At the moment this feature branch has code on it that forces users who access protected endpoints in the application to be redirected to a Keycloak OAuth2 login page. If the provided user is in the system, they are granted access to the /survey/results endpoint.
Prior to merging to the main branch, the following additional changes need to be made:
Configure role-based authorization for the endpoint. If a user is authenticated they also need to have the ROLE_OWNER assigned before gaining access to the endpoint
Build and deploy a custom Keycloak distribution that has client-bound traffic secured over https. It should also run on a public cloud while easily auto-scaling to 0 instances when not in use.
Setup logout handlers in Spring Boot application and add unit tests for additional functionality
When merged this PR fixes #6.
At the moment this feature branch has code on it that forces users who access protected endpoints in the application to be redirected to a Keycloak OAuth2 login page. If the provided user is in the system, they are granted access to the /survey/results endpoint.
Prior to merging to the main branch, the following additional changes need to be made:
References: