Java Spring: Accepting JWT
Accepting JWT Tokens from IndustryApps
Configuring your Third-Party Application to accept JWT tokens acquired from IndustryApps
JWT tokens would either be acquired from your Third-Party App’s existing Authentication system or from IndustryApp’s Keycloak authentication configuration.
Handling multiple JWT issuers with Spring Security 5
The following example illustrates how to provision multiple JWT issuers with the resource server in Spring Security 5 with WebSecurityConfigurerAdapter
.
_@Override
protected void configure(HttpSecurity http) throws Exception {
JwtIssuerAuthenticationManagerResolver authenticationManagerResolver = new JwtIssuerAuthenticationManagerResolver(
"https://iapp-keycloak/auth/realms/iapp-realm",
"http://thirdparty-app-existing-auth2/openid"
);
http.cors()
.and()
.authorizeRequests()
.anyRequest()
.authenticated()
.and()
.oauth2ResourceServer(oauth2 -> oauth2.authenticationManagerResolver(authenticationManagerResolver))
.csrf()
.disable();
}
Controller
Inside the controller implement the following:
@GetMapping(value = "/user/profile", produces = MediaType.APPLICATION_JSON_VALUE)
public User getUserProfile(@AuthenticationPrincipal Jwt principal, HttpServletRequest request) {
return new User("1", principal.getClaimAsString("preferred_username"));
}
This controller configuration will allow requests routed either via an IndustryApps JWT token or with your Third-Party Applications' JWT token.
Existing User Role Mapping with the IndustryApp JWT Token
For checking user roles we have to map your Third-Party App’s roles into Springs' UserDetailsService function using the JwtTokenFilter function feature to allow recognition of the roles.
Last updated