------- | -------- | -------------------- |

| alice    | password | 200                  |

| admin    | admin    | 403                  |

User `alice` is recognised by the system and has permission to access the greeting service.

`admin` on the other hand, is recognised by the system but cannot access the greeting service.

- Try accessing the greeting service by using the form or the `curl` command displayed in the webpage.

## How to run the SSO Example on OpenShift

- Deploy Keycloak on Openshift.

```

oc new-project sso

oc create -f .openshiftio/sso.yaml

```

Obtain the `SSO_URL`

```shell

SSO_URL=$(oc get route sso -o jsonpath='http://{.spec.host}/auth')

```

- Build and deploy the Spring Boot application using Dekorate.

```

mvn clean verify -Popenshift -Ddekorate.deploy=true -DSSO_AUTH_SERVER_URL=${SSO_URL}

```

## Deploying application on OpenShift using Helm

First, make sure you have installed [the Helm command line](https://helm.sh/docs/intro/install/) and connected/logged to a kubernetes cluster.

Now, deploy Keycloak on Openshift.

```

oc create -f .openshiftio/sso.yaml

```

And obtain the `SSO_URL`:

```shell

SSO_URL=$(oc get route sso -o jsonpath='http://{.spec.host}/auth')

```

Then, you need to install the example by doing:

```

helm install secured ./helm --set spring-boot-example-app.s2i.source.repo=https://github.com/snowdrop/secured-example --set spring-boot-example-app.s2i.source.ref= --set spring-boot-example-app.s2i.env[0].name="MAVEN_ARGS_APPEND" --set spring-boot-example-app.s2i.env[0].value="-DSSO_AUTH_SERVER_URL=${SSO_URL}"

```

**note**: Replace `` with one branch from `https://github.com/snowdrop/secured-example/branches/all`.

And to uninstall the chart, execute:

```

helm uninstall secured

```

## Running Tests on OpenShift using Dekorate

```

./run_tests_with_dekorate_in_ocp.sh

```

## Running Tests on OpenShift using S2i from Source

```

./run_tests_with_s2i.sh

```

This script can take 2 parameters referring to the repository and the branch to use to source the images from.

```bash

./run_tests_with_s2i.sh "https://github.com/snowdrop/secured-example" branch-to-test

```

## Running Tests on OpenShift using Helm

```

./run_tests_with_helm.sh

```

This script can take 2 parameters referring to the repository and the branch to use to source the images from.

```bash

./run_tests_with_helm.sh "https://github.com/snowdrop/secured-example" branch-to-test

```