Java Microservices with Spring Cloud Config and JHipster

Developer Blog Comments
4

Raul Rotundo

Hi Brian!

Thanks for your response, this is what I got:

jwtAuthenticationToken:


jwtAuthenticationToken: org.springframework.security.oauth2.server.resource.authentication.JwtAuthenticationToken@3d4af8fe: Principal: org.springframework.security.oauth2.jwt.Jwt@f47b3487; Credentials: [PROTECTED]; Authenticated: true; Details: org.springframework.security.web.authentication.WebAuthenticationDetails@ffffe21a: RemoteIpAddress: 172.18.0.7; SessionId: null; Granted Authorities: SCOPE_openid, SCOPE_jhipster, SCOPE_email, SCOPE_offline_access, SCOPE_profile, SCOPE_address, SCOPE_phone

jwtAuthenticationToken.getTokenAttributes():


{sub=4c973896-5761-41fc-8217-07c5d13a004b, resource_access={“account”:{“roles”:[“manage-account”,“manage-account-links”,“view-profile”]}}, email_verified=true, address={}, allowed-origins=[“http://localhost:8080/","http://localhost:8100/”,“http://127.0.0.1:8761/","http://localhost:9000/”], iss=http://keycloak:9080/auth/realms/jhipster, typ=Bearer, preferred_username=admin, given_name=Admin, aud=[account], acr=0, nbf=1970-01-01T00:00:00Z, realm_access={“roles”:[“ROLE_USER”,“offline_access”,“ROLE_ADMIN”,“uma_authorization”]}, azp=web_app, auth_time=1558781630, scope=openid jhipster email offline_access profile address phone, name=Admin Administrator, exp=2019-05-25T11:06:17Z, session_state=160e0882-155f-40dc-bdf8-46d0f846738c, iat=2019-05-25T11:01:17Z, family_name=Administrator, jti=5d413238-1859-4d3b-89fc-62581205dd33, email=admin@localhost}

jwtAuthenticationToken.getName() (User ID):


4c973896-5761-41fc-8217-07c5d13a004b

As you can see on jwtAuthenticationToken.getTokenAttributes() logs, there is no “groups” claim set, how can I do this on keycloak and okta?

Another question is why this is not working if I can see “Roles” claims and it’s also present ROLE_ADMIN on that?

By the way, this is what I got when I generated a jhipster microservices application (Registry, Gateway, a Microservice, Keycloak, etc…) using Jhipster version 6.0.1 without any modification, same way Matt did in order to create this post.

Regards,

Raul