I have spring boot(netty) application and Kecloak server instanse. Also I have React application on different port.
My keycloak config:
docker run -p 8080:8080 -e KC_DB=postgres -e KC_DB_URL=jdbc:postgresql://localhost:5432/db_name -e KC_DB_SCHEMA=keycloak -e KC_FEATURES=token-exchange -e KC_HOSTNAME_STRICT_HTTPS=false -e KC_HTTP_ENABLED=true -e KC_HEALTH_ENABLED=true -e KC_HOSTNAME_STRICT=false -e KC_HTTP_RELATIVE_PATH=keycloak quay.io/keycloak/keycloak:22.0.0 start
For spring boot I use next dependencies for keycloak integraion:
- spring-boot-starter-oauth2-client
- spring-boot-starter-oauth2-resource-server
And next yml config:
spring:
security:
oauth2:
client:
registration:
keycloak:
scope: openid
authorization-grant-type: authorization_code
client-id: test_client
provider:
keycloak:
issuer-uri: http://localhost:8080/keycloak/realms/test-realm
user-name-attribute: preferred_username
resourceserver:
jwt:
issuer-uri: http://localhost:8080/keycloak/realms/test-realm
And i use custom Spring beans from this questions: Keycloak with Spring Boot based on roles does not work, which were assigned to the user in keycloak
For React I use keycloak-js and after login I just add keycloak token
'Authorization': `Bearer ${_keycloak.token}
for every fetch. It's works for authentication and I can get roles in React app. If i try to get data that require specific role I get 403 respose code.
I tried adding the ROLE_ prefix for roles in Keycloak. (Keycloak Spring boot configuration) but it didn't work.
