wip

backend/build.gradle.kts

@@ -48,7 +48,7 @@ dependencies {
     testRuntimeOnly("org.junit.platform:junit-platform-launcher")
     implementation("org.springframework.boot:spring-boot-starter-security")
     implementation("org.springframework.boot:spring-boot-starter-oauth2-resource-server:3.3.3")
-    implementation("org.springframework.boot:spring-boot-starter-oauth2-client:3.3.3")
+    implementation("org.springframework.boot:spring-boot-starter-oauth2-client")
     runtimeOnly("org.postgresql:postgresql")
     implementation("org.springdoc:springdoc-openapi-starter-webmvc-ui:2.6.0")
 }

backend/src/main/java/de/szut/casino/security/KeycloakSecurityConfig.java

@@ -47,13 +47,13 @@ class KeycloakSecurityConfig {
 
     @Bean
     public SecurityFilterChain resourceServerFilterChain(HttpSecurity http) throws Exception {
-        http.authorizeHttpRequests(auth -> auth
-                .requestMatchers("/swagger", "/swagger-ui/**", "/v3/api-docs/**", "/health").permitAll()
-                .anyRequest().authenticated()
-            )
-            .oauth2ResourceServer(spec -> spec.jwt(Customizer.withDefaults()));
-        
-        return http.build();
+        return http.authorizeHttpRequests(authz -> {
+
+            authz.requestMatchers("/swagger/**", "/v3/api-docs/**", "/swagger-ui/**", "/health")
+                    .permitAll()
+                    .anyRequest()
+                    .authenticated();
+        }).build();
     }
 
     @Bean

backend/src/main/resources/application.properties

@@ -8,16 +8,23 @@ app.frontend-host=http://localhost:4200
 
 spring.application.name=lf12_starter
 #client registration configuration
-spring.security.oauth2.client.registration.keycloak.client-id=lf12
-spring.security.oauth2.client.registration.keycloak.authorization-grant-type=authorization_code
-spring.security.oauth2.client.registration.keycloak.scope=openid
+
+spring.security.oauth2.client.registration.authentik.provider=authentik
+spring.security.oauth2.client.registration.authentik.client-id=MDqjm1kcWKuZfqHJXjxwAV20i44aT7m4VhhTL3Nm
+spring.security.oauth2.client.registration.authentik.client-secret=GY2F8te6iAVYt1TNAUVLzWZEXb6JoMNp6chbjqaXNq4gS5xTDL54HqBiAlV1jFKarN28LQ7FUsYX4SbwjfEhZhgeoKuBnZKjR9eiu7RawnGgxIK9ffvUfMkjRxnmiGI5
+spring.security.oauth2.client.registration.authentik.redirect-uri={baseUrl}/login/oauth2/code/{registrationId}
+spring.security.oauth2.client.registration.authentik.scope=openid, profile, email
+spring.security.oauth2.client.registration.authentik.client-name=Authentik
+spring.security.oauth2.client.registration.authentik.authorization-grant-type=authorization_code
+spring.security.oauth2.client.provider.authentik.authorization-uri=https://oauth.simonis.lol/application/o/authorize/
+spring.security.oauth2.client.provider.authentik.issuer-uri=https://oauth.simonis.lol/
+spring.security.oauth2.client.provider.authentik.token-uri=https://oauth.simonis.lol/application/o/token/
+spring.security.oauth2.client.provider.authentik.user-info-uri=https://oauth.simonis.lol/application/o/userinfo/
+spring.security.oauth2.client.provider.authentik.jwk-set-uri=https://oauth.simonis.lol/application/o/jwks/
 
 #OIDC provider configuration:
-spring.security.oauth2.client.provider.keycloak.issuer-uri=http://localhost:9090/realms/LF12
-spring.security.oauth2.client.provider.keycloak.user-name-attribute=preferred_username
 logging.level.org.springframework.security=DEBUG
 #validating JWT token against our Keycloak server
-spring.security.oauth2.resourceserver.jwt.issuer-uri=http://localhost:9090/realms/LF12
 
 springdoc.swagger-ui.path=swagger
 springdoc.swagger-ui.try-it-out-enabled=true