Questions about Quarkus OpenID Connect Extension. This component protects your JAX-RS applications using Bearer Token Authorization where Bearer Tokens are issued by OpenId Connect and OAuth 2.0 compliant Authorization Servers such as Keycloak.
Questions tagged [quarkus-oidc]
51 questions
5
votes
0 answers
How to customize the 401 in quarkus oidc?
I want to customize the 401/403 status code when access token is invalid in headers. I have create an exception mapper given below :
import io.quarkus.security.AuthenticationFailedException;
import…

Utesting
- 121
- 2
5
votes
1 answer
Allow quarkus-oidc to customize response body of 403
I want to customize the response body of 403/401 in quarkus oidc application.
I have tried many things to implement that but not able to do so. Same can be achieved in Spring boot easily.

Utesting
- 121
- 2
2
votes
0 answers
How to use dynamic roles with @TestSecurity
I would like to use dynamic roles in my @TestSecurity annotation.
My resource:
@Path("/web-app")
@Authenticated
public class MyProtectedResource{
@GET
@Path("my-path")
@RolesAllowed({ "admin", "user" })
…

Tim
- 3,910
- 8
- 45
- 80
2
votes
1 answer
quarkus.oidc.auth-server-url for both testing and localhost development
I'm developing a Quarkus app with Keycloak for OIDC (OpenID Connect). During development, the app is running at localhost:8080 while Keycloak is running locally as well using…

wiradikusuma
- 1,930
- 4
- 28
- 44
2
votes
1 answer
Quarkus JWT authentication doesn't work as a native app
I created a new Quarkus app using the following command:
mvn io.quarkus:quarkus-maven-plugin:1.13.7.Final:create \
-DprojectGroupId=com.okta.rest \
-DprojectArtifactId=quarkus \
-DclassName="com.okta.rest.quarkus.HelloResource" \
…

Matt Raible
- 8,187
- 9
- 61
- 120
2
votes
1 answer
Build and Run Docker Image of Quarkus
I tried to create a simple microservice project with Quarkus. Native executables can be build but starting Docker containers of the created application does not work.
The microservices use a OIDC for authentication, i.e. a microservice receives a…

Felix Seifert
- 552
- 1
- 9
- 19
1
vote
0 answers
How to logout user from Quarkus + Primefaces web app?
From this guide logging out user should be achieved by calling endpoint registered as quarkus.oidc.logout.path. I have this line in the application.properties:
quarkus.oidc.logout.path=/secure/logout
However, When I try to call it by clicking on…

zeppelinux
- 11
- 3
1
vote
1 answer
Roles in jwt token not available for Vaadin AccessAnnotationChecker
Latest Vaadin Flow (23.2.4), Quarkus (2.13.2.Final) and Keycloak 16.1.1.
The problem is, the roles defined in Keycloak are availalbe in the token, but not via the request that Vaadins AccessAnnotationChecker use to check access.
So, I can write my…

jon martin solaas
- 459
- 1
- 4
- 14
1
vote
0 answers
Deny access by default if no scope binding defined with Quarkus and Keycloak
I'm exploring Keycloak as an authorization solution for my Quarkus application.
Let's say, I have an endpoint:
@Path("document")
@Authenticated
class DocumentEndpoint {
@GET
@Produces(MediaType.TEXT_PLAIN)
fun get(id: Long): String {
…

Ultranium
- 332
- 2
- 19
1
vote
0 answers
Authenticate a GraphQL endpoint against Keycloak with custom response in Quarkus
I want to secure a GraphQL API using authentication against Keycloak. This works fine by using the "quarkus-oidc" extension as described in the corresponding guide. I simply added an "@Authenticated" annotation to the same method that has the…

chschroe
- 149
- 1
- 5
1
vote
1 answer
Why is quarkus.oidc.credentials.secret being ignored?
I have a SPA (Vue.js) that communicates via REST with a Quarkus Resource API .
I am using my own Keycloak for Authentication/Authorization.
In Keycloak I have two clients in my realm:
Client ID: frontend-client
Access Type: public
Standard Flow…

Tim
- 3,910
- 8
- 45
- 80
1
vote
0 answers
Using OICD Authorization Code Flow with a RESTful API and an SPA
I'm currently working on a personal project which involves a Quarkus REST API as a back-end, Keycloak as OpenId Connect Provider and a Vue app as front-end. I just can't wrap my head around how to make these three components play well together for…

vizmo
- 163
- 7
1
vote
1 answer
How does one diagnose Quarkus REST service OIDC errors (specifically 403 forbidden)?
I am trying to secure a Quarkus (v 1.13.7) REST service using OIDC bearer. I am following their Using OpenID Connect to Protect Service Applications guide but I'm not having much luck.
Whenever I include Authorization: Bearer {validAccessToken} in…

user1969903
- 810
- 13
- 26
1
vote
1 answer
ContextNotActiveException when using RestClient
I'm currently using quarkus to develop a microservice based application. I need to modify the SecurityIdentity (the user is authenticated with oidc) to inject a list of permissions retrieved from another microservice. I'm currently using this for…

E. Marotti
- 89
- 7
1
vote
1 answer
Getting the field issuedFor from SecurityIdentity using OIDC and KeyCloak
I am using OIDC and KeyCloak Quarkus extensions.
Currently, I access the token information like this:
@Inject org.eclipse.microprofile.jwt.JsonWebToken tokenMicroProfile;
@Inject SecurityIdentity securityIdentity;
I could not find the issuedFor…

AmsterdamLuis
- 341
- 3
- 21