BAEL-5252-new-spring-boot-keycloak-2-module

2022-07-03 18:09:53 +02:00
parent 8b45713510
commit 0fdd115bec
14 changed files with 91 additions and 10 deletions
--- a/spring-boot-modules/spring-boot-keycloak-2/README.md
+++ b/spring-boot-modules/spring-boot-keycloak-2/README.md
@@ -0,0 +1,6 @@
+## Spring Boot Keycloak
+
+This module contains articles about Keycloak in Spring Boot projects.
+
+## Relevant articles:
+- [Disabling Keycloak Security in Spring Boot](https://www.baeldung.com/spring-keycloak-security-disable)
--- a/spring-boot-modules/spring-boot-keycloak-2/pom.xml
+++ b/spring-boot-modules/spring-boot-keycloak-2/pom.xml
@@ -0,0 +1,65 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<project xmlns="http://maven.apache.org/POM/4.0.0"
+         xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+         xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
+    <modelVersion>4.0.0</modelVersion>
+    <groupId>com.baeldung.keycloak</groupId>
+    <artifactId>spring-boot-keycloak-2</artifactId>
+    <version>0.0.1</version>
+    <name>spring-boot-keycloak-2</name>
+    <packaging>jar</packaging>
+    <description>This is a simple application demonstrating integration between Keycloak and Spring Boot.</description>
+
+    <parent>
+        <groupId>com.baeldung</groupId>
+        <artifactId>parent-boot-2</artifactId>
+        <version>0.0.1-SNAPSHOT</version>
+        <relativePath>../../parent-boot-2</relativePath>
+    </parent>
+
+    <properties>
+        <keycloak-adapter-bom.version>15.0.2</keycloak-adapter-bom.version>
+    </properties>
+
+    <dependencies>
+        <dependency>
+            <groupId>org.springframework.boot</groupId>
+            <artifactId>spring-boot-starter-web</artifactId>
+        </dependency>
+        <dependency>
+            <groupId>org.springframework.boot</groupId>
+            <artifactId>spring-boot-starter-security</artifactId>
+        </dependency>
+        <dependency>
+            <groupId>org.keycloak</groupId>
+            <artifactId>keycloak-spring-boot-starter</artifactId>
+        </dependency>
+        <dependency>
+            <groupId>org.springframework.boot</groupId>
+            <artifactId>spring-boot-starter-test</artifactId>
+            <scope>test</scope>
+        </dependency>
+    </dependencies>
+
+    <dependencyManagement>
+        <dependencies>
+            <dependency>
+                <groupId>org.keycloak.bom</groupId>
+                <artifactId>keycloak-adapter-bom</artifactId>
+                <version>${keycloak-adapter-bom.version}</version>
+                <type>pom</type>
+                <scope>import</scope>
+            </dependency>
+        </dependencies>
+    </dependencyManagement>
+
+    <build>
+        <plugins>
+            <plugin>
+                <groupId>org.springframework.boot</groupId>
+                <artifactId>spring-boot-maven-plugin</artifactId>
+            </plugin>
+        </plugins>
+    </build>
+
+</project>
--- a/spring-boot-modules/spring-boot-keycloak-2/src/main/java/com/baeldung/disablingkeycloak/App.java
+++ b/spring-boot-modules/spring-boot-keycloak-2/src/main/java/com/baeldung/disablingkeycloak/App.java
@@ -0,0 +1,13 @@
+package com.baeldung.disablingkeycloak;
+
+import org.springframework.boot.SpringApplication;
+import org.springframework.boot.autoconfigure.SpringBootApplication;
+
+@SpringBootApplication(scanBasePackages = { "com.baeldung.disablingkeycloak" })
+public class App {
+
+    public static void main(String[] args) {
+        SpringApplication.run(App.class, args);
+    }
+
+}
--- a/spring-boot-modules/spring-boot-keycloak-2/src/main/java/com/baeldung/disablingkeycloak/DisableSecurityConfiguration.java
+++ b/spring-boot-modules/spring-boot-keycloak-2/src/main/java/com/baeldung/disablingkeycloak/DisableSecurityConfiguration.java
