added support for Keycloak

Author: anirbandas18

db-scripts/mariadb-schema.sql

@@ -64,7 +64,7 @@ CREATE TABLE `user_account` (
   `last_name` VARCHAR(255) DEFAULT NULL,
   `locked` BIT(1) NOT NULL,
   `password` VARCHAR(60) DEFAULT NULL,
-  `provider` ENUM('LOCAL','FACEBOOK','GOOGLE','APPLE') DEFAULT NULL,
+  `provider` ENUM('LOCAL','FACEBOOK','GOOGLE','APPLE','KEYCLOAK') DEFAULT NULL,
   `registration_date` DATETIME(6) DEFAULT NULL,
   `failed_login_attempts` INT(11) NOT NULL,
   `locked_date` DATETIME(6) DEFAULT NULL,

src/main/java/com/digitalsanctuary/spring/user/controller/UserPageController.java

@@ -27,12 +27,15 @@ public class UserPageController {
 	@Value("${user.registration.googleEnabled}")
 	private boolean googleEnabled;
 
+	@Value("${user.registration.keycloakEnabled}")
+	private boolean keycloakEnabled;
+
 	/**
 	 * Login Page.
 	 *
 	 * @param userDetails the user details
-	 * @param session     the session
-	 * @param model       the model
+	 * @param session the session
+	 * @param model the model
 	 *
 	 * @return the string
 	 */
@@ -45,15 +48,16 @@ public String login(@AuthenticationPrincipal DSUserDetails userDetails, HttpSess
 		}
 		model.addAttribute("googleEnabled", googleEnabled);
 		model.addAttribute("facebookEnabled", facebookEnabled);
+		model.addAttribute("keycloakEnabled", keycloakEnabled);
 		return "user/login";
 	}
 
 	/**
 	 * Register Page.
 	 *
 	 * @param userDetails the user details
-	 * @param session     the session
-	 * @param model       the model
+	 * @param session the session
+	 * @param model the model
 	 * @return the string
 	 */
 	@GetMapping("${user.security.registrationURI:/user/register.html}")
@@ -65,6 +69,7 @@ public String register(@AuthenticationPrincipal DSUserDetails userDetails, HttpS
 		}
 		model.addAttribute("googleEnabled", googleEnabled);
 		model.addAttribute("facebookEnabled", facebookEnabled);
+		model.addAttribute("keycloakEnabled", keycloakEnabled);
 		return "user/register";
 	}
 
@@ -82,8 +87,8 @@ public String registrationPending() {
 	 * Registration complete.
 	 *
 	 * @param userDetails the user details
-	 * @param session     the session
-	 * @param model       the model
+	 * @param session the session
+	 * @param model the model
 	 *
 	 * @return the string
 	 */
@@ -134,10 +139,11 @@ public String forgotPasswordChange() {
 		return "user/forgot-password-change";
 	}
 
+
 	/**
 	 * @param userDetails the user details
-	 * @param request     the request
-	 * @param model       the model
+	 * @param request the request
+	 * @param model the model
 	 * @return String
 	 */
 	@GetMapping("${user.security.updateUserURI:/user/update-user.html}")

src/main/java/com/digitalsanctuary/spring/user/persistence/model/User.java

@@ -40,7 +40,12 @@ public enum Provider {
 		/**
 		 * Login using Apple as the authentication provider.
 		 */
-		APPLE
+		APPLE,
+
+		/**
+		 * Login using Keycloak as the authentication provider.
+		 */
+		KEYCLOAK
 	}
 
 	/** The id. */

src/main/java/com/digitalsanctuary/spring/user/service/DSOAuth2UserService.java

@@ -57,6 +57,8 @@ public User handleOAuthLoginSuccess(String registrationId, OAuth2User oAuth2User
             user = getUserFromGoogleOAuth2User(oAuth2User);
         } else if (registrationId.equalsIgnoreCase("facebook")) {
             user = getUserFromFacebookOAuth2User(oAuth2User);
+        } else if (registrationId.equalsIgnoreCase("keycloak")) {
+            user = getUserFromKeycloakOAuth2User(oAuth2User);
         } else {
             log.error("Sorry! Login with " + registrationId + " is not supported yet.");
             throw new OAuth2AuthenticationException(new OAuth2Error("Login Exception"),
@@ -141,6 +143,28 @@ public User getUserFromGoogleOAuth2User(OAuth2User principal) {
         return user;
     }
 
+    /**
+     *
+     * Retrieves user information from a Keycloak OAuth2User object.
+     *
+     * @param principal The OAuth2User object containing information about the authenticated user.
+     * @return A User object representing the authenticated user.
+     */
+    public User getUserFromKeycloakOAuth2User(OAuth2User principal) {
+        log.debug("Getting user info from Google OAuth2 provider with principal: {}", principal);
+        if (principal == null) {
+            return null;
+        }
+        log.debug("Principal attributes: {}", principal.getAttributes());
+        User user = new User();
+        user.setEmail(principal.getAttribute("email"));
+        user.setFirstName(principal.getAttribute("firstName"));
+        user.setLastName(principal.getAttribute("lastName"));
+        user.setId(principal.getAttribute("lastName"));
+        user.setProvider(User.Provider.KEYCLOAK);
+        return user;
+    }
+
     /**
      * Retrieves user information from a Facebook OAuth2User object.
      *

src/main/resources/META-INF/additional-spring-configuration-metadata.json

@@ -10,6 +10,11 @@
       "type": "java.lang.String",
       "description": "A description for 'user.registration.google-enabled'"
     },
+    {
+      "name": "user.registration.keycloak-enabled",
+      "type": "java.lang.String",
+      "description": "A description for 'user.registration.keycloak-enabled'"
+    },
     {
       "name": "user.registration.send-verification-email",
       "type": "java.lang.String",

src/main/resources/config/dsspringuserconfig.properties

@@ -29,6 +29,8 @@ user.registration.googleEnabled=false
 # If true, Facebook OAuth2 will be enabled for registration.
 user.registration.facebookEnabled=false
 
+# If true, Keycloak OAuth2 will be enabled for registration.
+user.registration.keycloakEnabled=false
 
 
 # The number of failed login attempts before the user account is locked out.  Set this to 0 to disable account lockout.