ivangfr/springboot-react-keycloak ivangfr/springboot-react-keycloak

  • Stars
    star
    398
  • Rank 108,325 (Top 3 %)
  • Language
    JavaScript
  • Created over 5 years ago
  • Updated 3 months ago
Twitter logo Share LinkedIn logo Share Facebook logo Share
ivangfr/springboot-react-keycloak
github

ivangfr

Reviews

There are no reviews yet. Be the first to send feedback to the community and the maintainers!

Repository Details

The goal of this project is to secure movies-app using Keycloak (with PKCE). movies-app consists of two applications: one is a Spring Boot Rest API called movies-api and another is a React application called movies-ui.

springboot-react-keycloak

The goal of this project is to secure movies-app using Keycloak(with PKCE). movies-app consists of two applications: one is a Spring Boot Rest API called movies-api and another is a React application called movies-ui.

Proof-of-Concepts & Articles

On ivangfr.github.io, I have compiled my Proof-of-Concepts (PoCs) and articles. You can easily search for the technology you are interested in by using the filter. Who knows, perhaps I have already implemented a PoC or written an article about what you are looking for.

Additional Readings

Project diagram

project-diagram

Applications

  • movies-api

    Spring Boot Web Java backend application that exposes a REST API to manage movies. Its secured endpoints can just be accessed if an access token (JWT) issued by Keycloak is provided.

    movies-api stores its data in a Mongo database.

    movie-api has the following endpoints

    Endpoint Secured Roles
    GET /api/userextras/me Yes MOVIES_MANAGER and USER
    POST /api/userextras/me -d {avatar} Yes MOVIES_MANAGER and USER
    GET /api/movies No
    GET /api/movies/{imdbId} No
    POST /api/movies -d {"imdb","title","director","year","poster"} Yes MOVIES_MANAGER
    DELETE /api/movies/{imdbId} Yes MANAGE_MOVIES
    POST /api/movies/{imdbId}/comments -d {"text"} Yes MOVIES_MANAGER and USER

  • movies-ui

    React frontend application where users can see and comment movies and admins can manage movies. In order to access the application, user / admin must login using his/her username and password. Those credentials are handled by Keycloak. All the requests coming from movies-ui to secured endpoints in movies-api have a access token (JWT) that is generated when user / admin logs in.

    movies-ui uses Semantic UI React as CSS-styled framework.

Prerequisites

  • Java 17+

  • npm

  • Docker

  • jq

  • OMDb API KEY

    To use the Wizard option to search and add a movie, you need to get an API KEY from OMDb API. In order to do it, access https://www.omdbapi.com/apikey.aspx and follow the steps provided by the website.

    Once you have the API KEY, create a file called .env.local in springboot-react-keycloak/movies-ui folder with the following content

    REACT_APP_OMDB_API_KEY=<your-api-key>

PKCE

As Keycloak supports PKCE (Proof Key for Code Exchange) since version 7.0.0, we are using it in this project.

Start Environment

  • In a terminal and inside springboot-react-keycloak root folder run

    docker compose up -d

  • Wait for all Docker containers to be up and running. To check it, run

    docker compose ps

Running movies-app using Maven & Npm

  • movies-api

    • Open a terminal and navigate to springboot-react-keycloak/movies-api folder

    • Run the following Maven command to start the application

      ./mvnw clean spring-boot:run -Dspring-boot.run.jvmArguments="-Dserver.port=9080"

      Once the startup finishes, KeycloakInitializerRunner.java class will run and initialize company-services realm in Keycloak. Basically, it will create:

      • Realm: company-services
      • Client: movies-app
      • Client Roles: MOVIES_MANAGER and USER
      • Two users
        • admin: with roles MANAGE_MOVIES and USER
        • user: only with role USER

    • We can also configure Social Identity Providers such as, GitHub, Google, Facebook and Instagram. I've written two articles in Medium where I explain step-by-step how to integrate GitHub and Google.

  • movies-ui

    • Open another terminal and navigate to springboot-react-keycloak/movies-ui folder

    • Run the command below if you are running the application for the first time

      npm install

    • Run the npm command below to start the application

      npm start

Applications URLs

Application URL Credentials
movie-api http://localhost:9080/swagger-ui.html Access Token
movie-ui http://localhost:3000 admin/admin or user/user
Keycloak http://localhost:8080/admin admin/admin

Demo

  • The gif below shows an admin logging in and adding one movie using the wizard feature

    demo-admin

  • The gif below shows a user logging in using his Github account; then he changes his avatar and comment a movie

    demo-user-github

Testing movies-api endpoints

You can manage movies by accessing directly movies-api endpoints using the Swagger website or curl. However, for the secured endpoints like POST /api/movies, PUT /api/movies/{id}, DELETE /api/movies/{id}, etc, you need to inform an access token issued by Keycloak.

Getting Access Token

  • Open a terminal

  • Run the following commands to get the access token

    ACCESS_TOKEN="$(curl -s -X POST \
  "http://localhost:8080/realms/company-services/protocol/openid-connect/token" \
  -H "Content-Type: application/x-www-form-urlencoded" \
  -d "username=admin" \
  -d "password=admin" \
  -d "grant_type=password" \
  -d "client_id=movies-app" | jq -r .access_token)"

echo $ACCESS_TOKEN

    Note: In jwt.io, you can decode and verify the JWT access token

Calling movies-api endpoints using curl

  • Trying to add a movie without access token

    curl -i -X POST "http://localhost:9080/api/movies" \
  -H "Content-Type: application/json" \
  -d '{ "imdbId": "tt5580036", "title": "I, Tonya", "director": "Craig Gillespie", "year": 2017, "poster": "https://m.media-amazon.com/images/M/MV5BMjI5MDY1NjYzMl5BMl5BanBnXkFtZTgwNjIzNDAxNDM@._V1_SX300.jpg"}'

    It should return

    HTTP/1.1 401

  • Trying again to add a movie, now with access token (obtained at #getting-access-token)

    curl -i -X POST "http://localhost:9080/api/movies" \
  -H "Authorization: Bearer $ACCESS_TOKEN" \
  -H "Content-Type: application/json" \
  -d '{ "imdbId": "tt5580036", "title": "I, Tonya", "director": "Craig Gillespie", "year": 2017, "poster": "https://m.media-amazon.com/images/M/MV5BMjI5MDY1NjYzMl5BMl5BanBnXkFtZTgwNjIzNDAxNDM@._V1_SX300.jpg"}'

    It should return

    HTTP/1.1 201
{
  "imdbId": "tt5580036",
  "title": "I, Tonya",
  "director": "Craig Gillespie",
  "year": "2017",
  "poster": "https://m.media-amazon.com/images/M/MV5BMjI5MDY1NjYzMl5BMl5BanBnXkFtZTgwNjIzNDAxNDM@._V1_SX300.jpg"
}

  • Getting the list of movies. This endpoint does not requires access token

    curl -i http://localhost:9080/api/movies

    It should return

    HTTP/1.1 200
[
  {
    "imdbId": "tt5580036",
    "title": "I, Tonya",
    "director": "Craig Gillespie",
    "year": "2017",
    "poster": "https://m.media-amazon.com/images/M/MV5BMjI5MDY1NjYzMl5BMl5BanBnXkFtZTgwNjIzNDAxNDM@._V1_SX300.jpg",
    "comments": []
  }
]

Calling movies-api endpoints using Swagger

  • Access movies-api Swagger website, http://localhost:9080/swagger-ui.html

  • Click Authorize button.

  • In the form that opens, paste the access token (obtained at getting-access-token) in the Value field. Then, click Authorize and Close to finalize.

  • Done! You can now access the secured endpoints

Useful Commands

  • MongoDB

    List all movies

    docker exec -it mongodb mongosh moviesdb
db.movies.find()

    Type exit to get out of MongoDB shell

Shutdown

  • To stop movies-api and movies-ui, go to the terminals where they are running and press Ctrl+C

  • To stop and remove docker compose containers, network and volumes, go to a terminal and, inside springboot-react-keycloak root folder, run the command below

    docker compose down -v

How to upgrade movies-ui dependencies to latest version

  • In a terminal, make sure you are in springboot-react-keycloak/movies-ui folder

  • Run the following commands

    npm upgrade
npm i -g npm-check-updates
ncu -u
npm install

More Repositories

1

keycloak-clustered

Keycloak-Clustered extends quay.io/keycloak/keycloak official Keycloak Docker image by adding JDBC_PING discovery protocol.
Shell
166
star
2

springboot-react-social-login

The goal of this project is to implement an application called movie-app to manage movies. For it, we will implement a back-end Spring Boot application called movie-api and a font-end React application called movie-ui. Besides, we will use OAuth2 (Social Login) to secure both applications.
Java
146
star
3

springboot-keycloak-openldap

The goal of this project is to create a simple Spring Boot REST API, called simple-service, and secure it with Keycloak. Furthermore, the API users will be loaded into Keycloak from OpenLDAP server.
Java
145
star
4

springboot-react-jwt-token

The goal of this project is to implement an application called order-app to manage orders. For it, we will implement a back-end Spring Boot application called order-api and a font-end React application called order-ui. Besides, we will use JWT Authentication to secure both applications.
Java
139
star
5

graalvm-quarkus-micronaut-springboot

The goal of this project is to compare some Java Microservice Frameworks like: Quarkus, Micronaut and Spring Boot. For it, we will implement applications using those frameworks, build their JVM and Native Docker images and measure start-up times, memory footprint, etc.
Shell
122
star
6

springboot-kafka-connect-jdbc-streams

Project goal: Explore Kafka, Kafka Connect, and Kafka Streams. Components: store-api: Inserts/updates MySQL records. Source Connectors: Monitor MySQL changes, push messages to Kafka. Sink Connectors: Listen to Kafka, insert/update Elasticsearch docs. store-streams: Listens to Kafka, processes with Kafka Streams, pushes new messages to Kafka.
Java
102
star
7

springboot-kafka-connect-debezium-ksqldb

Experiment with Kafka, Debezium, and ksqlDB. research-service: Performs MySQL record manipulation. Source Connectors: Monitor MySQL changes, push messages to Kafka. Sink Connectors and kafka-research-consumer: Listen to Kafka, insert/update Elasticsearch. ksqlDB-Server: Listens to Kafka, performs joins, and pushes new messages to new Kafka topics.
Java
79
star
8

springboot-react-basic-auth

The goal of this project is to implement an application called book-app to manage books. For it, we will implement a back-end Spring Boot application called book-api and a font-end React application called book-ui. Besides, we will use Basic Authentication to secure both applications.
Java
71
star
9

spring-cloud-stream-kafka-elasticsearch

The goal of this project is to implement a "News" processing pipeline composed of five Spring Boot applications: producer-api, categorizer-service, collector-service, publisher-api and news-client.
Java
66
star
10

springboot-elk-prometheus-grafana

The goal of this project is to implement a Spring Boot application, called movies-api, and use Filebeat & ELK Stack (Elasticsearch, Logstash and Kibana) to collect and visualize application's logs and Prometheus & Grafana to monitor application's metrics.
Java
53
star
11

springboot-kafka-websocket

The goal of this project is to implement two Spring Boot applications: bitcoin-api and bitcoin-client. The bitcoin-api application simulates BTC price changes, while the bitcoin-client application listens to these changes and updates a real-time UI. The bitcoin-client UI is secured using Basic Authentication.
Java
52
star
12

springboot-keycloak-mongodb-testcontainers

The goals of this project are: 1) Create a Spring Boot application that manages books, called book-service; 2) Use Keycloak as OpenID Connect Provider; 3) Test using Testcontainers; 4) Explore the utilities and annotations that Spring Boot provides when testing applications.
Java
35
star
13

springboot-ldap-testcontainers

The goal of this project is to create a simple Spring Boot REST API, named 'simple-service,' and secure it using the Spring Security LDAP module. Additionally, Testcontainers will be utilized for integration testing.
Java
33
star
14

axon-springboot-websocket

The goal is to explore Axon. We will develop a food-ordering app comprising 3 Spring Boot applications: customer-service, restaurant-service, and food-ordering-service. These services are implemented with CQRS and Event Sourcing, utilizing the Axon Framework. They connect to axon-server, which serves as the Event Store and Message Routing solution.
Java
29
star
15

spring-data-jpa-r2dbc-mysql-stream-million-records

In this project, we will implement two Spring Boot Java Web application called, streamer-data-jpa and streamer-data-r2dbc. They both will fetch 1 million of customer's data from MySQL and stream them to Kafka. The main goal is to compare the application's performance and resource utilization.
Java
26
star
16

spring-cloud-stream-event-sourcing-testcontainers

Goal: create a Spring Boot application that handles users using Event Sourcing. So, whenever a user is created, updated, or deleted, an event informing this change is sent to Kafka. Also, we will implement another application that listens to those events and saves them in Cassandra. Finally, we will use Testcontainers for end-to-end testing.
Java
25
star
17

springboot-graphql-databases

The goal of this project is to explore GraphQL. For it, we will implement two microservices: author-book-api and book-review-api.
Java
23
star
18

spring-webflux-reactive-databases

The goal of this project is to play with Spring WebFlux on client and server side. For it, we will implement some Spring Boot Java Web applications, product-api, customer-api, order-api and client-shell, and use reactive NoSQL database like Cassandra, MongoDB, Postgres and MySQL.
Java
23
star
19