@@ -0,0 +1,20 @@
+package com.baeldung.disablingkeycloak;
+
+import org.springframework.boot.autoconfigure.condition.ConditionalOnProperty;
+import org.springframework.context.annotation.Configuration;
+import org.springframework.security.config.annotation.web.builders.HttpSecurity;
+import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
+
+@Configuration
+@ConditionalOnProperty(name = "keycloak.enabled", havingValue = "false")
+public class DisableSecurityConfiguration extends WebSecurityConfigurerAdapter {
+
+    @Override
+    protected void configure(final HttpSecurity http) throws Exception {
+        http.csrf()
+            .disable()
+            .authorizeRequests()
+            .anyRequest()
+            .permitAll();
+    }
+}
--- a/spring-boot-modules/spring-boot-keycloak-2/src/main/java/com/baeldung/disablingkeycloak/KeycloakConfiguration.java
+++ b/spring-boot-modules/spring-boot-keycloak-2/src/main/java/com/baeldung/disablingkeycloak/KeycloakConfiguration.java
@@ -0,0 +1,14 @@
+package com.baeldung.disablingkeycloak;
+
+import org.keycloak.adapters.springboot.KeycloakSpringBootConfigResolver;
+import org.springframework.context.annotation.Bean;
+import org.springframework.context.annotation.Configuration;
+
+@Configuration
+public class KeycloakConfiguration {
+
+    @Bean
+    public KeycloakSpringBootConfigResolver keycloakConfigResolver() {
+        return new KeycloakSpringBootConfigResolver();
+    }
+}
--- a/spring-boot-modules/spring-boot-keycloak-2/src/main/java/com/baeldung/disablingkeycloak/KeycloakSecurityConfig.java
+++ b/spring-boot-modules/spring-boot-keycloak-2/src/main/java/com/baeldung/disablingkeycloak/KeycloakSecurityConfig.java
@@ -0,0 +1,38 @@
+package com.baeldung.disablingkeycloak;
+
+import org.keycloak.adapters.springsecurity.KeycloakConfiguration;
+import org.keycloak.adapters.springsecurity.config.KeycloakWebSecurityConfigurerAdapter;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.boot.autoconfigure.condition.ConditionalOnProperty;
+import org.springframework.context.annotation.Bean;
+import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
+import org.springframework.security.config.annotation.web.builders.HttpSecurity;
+import org.springframework.security.web.authentication.session.NullAuthenticatedSessionStrategy;
+import org.springframework.security.web.authentication.session.SessionAuthenticationStrategy;
+
+@KeycloakConfiguration
+@ConditionalOnProperty(name = "keycloak.enabled", havingValue = "true", matchIfMissing = true)
+public class KeycloakSecurityConfig extends KeycloakWebSecurityConfigurerAdapter {
+
+    @Autowired
+    public void configureGlobal(AuthenticationManagerBuilder auth) {
+        auth.authenticationProvider(keycloakAuthenticationProvider());
+    }
+
+    @Bean
+    @Override
+    protected SessionAuthenticationStrategy sessionAuthenticationStrategy() {
+        return new NullAuthenticatedSessionStrategy();
+    }
+
+    @Override
+    protected void configure(HttpSecurity http) throws Exception {
+        super.configure(http);
+
+        http.csrf()
+            .disable()
+            .authorizeRequests()
+            .anyRequest()
+            .authenticated();
+    }
+}
--- a/spring-boot-modules/spring-boot-keycloak-2/src/main/java/com/baeldung/disablingkeycloak/User.java
+++ b/spring-boot-modules/spring-boot-keycloak-2/src/main/java/com/baeldung/disablingkeycloak/User.java
@@ -0,0 +1,40 @@
+package com.baeldung.disablingkeycloak;
+
+public class User {
+    private Long id;
+    private String firstname;
+    private String lastname;
+
+    public User() {
+    }
+
+    public User(Long id, String firstname, String lastname) {
+        this.id = id;
+        this.firstname = firstname;
+        this.lastname = lastname;
+    }
+
+    public Long getId() {
+        return id;
+    }
+
+    public void setId(Long id) {
+        this.id = id;
+    }
+
+    public String getFirstname() {
+        return firstname;
+    }
+
+    public void setFirstname(String firstname) {
+        this.firstname = firstname;
+    }
+
+    public String getLastname() {
+        return lastname;
+    }
+
+    public void setLastname(String lastname) {
+        this.lastname = lastname;
+    }
+}
--- a/spring-boot-modules/spring-boot-keycloak-2/src/main/java/com/baeldung/disablingkeycloak/UserController.java
+++ b/spring-boot-modules/spring-boot-keycloak-2/src/main/java/com/baeldung/disablingkeycloak/UserController.java
@@ -0,0 +1,17 @@
+package com.baeldung.disablingkeycloak;
+
+import org.springframework.web.bind.annotation.GetMapping;
+import org.springframework.web.bind.annotation.PathVariable;
+import org.springframework.web.bind.annotation.RequestMapping;
+import org.springframework.web.bind.annotation.RestController;
+
+@RestController
+@RequestMapping("/users")
+public class UserController {
+
+    @GetMapping("/{userId}")
+    public User getCustomer(@PathVariable Long userId) {
+        return new User(userId, "John", "Doe");
+    }
+
+}
--- a/spring-boot-modules/spring-boot-keycloak-2/src/main/resources/application-disabling-keycloak.properties
+++ b/spring-boot-modules/spring-boot-keycloak-2/src/main/resources/application-disabling-keycloak.properties
@@ -0,0 +1,7 @@
+# Keycloak authentication is enabled for production.
+keycloak.enabled=true
+keycloak.realm=SpringBootKeycloak
+keycloak.auth-server-url=http://localhost:8180/auth
+keycloak.resource=login-app
+keycloak.bearer-only=true
+keycloak.ssl-required=external
--- a/spring-boot-modules/spring-boot-keycloak-2/src/main/resources/logback.xml
+++ b/spring-boot-modules/spring-boot-keycloak-2/src/main/resources/logback.xml
@@ -0,0 +1,13 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<configuration>
+    <appender name="STDOUT" class="ch.qos.logback.core.ConsoleAppender">
+        <encoder>
+            <pattern>%d{HH:mm:ss.SSS} [%thread] %-5level %logger{36} - %msg%n
+            </pattern>
+        </encoder>
+    </appender>
+
+    <root level="INFO">
+        <appender-ref ref="STDOUT" />
+    </root>
+</configuration>
--- a/spring-boot-modules/spring-boot-keycloak-2/src/test/java/com/baeldung/disablingkeycloak/DisablingKeycloakIntegrationTest.java
+++ b/spring-boot-modules/spring-boot-keycloak-2/src/test/java/com/baeldung/disablingkeycloak/DisablingKeycloakIntegrationTest.java
@@ -0,0 +1,30 @@
+package com.baeldung.disablingkeycloak;
+
+import static org.junit.jupiter.api.Assertions.assertEquals;
+import static org.junit.jupiter.api.Assertions.assertNotNull;
+
+import org.apache.http.HttpStatus;
+import org.junit.jupiter.api.Test;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.boot.test.context.SpringBootTest;
+import org.springframework.boot.test.web.client.TestRestTemplate;
+import org.springframework.http.ResponseEntity;
+import org.springframework.test.context.ActiveProfiles;
+
+@SpringBootTest(classes = App.class, webEnvironment = SpringBootTest.WebEnvironment.RANDOM_PORT)
+@ActiveProfiles("disablingkeycloak")
+class DisablingKeycloakIntegrationTest {
+
+    @Autowired
+    private TestRestTemplate restTemplate;
+
+    @Test
+    void givenUnauthenticated_whenGettingUser_shouldReturnUser() {
+        ResponseEntity<User> responseEntity = restTemplate.getForEntity("/users/1", User.class);
+
+        assertEquals(HttpStatus.SC_OK, responseEntity.getStatusCodeValue());
+        assertNotNull(responseEntity.getBody()
+            .getFirstname());
+    }
+
+}
--- a/spring-boot-modules/spring-boot-keycloak-2/src/test/resources/application-disablingkeycloak.properties
+++ b/spring-boot-modules/spring-boot-keycloak-2/src/test/resources/application-disablingkeycloak.properties
@@ -0,0 +1 @@
+keycloak.enabled=false