Questions about Quarkus OpenID Connect Extension. This component protects your JAX-RS applications using Bearer Token Authorization where Bearer Tokens are issued by OpenId Connect and OAuth 2.0 compliant Authorization Servers such as Keycloak.
Questions tagged [quarkus-oidc]
51 questions
0
votes
1 answer
Quarkus Rest Service to be accessed by users from two different keycloaks
How to implement a quarkus rest service, that is accessed by two different frontend applications, that use two different oidc providers?
So the user of Application A, calls the quarkus rest service with a
JWT Token from Keycloak A.
The user of…
lopah elision
- 49
- 6
0
votes
0 answers
Using keycloak public client token to communicate with confidential client
I have a quarkus backend app with a react frontend. I want to add a security layer where a user has to login in order to be able to access the UI, and any API calls made from the UI to the backend requires a token with the user is authenticated.…
Dan
- 2,020
- 5
- 32
- 55
0
votes
0 answers
Call custom method for authorization for each endpoint or resource in Quarkus
I have an application with 2 entities : A and B.
Each of these entities contain a "Workspace" :
@Entity
class A {
private Workspace workspace;
}
@Entity
class B {
private Workspace workspace;
}
For each request that comes in like a GET…
Genku
- 31
- 8
0
votes
2 answers
Getting first name, last name and email from Keycloak using Quarkus OIDC integration
When I access the /openid-connect/token endpoint using admin_cli client_id I can see more/different info in the payload of returned access_token compared to when token is injected into my bean by the Quarkus OIDC/Keycloak extension.
Here are some…
zeppelinux
- 11
- 3
0
votes
2 answers
How to configure a quarkus custom HttpAuthenticationMechanism?
I need a static mechanism to verify my sender knows a static token. That token is hard coded into the sending system.
My API has an endpoint /webhook where I need to have that be verified.
This guides/security-customization gives an example on how…
Johannes
- 6,490
- 10
- 59
- 108
0
votes
1 answer
How to access JWT in Quarkus when proactive auth is disabled?
I need to access a jwt sent in authorization header. I also have to disable the proactive auth check. How can I get the token?
I have this class which used to work when proactive auth was enabled:
@RequestScoped
public class AccessRights {
…
micha
- 321
- 3
- 16
0
votes
1 answer
Error on my Quarkus API + keycloak Idp (bearer only mode)
I'm trying to make an Quarkus API (OpenAPI - Resteasy) with authentication (bearer-only mode).
Here's my Quarkus config :
# OIDC…
Christophe Gadaix
- 33
- 6
0
votes
0 answers
In container built with quarkus, trying to optionally enable OIDC integration with keycloak on docker container start
i would like to provide our container with an optional OIDC/keycloak integration, disabled by default but possible to enable when starting a container via env variables.
This is how the configuration looks like in application.properties at build…
ginccc
- 51
- 1
- 7
0
votes
1 answer
Programmatic authentication of a client
I'm using Keycloak OIDC to secure my REST application running on Quarkus (lets name it repository). I have another app that has to be protected with mutual TLS (lets call it api-service). Api-service is a client of repository. How to authorize…
0
votes
0 answers
Test container not able to pass quarkus environment variable
Currently, able to pass the DB username and password through test container but when trying to pass the "IfBuildProperty", the value is always null.
Achoday
- 1
0
votes
1 answer
I'm getting a ContextNotActiveException when trying to use a Custom TokensProducer with Quarkus RestClient ClientFilter
I am using the quarkus-oidc-client-filter in a Lambda calling an external service and that works brilliantly. Unfortunately, the calls to the Lambdas can be bursty. When a big burst hits after a quiet period I can get rate limited on calls to the…
Liam O'Rourke
- 11
- 4
0
votes
0 answers
Quarkus Custom authorization interceptors or filter
I have a Quarkus microservice doing authentication and authorization with Keycloak using quarkus-oidc and quarkus-keycloak-authorization extensions.
when i use quarkus.keycloak.policy-enforcer, reader & writer interceptors and container request &…
a.nayebi
- 21
- 3
0
votes
0 answers
oidc-client: grant.type=password additional grant options are not supported
I have just started playing around with quarkus-oidc-client to obtain tokens form our Ping-Identity server.
In case of quarkus.oidc-client.grant.type=password additional grant options are not supported as only password.username and password.password…
Thomas Kriechbaum
- 23
- 3
0
votes
2 answers
is there a smaple quarkus project with multiple named OidcClients to call multiple service calls?
am looking for a sample quarkus reactive project with multiple OidcClients to make multiple service calls?
Eg: DemoProject wants to call service A, B, C, D.
DemoProject used keycloak authorization with grant type as password.
Service A has…
ajith kumar
- 91
- 2
- 5
0
votes
2 answers
Quarkus OIDC redirect uri absolute path
I have a cloud load balancer/virtual server/firewall sitting in front of a collection of Quarkus pods that almost acts like a reverse proxy. Traffic comes in through that public entry point and is rerouted to the internal network.
We're using Azure…
kevin.conner
- 11
- 6