feat: make use of client-credentials in the keycloak admin client

BREAKING CHANGE: username password combination in the keycloak admin client is no longer supported

shogun-boot/src/test/resources/application-test.yml

@@ -37,14 +37,13 @@ spring:
 keycloak:
   enabled: true
   server-url: https://localhost/auth
-  username: admin
-  password: shogun
   master-realm: master
   admin-client-id: admin-cli
+  admin-client-secret: supersecret
   realm: SHOGun
   client-id: shogun-boot
   principal-attribute: preferred_username
-  disableHostnameVerification: true
+  disable-hostname-verification: true
 
 upload:
   basePath: /data

shogun-config/src/main/java/de/terrestris/shogun/config/KeycloakConfig.java

@@ -28,6 +28,8 @@
 import org.springframework.context.annotation.Bean;
 import org.springframework.context.annotation.Configuration;
 
+import static org.keycloak.OAuth2Constants.CLIENT_CREDENTIALS;
+
 /**
  * Credits to https://stackoverflow.com/questions/57787768/issues-running-example-keycloak-spring-boot-app
  */
@@ -47,9 +49,9 @@ public Keycloak keycloakAdminClient() {
         return KeycloakBuilder.builder()
             .serverUrl(keycloakProperties.getServerUrl())
             .realm(keycloakProperties.getMasterRealm())
-            .username(keycloakProperties.getUsername())
-            .password(keycloakProperties.getPassword())
             .clientId(keycloakProperties.getAdminClientId())
+            .clientSecret(keycloakProperties.getAdminClientSecret())
+            .grantType(CLIENT_CREDENTIALS)
             .resteasyClient(restClient)
             .build();
     }

shogun-config/src/main/java/de/terrestris/shogun/properties/KeycloakProperties.java

@@ -31,14 +31,12 @@ public class KeycloakProperties {
 
     private String serverUrl;
 
-    private String username;
-
-    private String password;
-
     private String masterRealm;
 
     private String adminClientId;
 
+    private String adminClientSecret;
+
     private String realm;
 
     private String clientId;

shogun-config/src/main/resources/application-base.yml

@@ -105,14 +105,13 @@ springdoc:
 keycloak:
   enabled: true
   server-url: https://${KEYCLOAK_HOST:shogun-keycloak}/auth
-  username: admin
-  password: shogun
-  master-realm: master
+  master-realm: SHOGun
   admin-client-id: admin-cli
+  admin-client-secret: ${KEYCLOAK_ADMIN_CLIENT_SECRET}
   realm: SHOGun
   client-id: shogun-boot
   principal-attribute: preferred_username
-  disableHostnameVerification: true
+  disable-hostname-verification: true
   extract-roles-from-resource: true
   extract-roles-from-realm: false
 

shogun-gs-interceptor/src/main/resources/application-interceptor.yml

@@ -35,11 +35,10 @@ interceptor:
 keycloak:
   enabled: true
   server-url: https://${KEYCLOAK_HOST:shogun-keycloak}/auth
-  username: admin
-  password: shogun
   master-realm: master
   admin-client-id: admin-cli
+  admin-client-secret: ${KEYCLOAK_ADMIN_CLIENT_SECRET}
   realm: SHOGun
   client-id: shogun-boot
   principal-attribute: preferred_username
-  disableHostnameVerification: true
+  disable-hostname-verification: true

shogun-proxy/src/main/resources/application-proxy.yml

@@ -28,11 +28,10 @@ shogun-proxy:
 keycloak:
   enabled: true
   server-url: https://${KEYCLOAK_HOST:shogun-keycloak}/auth
-  username: admin
-  password: shogun
   master-realm: master
   admin-client-id: admin-cli
+  admin-client-secret: ${KEYCLOAK_ADMIN_CLIENT_SECRET}
   realm: SHOGun
   client-id: shogun-boot
   principal-attribute: preferred_username
-  disableHostnameVerification: true
+  disable-hostname-verification: true

shogun-proxy/src/test/resources/application-proxy-test.yml

@@ -16,14 +16,13 @@
 keycloak:
   enabled: false
   server-url: https://localhost/auth
-  username: admin
-  password: shogun
   master-realm: master
   admin-client-id: admin-cli
+  admin-client-secret: supersecret
   realm: SHOGun
   client-id: shogun-boot
   principal-attribute: preferred_username
-  disableHostnameVerification: true
+  disable-hostname-verification: true
 
 spring:
   session: