feat(spring-keycloak-example): added 'default' configuration, also OpenId Connect based authentication, README updated

Author: igorcampos-dev

spring-keycloak-example/Dockerfile

@@ -42,6 +42,6 @@ COPY --from=extract build/target/extracted/spring-boot-loader/ ./
 COPY --from=extract build/target/extracted/snapshot-dependencies/ ./
 COPY --from=extract build/target/extracted/application/ ./
 
-EXPOSE 80
+EXPOSE 8083
 
 ENTRYPOINT [ "java", "org.springframework.boot.loader.launch.JarLauncher" ]

spring-keycloak-example/README.md

@@ -19,12 +19,28 @@ Includes a minimal setup for running a Spring Boot application secured by Keyclo
 
 ## Authentication Types Implemented
 
-- nothing
+### OIDC (OpenID Connect) via Keycloak
+
+- **Description:** Authentication using Keycloak as the OpenID Connect (OIDC) identity provider.
+
+- **Spring Profile:** `OIDC`
+
+- **Backup keycloak:** `oidc_auth_db_backup.sql`
+
+- **User Credentials:**
+    - Username: `oidc-user`
+    - Password: `oidc-password`
+
+- **Protected Route:** `/secured`
+
+- **Realm:** `redirect-login-example`
+
 
 ---
 
 ## Related Resources
 
-| Description                     | Link                                                                  |
-|---------------------------------|-----------------------------------------------------------------------|
-| Running Keycloak in a container | [keycloak.org/containers](https://www.keycloak.org/server/containers) |
+| Description                           | Link                                                                    |
+|---------------------------------------|-------------------------------------------------------------------------|
+| Running Keycloak in a container       | [keycloak.org/containers](https://www.keycloak.org/server/containers)   |
+| teaching how to set up Openid connect | [youtube/IW15Q68V50E](https://youtu.be/IW15Q68V50E?si=sJjvFoq8m0xL8xLn) |

spring-keycloak-example/compose.yaml

@@ -1,18 +1,26 @@
 
 services:
 
+  #Not usable
   app:
     container_name: app
     build:
       context: .
       dockerfile: Dockerfile
     environment:
-      SERVER_PORT: 80
+      SERVER_PORT: 8083
       SPRING_PROFILES_ACTIVE: "default"
+      AUTH_CLIENT_ID: oidc-client
+      AUTH_CLIENT_SECRET: pvRQkTKcE2zZw9vxT30oXC1Zynq2b3yw
+      AUTH_SCOPE: openid, profile, email
+      AUTH_GRANT_TYPE: authorization_code
+      AUTH_REDIRECT_URI: "{baseUrl}/login/oauth2/code/{registrationId}"
+      AUTH_ISSUER_URI: http://keycloak:8080/realms/redirect-login-example
     ports:
-      - "80:80"
+      - "8083:8083"
     depends_on:
       - keycloak
+      - keycloak-database
 
   keycloak:
     container_name: keycloak
@@ -22,7 +30,10 @@ services:
     ports:
       - "8080:8080"
     environment:
-      KC_DB: dev-file
+      KC_DB: postgres
+      KC_DB_URL: jdbc:postgresql://keycloak-database:5432/oidc_auth_db
+      KC_DB_USERNAME: postgres
+      KC_DB_PASSWORD: password
       KC_HTTP_ENABLED: "true"
       KC_HTTP_PORT: "8080"
       KC_HOSTNAME: localhost
@@ -33,4 +44,17 @@ services:
       KC_HTTPS_CERTIFICATE_FILE: /opt/keycloak/certs/tls.crt
       KC_HTTPS_CERTIFICATE_KEY_FILE: /opt/keycloak/certs/tls.key
     volumes:
-      - ./docker/keycloak:/opt/keycloak/certs
+      - ./docker/keycloak/certs:/opt/keycloak/certs
+    depends_on:
+      - keycloak-database
+
+  keycloak-database:
+    image: postgres:14.18-alpine3.22
+    container_name: keycloak-database
+    environment:
+      POSTGRES_USER: postgres #⚠️ DO NOT USE IN PRODUCTION
+      POSTGRES_PASSWORD: password #⚠️ DO NOT USE IN PRODUCTION
+    ports:
+      - "5432:5432"
+    volumes:
+      - ./docker/keycloak/backups/oidc_auth_db_backup.sql:/docker-entrypoint-initdb.d/init.sql