Part 2: Simplify Security in Kubernetes with Keycloak and Dapr: A Comprehensive Integration Guide

This post is a continuation of Part 1: Simplify Security in Kubernetes with Keycloak and Dapr: A Comprehensive Integration Guide.

This part will explore another Oauth2 Client Credentials middleware component of Dapr for the same step we had in Part 1. We will only replace the middleware.http.oauth2 with middleware.http.oauth2clientcredentials

We will create a new oauth2clientcred.yaml with content similar to oauth2 config with additional differences of headerName and endpointParamsQuery

apiVersion: dapr.io/v1alpha1
kind: Component
metadata:
  name: oauth2
spec:
  type: middleware.http.oauth2clientcredentials
  version: v1
  metadata:
  - name: clientId
    value: "dapr-demo"
  - name: clientSecret
    value: "<secret>"
  - name: scopes
    value: "openid profile"
  - name: authURL
    value: "http://<keycloak-server>/realms/demo/protocol/openid-connect/auth"
  - name: tokenURL
    value: "http://<keycloak-server>/realms/demo/protocol/openid-connect/token"
  - name: redirectURL
    value: "<Kube cluster IP>"
  - name: headerName
    value: "authorization"
  - name: endpointParamsQuery
    value: "state=randomtext"

Update the Pipeline.yaml with HTTP handlers type to `middleware.http.oauth2clientcredentials`

kind: Configuration
metadata:
  name: pipeline
spec:
  tracing:
    samplingRate: "1"
    zipkin:
      endpointAddress…