Authors
and is from the open sourced Cloud Native Starter project.The example doesn't use a frontend UI for the Authentication. The JUnit test will authenticate with the Keycloak REST API.Authors
Microservice application supports a protected login with JWT and the specific REST call getAuthors
is protected by a specific user role. The image below contains a simplified architecture overview of the example which runs on the local machine, here you see:JUnit
test and Authors Microservice are running on a OpenLiberty
serverAuthors
Microservice is build with MicroProfileJWT
Key is saved on the OpenLiberty server in the Authors
Microservice using MicroProfile configuration​JUnit
test requests a bearer token
to access the Authors
serviceKeycloak
Authors
Microservice using Keycloak
, OpenLiberty
, MicroProfile
and JWT
, is shown in the sequence diagram below.JUnit
test called Test_GetAuthors
. The test invokes the private operation getToken
.Keycloak
using a REST Endpoint (http://localhost:8282/auth/realms/protocol/openid-connect/token). The request contains the needed Keycloak data for the authorization as parameters to get the bearer token
.bearer token
does contain the Java Web Token
, which is protected with the RS256 (RSA Signature with SHA-256)
. RS256
is a JWT signing algorithm.getAuthorAuthorized
.Authors
REST Endpoint (http://localhost:3000/api/v1/getAuthor) is invoked using the bearer token we got from Keycloak, which contains the JWT. The JWT does contain all needed information such as user, role and soon. Authors
Microservice application, that will be done automatically,, by using the given RS256 signed Key
for the JWT in our Microservice application on the OpenLiberty
server. When the provided Key is validated, the JWT can be used to access the REST Endpoint of the Authors Microservice.JavaWebToken
contain the right role to access the information?server.xml
of OpenLibertyAuthorsApplication
classGetAuthor
classAuthors
MicroserviceAuthors
Microservice and KeycloakAuthors
Microservice response in the JUnit test