Does someone has recent experience, setting up Oauth2 with keycloak, locally for Ehrbase?
I followed the docs, however they have not been updated a while. When I try to run an api, it returns a connection refused:
org.springframework.security.oauth2.jwt.JwtDecoderInitializationException: Failed to lazily resolve the supplied JwtDecoder instance
…
…
Caused by: org.springframework.web.client.ResourceAccessException: I/O error on GET request for “http://localhost:8081/realms/ehrbase/.well-known/openid-configuration”: Connection refused
The host is accessible via my browser or api. It is only refused from my ehrbase container.
These are the env settings in the docker compose:
SECURITY_AUTHTYPE: OAUTH
SECURITY_OAUTH2USERROLE: USER
SECURITY_OAUTH2ADMINROLE: ADMIN
SPRING_SECURITY_OAUTH2_RESOURCESERVER_JWT_ISSUERURI: http://localhost:8081/realms/ehrbase
Since you are running ehrbase in a docker container, the Keycloak URL you configured there will point to the localhost of the ehrbase container (not your host machine) so that’s why it cannot connect to it.
From your browser you can access it because localhost references your host machine.
To fix this you can reference keycloak by it’s service name from the docker-compose file and by the port that is running inside the container and docker will handle the networking for it.
Hello, I’m trying to use Keycloak with EHRbase. Do you know how I can test the authentication? I’m just setting up the backend for other users to use it; I don’t have a client app. Is there any openEHR client that uses OAuth?
And the REST api details can be found here openEHR REST API | EHRbase Docs. (I suggest you use the List templates endpoint for a quick test, it requires an Admin User as far as I remember).
Also, you can use the Sandbox env. to to get some examples (that one has a graphical UI).