springboot-kong-keycloak

Goal: create a Spring Boot app called book-service accessible only through the Kong API gateway. In Kong, the kong-oidc plugin will be installed, enabling communication between Kong and Keycloak. This setup ensures that when Kong receives a request for book-service, it validates the request in conjunction with Keycloak to ensure its authenticity.
Shell
23
star
20

socketio-express-phaser3

The goal of this project is to implement a multiplayer game using Socket.IO, Express and Phaser 3.
JavaScript
22
star
21

springboot-rsocket-webflux-aop

The goal of this project is to play with RSocket protocol. For it, we will implement three Spring Boot Java applications, movie-server, movie-client-shell and movie-client-ui. As storage, it's used the reactive NoSQL database MongoDB. All the streaming of movie events and the logging are handling by AOP (Aspect Oriented Programming).
Java
22
star
22

springboot-vault-examples

The goal of this project is to explore the capabilities of Vault. To achieve this, we will develop applications that utilize Vault for storing and retrieving secrets. Vault dynamically generates credentials for accessing databases and relies on Consul as the backend. The authentication method employed in Vault is AppRole.
Java
18
star
23

https-springboot-react

The goal of this project is to play with HTTPS and enable it in Spring Boot applications. For it, we will implement a Spring Boot Rest API that will have its endpoints ready to accept and server over HTTPS. Furthermore, a Spring Boot Shell Java application and a Frontend React application will be implemented to consume movies-api.
Java
17
star
24

kubernetes-minikube-environment

The goal of this project is have some examples using Kubernetes (Minikube)
Mustache
16
star
25

spring-kafka-de-serialization-types

The goal is to play with Spring Kafka. We've implemented 5 examples of producer and consumer services that exchanges messages through Kafka using different types of serialization and approaches.
Java
15
star
26

springboot-kong-plugins

The goal of this project is to create a simple Spring Boot REST API and securing it with Kong using the LDAP Authentication and Basic Authentication plugins. Besides, we will explore more plugins that Kong offers like: Rate Limiting and Prometheus plugins.
Shell
14
star
27

spring-data-jpa-relationships

The goal of this project is to study the JPA relationships: one-to-one, one-to-many / many-to-one, and many-to-many.
Java
14
star
28

ethereum-springboot-react

Goals: Implement an Ethereum Smart Contract called SoccerManager and deploy it to Ethereum Blockchain running locally; Implement 2 Spring Boot BE applications, ethereum-api and player-api, that uses Web3j to communicate with Ethereum blockchain; Implement 2 React FE applications, ethereum-ui and player-ui, that communicate to their respective BE.
Java
14
star
29

springboot-elasticsearch-thymeleaf

The goal of this project is to implement an application called product-app. It consists of two Spring Boot services: product-api (backend) and product-ui (frontend). Data will be stored in Elasticsearch
Java
13
star
30

okta-springboot-react

The goal of this project is to implement an application where a user can manage (create/read/update/delete) jobs. For it, we will create: a backend Restful API called jobs-api and a frontend user interface called jobs-ui. Furthermore, we will use Okta to secure the complete application.
JavaScript
13
star
31

spring-cloud-stream-event-routing-cloudevents

The goal of this project is to play with Spring Cloud Stream Event Routing and CloudEvents. For it, we will implement a producer and consumer of news & alert events.
Java
12
star
32

springboot-aws-localstack-dynamodb-lambda-sns-sqs

In this project, we are going to use LocalStack to simulate locally, some services provided by AWS Cloud such as: DynamoDB, Lambda, SNS and SQS. Also, in order to simplify the use of AWS managed services, we are going to use Spring Cloud AWS.
Java
12
star
33

web-reactive-jvm-native-cds-aot-virtual-threads

In this project, we’ll create six apps using Spring Boot, Quarkus, and Micronaut. For each framework, one app will use blocking Web with Tomcat, and the other will use non-blocking Reactive with Netty. We’ll build both JVM and Native Docker images. For Spring Boot, additional images will test configurations with Virtual Threads, CDS, and AOT
Java
11
star
34

springboot-jpa-studies

The goal of this project is to study JPA Batch Processing (i.e, insert / update / delete a set of records in a single command), JPA Locking and Datetime in JPA.
Java
10
star
35

spring-cloud-stream-kafka-multi-topics

The goal of this project is to create two applications: one as a Spring Boot producer and the other as a Spring Boot consumer. We'll be using Spring for Apache Kafka and Spring Cloud Stream.
Java
9
star
36

