Enable authentication via Keycloak.
Change-Id: I81a05d2e965394b13d7344f4f20475b4e468c761
diff --git a/build.gradle b/build.gradle
index d505ac1..0250f26 100644
--- a/build.gradle
+++ b/build.gradle
@@ -34,6 +34,7 @@
implementation 'io.quarkus:quarkus-jsonp'
implementation 'io.quarkus:quarkus-kubernetes'
implementation 'io.quarkus:quarkus-mailer'
+ implementation 'io.quarkus:quarkus-oidc'
implementation 'io.quarkus:quarkus-qute'
implementation 'io.quarkus:quarkus-resteasy'
implementation 'io.quarkus:quarkus-resteasy-jsonb'
@@ -44,7 +45,6 @@
//implementation 'io.quarkus:quarkus-elytron-security-jdbc'
//implementation 'io.quarkus:quarkus-elytron-security-oauth2'
//implementation 'io.quarkus:quarkus-keycloak-authorization'
- //implementation 'io.quarkus:quarkus-oidc'
//implementation 'io.quarkus:quarkus-quartz'
//implementation 'io.quarkus:quarkus-smallrye-fault-tolerance'
//implementation 'io.quarkus:quarkus-smallrye-health'
diff --git a/src/main/java/eu/mulk/mulkcms2/cms/web/ExampleResource.java b/src/main/java/eu/mulk/mulkcms2/cms/web/ExampleResource.java
index fc504c8..76602c8 100644
--- a/src/main/java/eu/mulk/mulkcms2/cms/web/ExampleResource.java
+++ b/src/main/java/eu/mulk/mulkcms2/cms/web/ExampleResource.java
@@ -1,14 +1,31 @@
package eu.mulk.mulkcms2.cms.web;
+import io.quarkus.security.Authenticated;
+import io.quarkus.security.identity.SecurityIdentity;
+import io.smallrye.jwt.auth.principal.JWTCallerPrincipal;
+import javax.inject.Inject;
import javax.ws.rs.GET;
+import javax.ws.rs.Path;
import javax.ws.rs.Produces;
import javax.ws.rs.core.MediaType;
+import org.jboss.logging.Logger;
+@Path("/example")
public class ExampleResource {
+ private static Logger log = Logger.getLogger(ExampleResource.class);
+
+ @Inject
+ SecurityIdentity identity;
+
@GET
@Produces({MediaType.TEXT_PLAIN})
+ @Authenticated
public String hello() {
+ if (!identity.isAnonymous()) {
+ var jwtCallerPrincipal = (JWTCallerPrincipal) identity.getPrincipal();
+ log.infof("Logged in as user: %s", jwtCallerPrincipal.getName());
+ }
return "hello!";
}
}
diff --git a/src/main/resources/application.properties b/src/main/resources/application.properties
index 5173cbe..4ba1cb1 100644
--- a/src/main/resources/application.properties
+++ b/src/main/resources/application.properties
@@ -10,3 +10,7 @@
%dev.quarkus.datasource.url = jdbc:postgresql://localhost:5432/flep
%dev.quarkus.datasource.username = mulk
%dev.quarkus.datasource.password =
+
+quarkus.oidc.auth-server-url = https://login.benkard.de/auth/realms/master
+quarkus.oidc.client-id = mulkcms
+quarkus.oidc.application-type = web-app