Questions tagged [quarkus-oidc]

Questions about Quarkus OpenID Connect Extension. This component protects your JAX-RS applications using Bearer Token Authorization where Bearer Tokens are issued by OpenId Connect and OAuth 2.0 compliant Authorization Servers such as Keycloak.

51 questions
5
votes
0 answers

How to customize the 401 in quarkus oidc?

I want to customize the 401/403 status code when access token is invalid in headers. I have create an exception mapper given below : import io.quarkus.security.AuthenticationFailedException; import…
5
votes
1 answer

Allow quarkus-oidc to customize response body of 403

I want to customize the response body of 403/401 in quarkus oidc application. I have tried many things to implement that but not able to do so. Same can be achieved in Spring boot easily.
Utesting
  • 121
  • 2
2
votes
0 answers

How to use dynamic roles with @TestSecurity

I would like to use dynamic roles in my @TestSecurity annotation. My resource: @Path("/web-app") @Authenticated public class MyProtectedResource{ @GET @Path("my-path") @RolesAllowed({ "admin", "user" }) …
Tim
  • 3,910
  • 8
  • 45
  • 80
2
votes
1 answer

quarkus.oidc.auth-server-url for both testing and localhost development

I'm developing a Quarkus app with Keycloak for OIDC (OpenID Connect). During development, the app is running at localhost:8080 while Keycloak is running locally as well using…
wiradikusuma
  • 1,930
  • 4
  • 28
  • 44
2
votes
1 answer

Quarkus JWT authentication doesn't work as a native app

I created a new Quarkus app using the following command: mvn io.quarkus:quarkus-maven-plugin:1.13.7.Final:create \ -DprojectGroupId=com.okta.rest \ -DprojectArtifactId=quarkus \ -DclassName="com.okta.rest.quarkus.HelloResource" \ …
Matt Raible
  • 8,187
  • 9
  • 61
  • 120
2
votes
1 answer

Build and Run Docker Image of Quarkus

I tried to create a simple microservice project with Quarkus. Native executables can be build but starting Docker containers of the created application does not work. The microservices use a OIDC for authentication, i.e. a microservice receives a…
Felix Seifert
  • 552
  • 1
  • 9
  • 19
1
vote
0 answers

How to logout user from Quarkus + Primefaces web app?

From this guide logging out user should be achieved by calling endpoint registered as quarkus.oidc.logout.path. I have this line in the application.properties: quarkus.oidc.logout.path=/secure/logout However, When I try to call it by clicking on…
zeppelinux
  • 11
  • 3
1
vote
1 answer

Roles in jwt token not available for Vaadin AccessAnnotationChecker

Latest Vaadin Flow (23.2.4), Quarkus (2.13.2.Final) and Keycloak 16.1.1. The problem is, the roles defined in Keycloak are availalbe in the token, but not via the request that Vaadins AccessAnnotationChecker use to check access. So, I can write my…
jon martin solaas
  • 459
  • 1
  • 4
  • 14
1
vote
0 answers

Deny access by default if no scope binding defined with Quarkus and Keycloak

I'm exploring Keycloak as an authorization solution for my Quarkus application. Let's say, I have an endpoint: @Path("document") @Authenticated class DocumentEndpoint { @GET @Produces(MediaType.TEXT_PLAIN) fun get(id: Long): String { …
Ultranium
  • 332
  • 2
  • 19
1
vote
0 answers

Authenticate a GraphQL endpoint against Keycloak with custom response in Quarkus

I want to secure a GraphQL API using authentication against Keycloak. This works fine by using the "quarkus-oidc" extension as described in the corresponding guide. I simply added an "@Authenticated" annotation to the same method that has the…
chschroe
  • 149
  • 1
  • 5
1
vote
1 answer

Why is quarkus.oidc.credentials.secret being ignored?

I have a SPA (Vue.js) that communicates via REST with a Quarkus Resource API . I am using my own Keycloak for Authentication/Authorization. In Keycloak I have two clients in my realm: Client ID: frontend-client Access Type: public Standard Flow…
Tim
  • 3,910
  • 8
  • 45
  • 80
1
vote
0 answers

Using OICD Authorization Code Flow with a RESTful API and an SPA

I'm currently working on a personal project which involves a Quarkus REST API as a back-end, Keycloak as OpenId Connect Provider and a Vue app as front-end. I just can't wrap my head around how to make these three components play well together for…
1
vote
1 answer

How does one diagnose Quarkus REST service OIDC errors (specifically 403 forbidden)?

I am trying to secure a Quarkus (v 1.13.7) REST service using OIDC bearer. I am following their Using OpenID Connect to Protect Service Applications guide but I'm not having much luck. Whenever I include Authorization: Bearer {validAccessToken} in…
user1969903
  • 810
  • 13
  • 26
1
vote
1 answer

ContextNotActiveException when using RestClient

I'm currently using quarkus to develop a microservice based application. I need to modify the SecurityIdentity (the user is authenticated with oidc) to inject a list of permissions retrieved from another microservice. I'm currently using this for…
E. Marotti
  • 89
  • 7
1
vote
1 answer

Getting the field issuedFor from SecurityIdentity using OIDC and KeyCloak

I am using OIDC and KeyCloak Quarkus extensions. Currently, I access the token information like this: @Inject org.eclipse.microprofile.jwt.JsonWebToken tokenMicroProfile; @Inject SecurityIdentity securityIdentity; I could not find the issuedFor…
AmsterdamLuis
  • 341
  • 3
  • 21
1
2 3 4