Quarkus + React + Keycloak Integration

This project an integration between a Quarkus backend and a React frontend using Keycloak as the authentication provider.

Authentication Flow

1. The user accesses the frontend application URL.
2. The React app uses keycloak-js to check whether the user is authenticated.
3. If the user is not authenticated, they are redirected to the Keycloak login page.
4. After successful login, the user is redirected back to the frontend. user can register (you can enable or disable it from realm config)
5. The frontend receives a valid JWT token from Keycloak.

User Synchronization

When a user registers via Keycloak the user will be exist in keycloak but not exist in the application's backend database. to solve it use Just-In-Time (JIT).

Just-In-Time (JIT)

In Frontend

• On each session, the frontend calls: GET /api/me

  const res = await fetch('http://localhost:8080/api/me', {
            method: 'GET',
            headers: {
                Authorization: `Bearer ${keycloak.token}`
            }

In Backend

• The backend extracts user information from the JWT token.
• It checks whether the user exists in the database.
• If the user does not exist:
  • A new user is automatically created.

Configuration

You can modify authentication behavior in the Keycloak realm configuration, including:

• Enabling/disabling user registration
• Email verification
• Password reset (forgot password)

Note: Email-related features require proper SMTP configuration with valid credentials.

Running the Project

docker compose up --build