I want to automate the login of a spring cloud gateway to automatically authenticate via the grant client_credentials. For this purpose I wish to access a "login" route. Spring Security should handle an automated login with the properties provided.
The Authentication Server I use is keycloak.
This is my application.properties file:
spring.security.oauth2.client.provider.frontend.token-uri=localhost:8180/auth/realms/master/protocol/openid-connect/token
spring.security.oauth2.client.registration.frontend.client-id=test
spring.security.oauth2.client.registration.frontend.client-secret=b34daea4-0334-4ec3-a5bf-1b52daaf5346
spring.security.oauth2.client.registration.frontend.authorization-grant-type=client_credentials
And this is my Spring Security configuration:
@Configuration
@Order(1)
public static class ApiWebSecurityConfig extends WebSecurityConfigurerAdapter {
@Override
protected void configure(HttpSecurity http) throws Exception {
http
.antMatcher("/login").authorizeRequests().anyRequest().permitAll().and()
.oauth2Login();
}
}
When I access the login route keycloak responds with a html page so that I have to login. I want this automated, in german it's called "Dunkelverarbeitung" stuff that happens without the user seeing it.
Is it possible to make spring security login automatically with the client id and client secret provided in application properties?