springboot-aws-localstack-opensearch-s3-secretsmanager

In this project, we are going to use LocalStack to simulate locally, some services provided by AWS Cloud such as OpenSearch, S3, and Secrets Manager. Also, in order to simplify the use of AWS managed services, we are going to use Spring Cloud AWS.
Java
9
star
37

springboot-proxysql-mysql

The goal of this project is to use ProxySQL to load balance requests from a Spring-Boot application to MySQL Replication Master-Slave Cluster.
Java
7
star
38

react-graphql-databases

The goal of this project is to implement two front-end React applications, author-book-ui and book-review-ui. They will consume the GraphQL endpoints of the two back-end (BE) applications present in the project springboot-graphql-databases, author-book-api and book-review-api.
JavaScript
7
star
39

knative-minikube-environment

The goal of this project is to set up Knative on Minikube, enabling the deployment and execution of Serverless applications.
Shell
6
star
40

springboot-gmail

The goal of this project is to implement a simple Spring Boot Web Java application that communicates with a GMail inbox account using GMail API.
Java
6
star
41

api-oha-benchmarker

api-oha-benchmarker is a tool to easily benchmark APIs. It uses Testcontainers to manage Docker containers. The load testing is done with OHA. To collect information like CPU and memory usage, it uses the docker stats command. It also uses cAdvisor to visually monitor CPU and memory usage.
Java
5
star
42

okta-springboot

The goal of this project is to develop a straightforward Spring Boot REST API application, named simple-service, which utilizes Okta for authentication handling.
Java
4
star
43

spring-integration-examples

The goal of this project is to learn String Integration Framework For it, we will implement some Spring Boot applications and try to use the well known Enterprise Integration Patterns.
Java
4
star
44

springboot-caching-neo4j

The goal of this project is to explore how caching works. To achieve this, we will implement a simple Spring Boot application called "restaurant-api." We will use Neo4j for storage and select one of the following solutions (Simple, Caffeine, or Redis) for caching.
Java
4
star
45

docker-swarm-environment

The goal of this project is to have some examples using Docker Swarm.
Shell
3
star
46

springboot-activemq-rabbitmq-delayed-messages

The goal of this project is to create an application that produces and consumes delayed messages randomly. Those messages are sent to ActiveMQ or RabbitMQ. The delayed broker to which the message is sent depends on a feature toggle defined in Unleash.
Java
3
star
47

spring-boot-grpc-client-server

This project aims to create two Spring Boot applications using gRPC: movie-grpc-server and movie-grpc-client. The movie-grpc-lib project defines the gRPC interface that both applications use.
Java
3
star
48

jenkins-dind-postman-newman

The goal of this project is to implement an Automation Testing for a fake online REST API called ReqRes. We will use: Jenkins, Docker-in-Docker (dind), Postman API Client and Newman
Dockerfile
2
star
49

box2dcreatejs

Box2DCreateJS is a powerful JavaScript library that combines the capabilities of the Box2D 2D Physics Engine with the comprehensive CreateJS suite of libraries and tools, including EaselJS and SoundJS, to provide a user-friendly solution for building HTML and JavaScript games.
JavaScript
2
star
50

springboot-testing-mysql

Goals: 1) Create a simple Spring Boot application to manage users; 2) Explore the utilities and annotations that Spring Boot provides for testing; 3) Test using Testcontainers.
Java
2
star
51

springboot-jsoup-html-parser

The goal of this project is to get a list of games and their scores from a website. The application must parse the website HTML content, get the necessary information, save the game score data in a database and expose them through a REST API.
HTML
2
star
52

spring-boot-nginx-keycloak-cluster

The goal of this project is to use Nginx as a reverse proxy and load balancer for a Keycloak cluster with two instances and a Spring Boot application, called simple-service, also with two instances. The simple-service app will use Keycloak for IAM.
Shell
2
star
53

kubeless-minikube-environment

The goal of this project is to setup Kubeless in Minikube and then, deploy and run some functions.
Java
1
star
54

springboot-mesos-marathon-keycloak-openldap

The goal of this project is to create a simple REST API, called simple-service, and secure it with Keycloak. The API users will be loaded from OpenLDAP server. Furthermore, we will start Mesos / Marathon environment, so that we can deploy Keycloak and simple-service in it.
Java
1
star
55

calculatorws

CalculatorWS is a REST web service implemented in Java using the framework Spring Boot. It uses RabbitMQ for the communications between two modules that exists in the WS, Rest and Calculator.
Java
1
star