Keycloak Auth Project

A full-stack application demonstrating the integration of Keycloak (IAM), Spring Boot, and Angular 19.

🚀 Project Overview

This project follows a step-by-step learning approach to implement modern authentication and authorization.

• Level 1: Keycloak Setup (Docker, Realms, Clients, Roles, Users).
• Level 2: Spring Boot Backend Integration (OAuth2 Resource Server).
• Level 3: Angular Frontend Integration (Keycloak-Angular, Standalone Components).
• Level 4: Role-Based Access Control (RBAC) (Method-level security in Spring, UI-level security in Angular).

---

🏗️ Project Structure

Keycloak-Auth/
├── backend/            # Spring Boot Application (Port: 8081)
├── frontend/           # Angular 19 Application (Port: 4200)
├── docker-compose.yml  # Keycloak & PostgreSQL Setup
└── README.md           # Project Documentation

---

🛠️ Tech Stack

• IAM: Keycloak 24.0.0
• Database: PostgreSQL (for Keycloak)
• Backend: Spring Boot 3.4.x, Spring Security, Lombok
• Frontend: Angular 19, Keycloak-Angular 19.x, Keycloak-JS
• Containerization: Docker & Docker Compose

---

🚦 Getting Started

1. Infrastructure (Keycloak)

Start Keycloak and PostgreSQL using Docker:

docker compose up -d

• Admin Console: http://localhost:8080
• Credentials: admin / admin

2. Backend (Spring Boot)

Navigate to the backend directory and run:

cd backend
./mvnw spring-boot:run

• Base URL: http://localhost:8081/api

3. Frontend (Angular)

Navigate to the frontend directory and run:

cd frontend
npm install
npm start

• App URL: http://localhost:4200

---

🔐 Keycloak Configuration

• Realm: my-realm
• Client: my-app-client (Public, Standard Flow)
• Roles: USER, ADMIN
• Test User: testuser / password

---

🧪 Testing RBAC

1. Login as testuser.
2. Use the UI buttons to call:
   • Public API: Accessible to everyone.
   • User API: Requires USER role.
   • Admin API: Requires ADMIN role (Returns 403 if not assigned).