The complete App is using following software parts
- Quarkus Keycloak 18.0.0 distro [ Keylcoak]
- Quarkus Java Server 2.7.1.Final
- Angular OIDC lib angular-auth-oidc-client 13.1 Lib app and Angular 13.2
Part 1- Quick Setup: Import Keycloak realm on startup
Clone Quarkus project to get full db import file
$ git clone git clone https://github.com/hhutzler/quarkus-keycloak-authorization-sample $ cd quarkus-keycloak-authorization-sample Validate full DB import Script $ ls -l import total 80 -rwx------+ 1 Helmut None 78022 Apr 28 15:17 RBAC-realm.json Validate Curl test script $ ls scripts curl-test.sh
Start a Docker by import RBAC realm during Startip
- You need to change the Shared Volume Path: D:/dev/Quarkus/Keycloak/keycloak-authorization-sample/imports
- In this sample we use Docker on Windows + Cygwin terminal
- Docker on windows may ask you to share the above Path – Just click on Share it !
- Using shared directories allows us to export and import our complete Keycloak db .
- This simplifies keycloak testing as can have multiple versions o l keycloak realms imported during keycloak startup.
- Note if specific Realm already exists no import action was running
Check full db export location $ ls -l import -rwx------+ 1 Helmut None 78022 Apr 28 15:17 RBAC-realm.json Start Keycloak Quarkus Instance and import the RBAC realm on startup $ docker run --name keycloak -e KEYCLOAK_ADMIN=admin -e KEYCLOAK_ADMIN_PASSWORD=admin -p 8280:8080 -p 8543:8443 \ -v "D:/dev/Quarkus/Keycloak/quarkus-keycloak-authorization-sample/import:/opt/keycloak/data/import" \ quay.io/keycloak/keycloak:18.0.0 start-dev --import-realm --http-relative-path=auth .. 2022-05-04 09:59:46,923 INFO [org.keycloak.services] (main) KC-SERVICES0050: Initializing master realm 2022-05-04 09:59:50,629 INFO [org.keycloak.services] (main) KC-SERVICES0004: Imported realm RBAC from file /opt/keycloak/bin/../data/import/RBAC-realm.json. 2022-05-04 09:59:50,891 INFO [org.keycloak.services] (main) KC-SERVICES0009: Added user 'admin' to realm 'master' 2022-05-04 09:59:50,995 INFO [io.quarkus] (main) Keycloak 18.0.0 on JVM (powered by Quarkus 2.7.5.Final) started in 12.168s. Listening on: http://0.0.0.0:8080 2022-05-04 09:59:50,995 INFO [io.quarkus] (main) Profile dev activated. ...
For full database Export/Import details wiht Keycloak 18 read :
Validate User Import and RBAC Realm Creation
- Login via URL http://localhost:8280/auth or localhost:8543/auth with admin/admin
- You should now be able to access your Keycloak RBAC realm
Part 2 – Quick Setup: Start the Quarkus Java Framework
D:\dev\Quarkus\testing\quarkus-keycloak-authorization-sample>mvn compile quarkus:dev [INFO] Scanning for projects... [INFO] [INFO] --------< org.acme:security-keycloak-authorization-quickstart >--------- [INFO] Building security-keycloak-authorization-quickstart 1.0.0-SNAPSHOT [INFO] --------------------------------[ jar ]--------------------------------- [INFO] [INFO] --- maven-resources-plugin:2.6:resources (default-resources) @ security-keycloak-authorization-quickstart --- [INFO] Using 'UTF-8' encoding to copy filtered resources. [INFO] Copying 1 resource [INFO] skip non existing resourceDirectory D:\dev\Quarkus\testing\quarkus-keycloak-authorization-sample\config [INFO] [INFO] --- maven-compiler-plugin:3.1:compile (default-compile) @ security-keycloak-authorization-quickstart --- [INFO] Changes detected - recompiling the module! [INFO] Compiling 4 source files to D:\dev\Quarkus\testing\quarkus-keycloak-authorization-sample\target\classes [WARNING] /D:/dev/Quarkus/testing/quarkus-keycloak-authorization-sample/src/main/java/org/acme/security/keycloak/authorization/AccountResource.java: D:\dev\Quarkus\testing\quarkus-keycloak-authorization-sample\src\main\java\org\acme\security\keycloak\authorization\AccountResource.java uses unchecked or unsafe operations. [WARNING] /D:/dev/Quarkus/testing/quarkus-keycloak-authorization-sample/src/main/java/org/acme/security/keycloak/authorization/AccountResource.java: Recompile with -Xlint:unchecked for details. [INFO] [INFO] --- quarkus-maven-plugin:2.7.1.Final:dev (default-cli) @ security-keycloak-authorization-quickstart --- [INFO] Invoking org.apache.maven.plugins:maven-resources-plugin:2.6:testResources) @ security-keycloak-authorization-quickstart [INFO] Using 'UTF-8' encoding to copy filtered resources. [INFO] skip non existing resourceDirectory D:\dev\Quarkus\testing\quarkus-keycloak-authorization-sample\src\test\resources [INFO] Invoking org.apache.maven.plugins:maven-compiler-plugin:3.1:testCompile) @ security-keycloak-authorization-quickstart [INFO] Changes detected - recompiling the module! [INFO] Compiling 2 source files to D:\dev\Quarkus\testing\quarkus-keycloak-authorization-sample\target\test-classes Listening for transport dt_socket at address: 5005 2022-03-04 11:53:05,336 INFO [io.qua.oid.dep.dev.OidcDevConsoleProcessor] (build-47) OIDC Dev Console: discovering the provider metadata at http://localhost:8280/auth/realms/RBAC/.well-known/openid-configuration __ ____ __ _____ ___ __ ____ ______ --/ __ \/ / / / _ | / _ \/ //_/ / / / __/ -/ /_/ / /_/ / __ |/ , _/ ,< / /_/ /\ \ --\___\_\____/_/ |_/_/|_/_/|_|\____/___/ 2022-03-04 11:53:06,902 INFO [org.key.ada.aut.PolicyEnforcer] (Quarkus Main Thread) Paths provided in configuration. 2022-03-04 11:53:07,766 INFO [io.quarkus] (Quarkus Main Thread) security-keycloak-authorization-quickstart 1.0.0-SNAPSHOT on JVM (powered by Quarkus 2.7.1.Final) started in 3.829s. Listening on: http://localhost:8080 2022-03-04 11:53:07,770 INFO [io.quarkus] (Quarkus Main Thread) Profile dev activated. Live Coding activated. 2022-03-04 11:53:07,779 INFO [io.quarkus] (Quarkus Main Thread) Installed features: [cdi, keycloak-authorization, oidc, resteasy, resteasy-jackson, security, smallrye-context-propagation, vertx]
Part 3 – Quick setup: Start the OIDC Angular APP
D:\dev\Quarkus\testing>git clone https://github.com/hhutzler/angular-oidc-authorization-sample Cloning into 'angular-oidc-authorization-sample'... remote: Enumerating objects: 96, done. remote: Counting objects: 100% (96/96), done. remote: Compressing objects: 100% (59/59), done. Receiving objects: 48% (47/96)lta 30), reused 96 (delta 30), pack-reused 0 Receiving objects: 100% (96/96), 249.37 KiB | 11.87 MiB/s, done. Resolving deltas: 100% (30/30), done. D:\dev\Quarkus\testing>ls angular-oidc-authorization-sample quarkus-keycloak-authorization-sample D:\dev\Quarkus\testing>cd angular-oidc-authorization-sample D:\dev\Quarkus\testing\angular-oidc-authorization-sample>npm install npm WARN deprecated source-map-resolve@0.6.0: See https://github.com/lydell/source-map-resolve#deprecated npm WARN deprecated har-validator@5.1.5: this library is no longer supported npm WARN deprecated uuid@3.4.0: Please upgrade to version 7 or higher. Older versions may use Math.random() in certain circumstances, which is known to be problematic. See https://v8.dev/blog/math-random for details. npm WARN deprecated request@2.88.2: request has been deprecated, see https://github.com/request/request/issues/3142 added 1153 packages, and audited 1154 packages in 47s 119 packages are looking for funding run `npm fund` for details 2 moderate severity vulnerabilities To address all issues, run: npm audit fix Run `npm audit` for details. Start Angular App D:\dev\Quarkus\testing\angular-oidc-authorization-sample>ng serve √ Browser application bundle generation complete. Initial Chunk Files | Names | Raw Size vendor.js | vendor | 2.36 MB | polyfills.js | polyfills | 300.45 kB | styles.css, styles.js | styles | 173.23 kB | main.js | main | 59.27 kB | runtime.js | runtime | 12.64 kB | | Initial Total | 2.90 MB Lazy Chunk Files | Names | Raw Size src_app_customers_customers_module_ts.js | customers-customers-module | 5.50 kB | Build at: 2022-03-04T11:02:24.126Z - Hash: d1c364108f889dbc - Time: 55067ms ** Angular Live Development Server is listening on localhost:4200, open your browser on http://localhost:4200/ ** √ Compiled successfully.
Test OIDC Angular application
- Login as testadmin/xxx via URL: http://localhost:4200/
Related articles
- Part1: https://www.helikube.de/part-1-setup-for-keycloak-authorization-sample/
- Part 2: https://www.helikube.de/part-2-running-fine-grained-keycloak-authorization-feature-with-quarkus/
- Part 3: https://www.helikube.de/part-3-running-an-odic-angular-app-to-test-keycloak-authorization-feature/
- For a Quick Setup of Keycloak, Quarkus an Angular App read: https://www.helikube.de/part-1-quick-keycloak-setup-for-running-keycloak-authorization-sample/
Be First to Comment