Berner Fachhochschule, Technik und Informatik

Spring Applications

Project: Resource Server

The objective of this exercise is to implement the bookstore application as a resource server that uses OpenID Connect for authentication and a Keycloak authorization server.
  1. Add the starter spring-boot-starter-oauth2-resource-server as Maven dependency.
  2. In the filter chain of the security configuration, configure the order application as a resource server that uses JSON web tokens.
  3. Implement a Converter class that converts a JSON web token into an AbstractAuthenticationToken object with the customer's email address as username and the CUSTOMER role, and add it to the JWT configuration of the resource server.
  4. Set the application property spring.security.oauth2.resourceserver.jwt.issuer-uri to the address https://auth.distsys.ch/auth/realms/bfh of the Keycloak authorization server.
This work by Stephan Fischli is licensed under CC BY-NC-ND 4.0