This microservice is responsible for:
- Authenticating users via Keycloak
- Issuing and validating JWT tokens
- Producing Kafka user registration and logging events
- Java 21
- Spring Boot 3.4.4
- Spring Security (OAuth2 Resource Server)
- Keycloak (external identity provider)
- Kafka (event-based communication)
- PostgreSQL + Liquibase (optional for local persistence)
keycloak:
realm: greenpulse
auth-server-url: http://localhost:8180
resource: greenpulseclient
public-client: true
bearer-only: true
credentials:
secret: ${KEYCLOAK_SECRET}
admin:
username: ${KEYCLOAK_ADMIN_USERNAME:admin}
password: ${KEYCLOAK_ADMIN_PASSWORD:admin}
security:
oauth2:
resourceserver:
jwt:
issuer-uri: http://localhost:8180/realms/greenpulseMake sure to replace environment variables (e.g.,
KEYCLOAK_SECRET) in a secure way using.env.
All endpoints are secured with JWT tokens issued by Keycloak.
Roles such as ADMIN, MANAGER, and USER are extracted from:
realm_access.rolesExample JWT snippet:
"realm_access": {
"roles": ["USER", "ADMIN"]
}| Method | Endpoint | Description |
|---|---|---|
| POST | /auth/register |
Registering user |
| POST | /auth/login |
Logging user |
This service can produce Kafka events such as user registration and perform tasks like:
- Assigning roles
- Broadcasting registration to other services
{
"id": "UUID",
"username": "user",
"email": "user@example.com",
"status": "ENABLED",
"roles": ["USER"]
}./gradlew bootRunMake sure Kafka, Keycloak and other dependencies are up and configured.
- Keycloak Admin REST API Docs
- Spring Security OAuth2 Resource Server
- JWT Debugger
- Docker Compose Reference
- Prometheus
- Grafana
- Add unit tests for user role logic
- Add Swagger/OpenAPI documentation (optional)
- Monitoring
This project is licensed under the Apache License 2.0.