0

I have a problem with my security setup. I need two oauth2 security setups, one for a user to login when opening the UI and the second to get access to an API My Pom currently looks like this:

spring:
  security:
    oauth2:
      client:
        registration:
          oauth1:
            client-id:
              ${CLIENT_ID_1}
            client-secret:
              ${CLIENT_SECRET_1}
            authorization-grant-type:
              client_credentials
            scope:
              ${SCOPE_1}
        provider:
         oauth1:
            token-uri:
              ${COGNITO_URL}

keycloak:
  enabled: true
  realm: realm-name
  resource: Program
  auth-server-url: ${OAUTH_KEYCLOAK_URI}
  public-client: false
  credentials:
    secret: ${CLIENT_SECRET_2}
  use-resource-role-mappings: true

And the config class for the first oauth2 looks like this:

@Configuration
public class OAuthClientConfiguration {

  @Bean
  ReactiveClientRegistrationRepository clientRegistrations(
      @Value("${spring.security.oauth2.client.provider.oauth1.token-uri}") String token_uri,
      @Value("${spring.security.oauth2.client.registration.oauth1.client-id}") String client_id,
      @Value("${spring.security.oauth2.client.registration.oauth1.client-secret}") String client_secret,
      @Value("${spring.security.oauth2.client.registration.oauth1.scope}") String scope,
      @Value("${spring.security.oauth2.client.registration.oauth1.authorization-grant-type}") String authorizationGrantType
  ) {
    ClientRegistration registration = ClientRegistration
                                          .withRegistrationId("oauth1")
                                          .tokenUri(token_uri)
                                          .clientId(client_id)
                                          .clientSecret(client_secret)
                                          .scope(scope)
                                          .authorizationGrantType(new AuthorizationGrantType(authorizationGrantType))
                                          .build();
    return new InMemoryReactiveClientRegistrationRepository(registration);
  }

  @Bean
  WebClient webClient(ReactiveClientRegistrationRepository clientRegistrations) {
    InMemoryReactiveOAuth2AuthorizedClientService clientService = new InMemoryReactiveOAuth2AuthorizedClientService(clientRegistrations);
    AuthorizedClientServiceReactiveOAuth2AuthorizedClientManager authorizedClientManager = new AuthorizedClientServiceReactiveOAuth2AuthorizedClientManager(
        clientRegistrations, clientService);
    ServerOAuth2AuthorizedClientExchangeFilterFunction oauth = new ServerOAuth2AuthorizedClientExchangeFilterFunction(
        authorizedClientManager);
    oauth.setDefaultClientRegistrationId("oauth1");
    return WebClient.builder()
               .filter(oauth)
               .build();
  }
}

My question is, how do I setup the second configuration so that a user can put in his or her credentials before accessing the website?

Many thanks in advance!!

(I am currently using Java 11, Vaadin 23, Keycloak 8)

Katharina
  • 1
  • 1

0 Answers0