Skip to content
/ auth-exchange-token Public

This project is created for software developers who want to integrate Keycloak into their systems to enable secure user login and token exchange with Google. Eventually, this will allow users who signin to Keycloak to access Google APIs, such as Calendar, Youtube, Email, etc.

0 stars 0 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

czetsuyatech/auth-exchange-token

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

12 Commits
docker
docker
 
 
docs/keycloak
docs/keycloak
 
 
src/main
src/main
 
 
.gitignore
.gitignore
 
 
README.md
README.md
 
 
pom.xml
pom.xml
 
 

Repository files navigation

Auth Exchange - Keycloak Google Token Exchange

This project is created for software developers who want to integrate Keycloak into their systems to enable secure user login and token exchange with Google. Eventually, this will allow users who signin to Keycloak to access Google APIs, such as Calendar, Youtube, Email, etc.

This version extracts the access token from Spring's OAuth2AuthenticationToken.

How to Use

Keycloak

A docker compose file is provide to start a custom docker container (Dockerfile.keycloak).

docker-compose up

Import the realm from the docs folder (realm-export.json).

This realm already contains the configuration for Google Identity provider. Make sure to update the Client ID and secret.

Under the clients' tab, click web-front, and open the credentials tab. Take note of the Client's secret.

Project Configuration

Application Property File

File: src/main/resources/application.yml

Set the following environment variables or modify the property file.

  • KEYCLOAK_CLIENT_SECRET

Keycloak JSON Config

File: src/main/resources/keycloak.json

Set the Keycloak's secret value.

Dockerized Container

A Dockerfile is provided under the docker folder. To build the project from a docker image:

docker build -f ./docker/Dockerfile -t czetsuyatech/auth-exchange-token

Testing Steps

  1. Run the docker compose file in the docker folder.
docker-compose up
  1. Run the application.
  2. Open your web browser and navigate to http://localhost:8081, it will redirect to Keycloak login page.
  3. Click "Save token". It will store the access and refresh token in the database.
  4. Click "Calendar entries". It will generate a new access token from the refresh token stored in the database. This access token will be exchanged for Google access token to be able to call the Google API.
  5. A job can be run to generate a new refresh token.

References

About

This project is created for software developers who want to integrate Keycloak into their systems to enable secure user login and token exchange with Google. Eventually, this will allow users who signin to Keycloak to access Google APIs, such as Calendar, Youtube, Email, etc.

Topics

google keycloak token-exchange

Resources

Readme
Activity
Custom properties

Stars

0 stars

Watchers

3 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages