Issue
I am using postman and spring boot, I use Keycloak for the authentication service. I make the request with postman to the Keycloak server which returns me a Bearear token which I then send to the spring server for authentication, but spring replies that the iss claim of the token is not valid.
Here is my code
Class configuration:
@Configuration
public class SecurityConfiguration extends WebSecurityConfigurerAdapter {
@Override
protected void configure(HttpSecurity http) throws Exception {
http.csrf().disable().sessionManagement().sessionCreationPolicy(SessionCreationPolicy.STATELESS).and().authorizeRequests()
.antMatchers(HttpMethod.OPTIONS, "/**").permitAll()
.antMatchers("/genere/**").permitAll()
.antMatchers("/valutazione/**").permitAll()
.antMatchers("/users/**").permitAll()
.antMatchers("/carrello/**").permitAll()
.antMatchers("/film/**").permitAll()
.anyRequest().authenticated().and().oauth2ResourceServer().jwt();
}
Class restController:
@RestController
public class HomeController {
@GetMapping("/")
@PreAuthorize("hasAuthority('user')")
public String home(@RequestParam(value="someValue") int value){
return "Welcome,"+ Util.getEmail()+" "+value+" !";
}
}
application.yaml
keycloak:
realm: demo
resource: spa-demo
auth-server-url: http://localhost:8080/realms/demo/account
spring:
security:
oauth2:
resourceserver:
jwt:
jwk-set-uri: http://localhost:8080/realms/demo/protocol/openid-connect/certs
issuer-uri: http://localhost:8080/realms/demo/
I start keyclaok with the command kc.bat start-dev in development mode.
Solution
the problem was the slash after the word demo in the issuer-uri. The correct form was:
issuer-uri: http://localhost:8080/realms/demo
Answered By - programmerconsociatio
Answer Checked By - Marilyn (JavaFixing Volunteer)
