/** * Create a OAuth2Auth provider for Keycloak * * @param config the json config file exported from Keycloak admin console */ static OAuth2Auth create(Vertx vertx, JsonObject config) { return create(vertx, OAuth2FlowType.AUTH_CODE, config); }
/** * Create a OAuth2Auth provider for OpenID Connect Discovery. The discovery will use the default site in the * configuration options and attempt to load the well known descriptor. If a site is provided (for example when * running on a custom instance) that site will be used to do the lookup. * <p> * If the discovered config includes a json web key url, it will be also fetched and the JWKs will be loaded * into the OAuth provider so tokens can be decoded. * @param vertx the vertx instance * @param config the initial config * @param handler the instantiated Oauth2 provider instance handler */ public static void discover(io.vertx.rxjava.core.Vertx vertx, OAuth2ClientOptions config, Handler<AsyncResult<io.vertx.rxjava.ext.auth.oauth2.OAuth2Auth>> handler) { io.vertx.ext.auth.oauth2.providers.KeycloakAuth.discover(vertx.getDelegate(), config, new Handler<AsyncResult<io.vertx.ext.auth.oauth2.OAuth2Auth>>() { public void handle(AsyncResult<io.vertx.ext.auth.oauth2.OAuth2Auth> ar) { if (ar.succeeded()) { handler.handle(io.vertx.core.Future.succeededFuture(io.vertx.rxjava.ext.auth.oauth2.OAuth2Auth.newInstance(ar.result()))); } else { handler.handle(io.vertx.core.Future.failedFuture(ar.cause())); } } }); }
/** * Create a OAuth2Auth provider for Keycloak * * @param config the json config file exported from Keycloak admin console * @param httpClientOptions custom http client options */ static OAuth2Auth create(Vertx vertx, JsonObject config, HttpClientOptions httpClientOptions) { return create(vertx, OAuth2FlowType.AUTH_CODE, config, httpClientOptions); }
/** * Create a OAuth2Auth provider for OpenID Connect Discovery. The discovery will use the default site in the * configuration options and attempt to load the well known descriptor. If a site is provided (for example when * running on a custom instance) that site will be used to do the lookup. * <p> * If the discovered config includes a json web key url, it will be also fetched and the JWKs will be loaded * into the OAuth provider so tokens can be decoded. * @param vertx the vertx instance * @param config the initial config * @param handler the instantiated Oauth2 provider instance handler */ public static void discover(io.vertx.rxjava.core.Vertx vertx, OAuth2ClientOptions config, Handler<AsyncResult<io.vertx.rxjava.ext.auth.oauth2.OAuth2Auth>> handler) { io.vertx.ext.auth.oauth2.providers.KeycloakAuth.discover(vertx.getDelegate(), config, new Handler<AsyncResult<io.vertx.ext.auth.oauth2.OAuth2Auth>>() { public void handle(AsyncResult<io.vertx.ext.auth.oauth2.OAuth2Auth> ar) { if (ar.succeeded()) { handler.handle(io.vertx.core.Future.succeededFuture(io.vertx.rxjava.ext.auth.oauth2.OAuth2Auth.newInstance(ar.result()))); } else { handler.handle(io.vertx.core.Future.failedFuture(ar.cause())); } } }); }
/** * Create a OAuth2Auth provider for Keycloak * * @param flow the oauth2 flow to use * @param config the json config file exported from Keycloak admin console */ static OAuth2Auth create(Vertx vertx, OAuth2FlowType flow, JsonObject config) { return create(vertx, flow, config, new HttpClientOptions()); }
public static void discover(io.vertx.ext.auth.oauth2.providers.KeycloakAuth j_receiver, io.vertx.core.Vertx vertx, java.util.Map<String, Object> config, io.vertx.core.Handler<io.vertx.core.AsyncResult<io.vertx.ext.auth.oauth2.OAuth2Auth>> handler) { io.vertx.ext.auth.oauth2.providers.KeycloakAuth.discover(vertx, config != null ? new io.vertx.ext.auth.oauth2.OAuth2ClientOptions(io.vertx.core.impl.ConversionHelper.toJsonObject(config)) : null, handler != null ? new io.vertx.core.Handler<io.vertx.core.AsyncResult<io.vertx.ext.auth.oauth2.OAuth2Auth>>() { public void handle(io.vertx.core.AsyncResult<io.vertx.ext.auth.oauth2.OAuth2Auth> ar) { handler.handle(ar.map(event -> io.vertx.core.impl.ConversionHelper.fromObject(event))); } } : null); } }
public static io.vertx.ext.auth.oauth2.OAuth2Auth create(io.vertx.ext.auth.oauth2.providers.KeycloakAuth j_receiver, io.vertx.core.Vertx vertx, io.vertx.ext.auth.oauth2.OAuth2FlowType flow, java.util.Map<String, Object> config) { return io.vertx.core.impl.ConversionHelper.fromObject(io.vertx.ext.auth.oauth2.providers.KeycloakAuth.create(vertx, flow, config != null ? io.vertx.core.impl.ConversionHelper.toJsonObject(config) : null)); } public static io.vertx.ext.auth.oauth2.OAuth2Auth create(io.vertx.ext.auth.oauth2.providers.KeycloakAuth j_receiver, io.vertx.core.Vertx vertx, java.util.Map<String, Object> config, java.util.Map<String, Object> httpClientOptions) {
@Test public void shouldIntrospectAccessToken(TestContext should) { final Async test = should.async(); keycloak.authenticate(new JsonObject().put("username", "test-user").put("password", "tiger"), authn -> { should.assertTrue(authn.succeeded()); should.assertNotNull(authn.result()); // generate a access token from the user AccessToken token = (AccessToken) authn.result(); OAuth2ClientOptions options = new OAuth2ClientOptions() .setFlow(OAuth2FlowType.PASSWORD) .setSite(site + "/auth/realms/vertx-test") .setClientID("confidential-client") .setClientSecret("62b8de48-672e-4287-bb1e-6af39aec045e"); options.setTrustAll(true); // get a auth handler for the confidential client KeycloakAuth.discover( rule.vertx(), options, discover -> { should.assertTrue(discover.succeeded()); OAuth2Auth confidential = discover.result(); confidential.introspectToken(token.opaqueAccessToken(), introspect -> { should.assertTrue(introspect.succeeded()); test.complete(); }); }); }); }
/** * Create a OAuth2Auth provider for Keycloak * @param vertx * @param flow the oauth2 flow to use * @param config the json config file exported from Keycloak admin console * @return */ public static io.vertx.rxjava.ext.auth.oauth2.OAuth2Auth create(io.vertx.rxjava.core.Vertx vertx, OAuth2FlowType flow, JsonObject config) { io.vertx.rxjava.ext.auth.oauth2.OAuth2Auth ret = io.vertx.rxjava.ext.auth.oauth2.OAuth2Auth.newInstance(io.vertx.ext.auth.oauth2.providers.KeycloakAuth.create(vertx.getDelegate(), flow, config)); return ret; }
@Before public void setUp(TestContext should) { final Async test = should.async(); OAuth2ClientOptions options = new OAuth2ClientOptions() .setFlow(OAuth2FlowType.PASSWORD) .setSite(site + "/auth/realms/vertx-test") .setClientID("public-client"); options.setTrustAll(true); KeycloakAuth.discover( rule.vertx(), options, discover -> { should.assertTrue(discover.succeeded()); keycloak = discover.result(); test.complete(); }); }
/** * Create a OAuth2Auth provider for Keycloak * @param vertx * @param flow the oauth2 flow to use * @param config the json config file exported from Keycloak admin console * @param httpClientOptions custom http client options * @return */ public static io.vertx.rxjava.ext.auth.oauth2.OAuth2Auth create(io.vertx.rxjava.core.Vertx vertx, OAuth2FlowType flow, JsonObject config, HttpClientOptions httpClientOptions) { io.vertx.rxjava.ext.auth.oauth2.OAuth2Auth ret = io.vertx.rxjava.ext.auth.oauth2.OAuth2Auth.newInstance(io.vertx.ext.auth.oauth2.providers.KeycloakAuth.create(vertx.getDelegate(), flow, config, httpClientOptions)); return ret; }
/** * Create a OAuth2Auth provider for Keycloak * @param vertx * @param config the json config file exported from Keycloak admin console * @return */ public static io.vertx.rxjava.ext.auth.oauth2.OAuth2Auth create(io.vertx.rxjava.core.Vertx vertx, JsonObject config) { io.vertx.rxjava.ext.auth.oauth2.OAuth2Auth ret = io.vertx.rxjava.ext.auth.oauth2.OAuth2Auth.newInstance(io.vertx.ext.auth.oauth2.providers.KeycloakAuth.create(vertx.getDelegate(), config)); return ret; }
/** * Create a OAuth2Auth provider for Keycloak * @param vertx * @param flow the oauth2 flow to use * @param config the json config file exported from Keycloak admin console * @param httpClientOptions custom http client options * @return */ public static io.vertx.rxjava.ext.auth.oauth2.OAuth2Auth create(io.vertx.rxjava.core.Vertx vertx, OAuth2FlowType flow, JsonObject config, HttpClientOptions httpClientOptions) { io.vertx.rxjava.ext.auth.oauth2.OAuth2Auth ret = io.vertx.rxjava.ext.auth.oauth2.OAuth2Auth.newInstance(io.vertx.ext.auth.oauth2.providers.KeycloakAuth.create(vertx.getDelegate(), flow, config, httpClientOptions)); return ret; }
/** * Create a OAuth2Auth provider for Keycloak * @param vertx * @param config the json config file exported from Keycloak admin console * @return */ public static io.vertx.rxjava.ext.auth.oauth2.OAuth2Auth create(io.vertx.rxjava.core.Vertx vertx, JsonObject config) { io.vertx.rxjava.ext.auth.oauth2.OAuth2Auth ret = io.vertx.rxjava.ext.auth.oauth2.OAuth2Auth.newInstance(io.vertx.ext.auth.oauth2.providers.KeycloakAuth.create(vertx.getDelegate(), config)); return ret; }
/** * Create a OAuth2Auth provider for Keycloak * @param vertx * @param config the json config file exported from Keycloak admin console * @param httpClientOptions custom http client options * @return */ public static io.vertx.rxjava.ext.auth.oauth2.OAuth2Auth create(io.vertx.rxjava.core.Vertx vertx, JsonObject config, HttpClientOptions httpClientOptions) { io.vertx.rxjava.ext.auth.oauth2.OAuth2Auth ret = io.vertx.rxjava.ext.auth.oauth2.OAuth2Auth.newInstance(io.vertx.ext.auth.oauth2.providers.KeycloakAuth.create(vertx.getDelegate(), config, httpClientOptions)); return ret; }
public static io.vertx.ext.auth.oauth2.OAuth2Auth create(io.vertx.ext.auth.oauth2.providers.KeycloakAuth j_receiver, io.vertx.core.Vertx vertx, java.util.Map<String, Object> config) { return io.vertx.core.impl.ConversionHelper.fromObject(io.vertx.ext.auth.oauth2.providers.KeycloakAuth.create(vertx, config != null ? io.vertx.core.impl.ConversionHelper.toJsonObject(config) : null)); } public static io.vertx.ext.auth.oauth2.OAuth2Auth create(io.vertx.ext.auth.oauth2.providers.KeycloakAuth j_receiver, io.vertx.core.Vertx vertx, io.vertx.ext.auth.oauth2.OAuth2FlowType flow, java.util.Map<String, Object> config) {
/** * Create a OAuth2Auth provider for Keycloak * @param vertx * @param flow the oauth2 flow to use * @param config the json config file exported from Keycloak admin console * @return */ public static io.vertx.rxjava.ext.auth.oauth2.OAuth2Auth create(io.vertx.rxjava.core.Vertx vertx, OAuth2FlowType flow, JsonObject config) { io.vertx.rxjava.ext.auth.oauth2.OAuth2Auth ret = io.vertx.rxjava.ext.auth.oauth2.OAuth2Auth.newInstance(io.vertx.ext.auth.oauth2.providers.KeycloakAuth.create(vertx.getDelegate(), flow, config)); return ret; }
/** * Create a OAuth2Auth provider for Keycloak * @param vertx * @param config the json config file exported from Keycloak admin console * @param httpClientOptions custom http client options * @return */ public static io.vertx.rxjava.ext.auth.oauth2.OAuth2Auth create(io.vertx.rxjava.core.Vertx vertx, JsonObject config, HttpClientOptions httpClientOptions) { io.vertx.rxjava.ext.auth.oauth2.OAuth2Auth ret = io.vertx.rxjava.ext.auth.oauth2.OAuth2Auth.newInstance(io.vertx.ext.auth.oauth2.providers.KeycloakAuth.create(vertx.getDelegate(), config, httpClientOptions)); return ret; }
@Override public Authenticator authenticate(Vertx vertx, Map<String, String> config, MultiMap headerMap, Handler<AsyncResult<Void>> resultHandler) { OAuth2FlowType flowType = getFlowType(config.get("flowType")); JsonObject params = new JsonObject(); if (config.get("username") != null) { params.put("username", config.get("username")); } if (config.get("password") != null) { params.put("password", config.get("password")); } OAuth2Auth oauth2 = KeycloakAuth.create(vertx, flowType, mapToJson(config)); oauth2.getToken(params, tokenResult -> { if (tokenResult.succeeded()) { log.debug("OAuth2 Keycloak exchange succeeded."); AccessToken token = tokenResult.result(); headerMap.set("Authorization", "Bearer " + token.principal().getString("access_token")); resultHandler.handle(Future.succeededFuture()); } else { log.error("Access Token Error: {0}.", tokenResult.cause().getMessage()); resultHandler.handle(Future.failedFuture(tokenResult.cause())); } }); return this; }
private void doBasic2Oauth(RoutingContext context, String role, String username, String password) { JsonObject params = new JsonObject() .put("username", username) .put("password", password); OAuth2Auth oauth2 = KeycloakAuth.create(vertx, flowType, authConfig); oauth2.getToken(params, tokenResult -> { if (tokenResult.succeeded()) { log.debug("OAuth2 Keycloak exchange succeeded."); AccessToken token = tokenResult.result(); token.isAuthorised(role, res -> { if (res.result()) { context.next(); } else { String message = MessageFormat.format("User {0} does not have required role: {1}.", username, role); log.error(message); handle403(context, "insufficient_scope", message); } }); } else { String message = tokenResult.cause().getMessage(); log.error("Access Token Error: {0}.", message); handle401(context, "invalid_token", message); } }); }